diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index abda3b1..c77b21e 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -11,24 +11,5 @@ on: # See also commands.yml for the /backport triggered variant of this workflow. jobs: - # NOTE(negz): I tested many backport GitHub actions before landing on this - # one. Many do not support merge commits, or do not support pull requests with - # more than one commit. This one does. It also handily links backport PRs with - # new PRs, and provides commentary and instructions when it can't backport. - # The main gotchas with this action are that it _only_ supports merge commits, - # and that PRs _must_ be labelled before they're merged to trigger a backport. - open-pr: - runs-on: ubuntu-22.04 - if: github.event.pull_request.merged - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - - name: Open Backport PR - uses: zeebe-io/backport-action@v0.0.8 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - github_workspace: ${{ github.workspace }} - version: v0.0.8 + backport: + uses: upbound/uptest/.github/workflows/provider-backport.yml@main diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 539a13a..30d2912 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -10,7 +10,7 @@ on: env: # Common versions - GO_VERSION: '1.19' + GO_VERSION: '1.21' GOLANGCI_VERSION: 'v1.50.0' DOCKER_BUILDX_VERSION: 'v0.8.2' @@ -27,12 +27,38 @@ jobs: steps: - name: Detect No-op Changes id: noop - uses: fkirc/skip-duplicate-actions@v2.0.0 + uses: fkirc/skip-duplicate-actions@v5.3.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} paths_ignore: '["**.md", "**.png", "**.jpg"]' do_not_skip: '["workflow_dispatch", "schedule", "push"]' + report-breaking-changes: + runs-on: ubuntu-22.04 + needs: detect-noop + if: needs.detect-noop.outputs.noop != 'true' + steps: + - name: Checkout + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 #v3 + with: + submodules: true + + - name: Get modified CRDs + id: modified-crds + uses: tj-actions/changed-files@v34 + with: + files: | + package/crds/** + - name: Report breaking CRD OpenAPI v3 schema changes + if: steps.modified-crds.outputs.any_changed == 'true' + env: + MODIFIED_CRD_LIST: ${{ steps.modified-crds.outputs.all_changed_files }} + run: | + make crddiff + - name: Report native schema version changes + if: ${{ inputs.upjet-based-provider }} + run: | + make schema-version-diff lint: runs-on: ubuntu-22.04 @@ -41,28 +67,28 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 #v3 with: submodules: true - name: Setup Go - uses: actions/setup-go@v2 + uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3 with: go-version: ${{ env.GO_VERSION }} - name: Find the Go Build Cache id: go - run: echo "::set-output name=cache::$(make go.cachedir)" + run: echo "cache=$(make go.cachedir)" >> $GITHUB_OUTPUT - name: Cache the Go Build Cache - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: ${{ steps.go.outputs.cache }} key: ${{ runner.os }}-build-lint-${{ hashFiles('**/go.sum') }} restore-keys: ${{ runner.os }}-build-lint- - name: Cache Go Dependencies - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: .work/pkg key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }} @@ -71,12 +97,8 @@ jobs: - name: Vendor Dependencies run: make vendor vendor.check - # We could run 'make lint' but we prefer this action because it leaves - # 'annotations' (i.e. it comments on PRs to point out linter violations). - - name: Lint - uses: golangci/golangci-lint-action@v3 - with: - version: ${{ env.GOLANGCI_VERSION }} + - name: Vendor Dependencies + run: make lint check-diff: runs-on: ubuntu-22.04 @@ -85,12 +107,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 #v3 with: submodules: true - name: Setup Go - uses: actions/setup-go@v2 + uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3 with: go-version: ${{ env.GO_VERSION }} @@ -99,17 +121,17 @@ jobs: - name: Find the Go Build Cache id: go - run: echo "::set-output name=cache::$(make go.cachedir)" + run: echo "cache=$(make go.cachedir)" >> $GITHUB_OUTPUT - name: Cache the Go Build Cache - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: ${{ steps.go.outputs.cache }} key: ${{ runner.os }}-build-check-diff-${{ hashFiles('**/go.sum') }} restore-keys: ${{ runner.os }}-build-check-diff- - name: Cache Go Dependencies - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: .work/pkg key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }} @@ -128,7 +150,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 #v3 with: submodules: true @@ -136,23 +158,23 @@ jobs: run: git fetch --prune --unshallow - name: Setup Go - uses: actions/setup-go@v2 + uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3 with: go-version: ${{ env.GO_VERSION }} - name: Find the Go Build Cache id: go - run: echo "::set-output name=cache::$(make go.cachedir)" + run: echo "cache=$(make go.cachedir)" >> $GITHUB_OUTPUT - name: Cache the Go Build Cache - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: ${{ steps.go.outputs.cache }} key: ${{ runner.os }}-build-unit-tests-${{ hashFiles('**/go.sum') }} restore-keys: ${{ runner.os }}-build-unit-tests- - name: Cache Go Dependencies - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: .work/pkg key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }} @@ -165,7 +187,7 @@ jobs: run: make -j2 test - name: Publish Unit Test Coverage - uses: codecov/codecov-action@v1 + uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3 with: flags: unittests file: _output/tests/linux_amd64/coverage.txt @@ -177,7 +199,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 #v3 with: submodules: true @@ -185,23 +207,23 @@ jobs: run: git fetch --prune --unshallow - name: Setup Go - uses: actions/setup-go@v2 + uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3 with: go-version: ${{ env.GO_VERSION }} - name: Find the Go Build Cache id: go - run: echo "::set-output name=cache::$(make go.cachedir)" + run: echo "cache=$(make go.cachedir)" >> $GITHUB_OUTPUT - name: Cache the Go Build Cache - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: ${{ steps.go.outputs.cache }} key: ${{ runner.os }}-build-unit-tests-${{ hashFiles('**/go.sum') }} restore-keys: ${{ runner.os }}-build-unit-tests- - name: Cache Go Dependencies - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: .work/pkg key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }} @@ -220,18 +242,18 @@ jobs: steps: - name: Setup QEMU - uses: docker/setup-qemu-action@v1 + uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2 with: platforms: all - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@v2 with: version: ${{ env.DOCKER_BUILDX_VERSION }} install: true - name: Login to Upbound - uses: docker/login-action@v1 + uses: docker/login-action@v2 if: env.UPBOUND_MARKETPLACE_PUSH_ROBOT_USR != '' with: registry: xpkg.upbound.io @@ -246,7 +268,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 #v3 with: submodules: true @@ -254,23 +276,23 @@ jobs: run: git fetch --prune --unshallow - name: Setup Go - uses: actions/setup-go@v2 + uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3 with: go-version: ${{ env.GO_VERSION }} - name: Find the Go Build Cache id: go - run: echo "::set-output name=cache::$(make go.cachedir)" + run: echo "cache=$(make go.cachedir)" >> $GITHUB_OUTPUT - name: Cache the Go Build Cache - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: ${{ steps.go.outputs.cache }} key: ${{ runner.os }}-build-publish-artifacts-${{ hashFiles('**/go.sum') }} restore-keys: ${{ runner.os }}-build-publish-artifacts- - name: Cache Go Dependencies - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: .work/pkg key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }} @@ -287,7 +309,7 @@ jobs: BUILD_ARGS: "--load" - name: Upload Artifacts to GitHub - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 #v3 with: name: output path: _output/** diff --git a/.github/workflows/commands.yml b/.github/workflows/commands.yml index d300a4a..cbbd0db 100644 --- a/.github/workflows/commands.yml +++ b/.github/workflows/commands.yml @@ -3,29 +3,5 @@ name: Comment Commands on: issue_comment jobs: - backport: - runs-on: ubuntu-22.04 - if: github.event.issue.pull_request && startsWith(github.event.comment.body, '/backport') - steps: - - name: Extract Command - id: command - uses: xt0rted/slash-command-action@v1 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - command: backport - reaction: "true" - reaction-type: "eyes" - allow-edits: "false" - permission-level: write - - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - - name: Open Backport PR - uses: zeebe-io/backport-action@v0.0.4 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - github_workspace: ${{ github.workspace }} - version: v0.0.4 + comment-commands: + uses: upbound/uptest/.github/workflows/provider-commands.yml@main diff --git a/.github/workflows/tag.yaml b/.github/workflows/tag.yaml index 96a8af7..7098f3c 100644 --- a/.github/workflows/tag.yaml +++ b/.github/workflows/tag.yaml @@ -11,16 +11,8 @@ on: required: true jobs: - create-tag: - runs-on: ubuntu-22.04 - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Create Tag - uses: negz/create-tag@v1 - with: - version: ${{ github.event.inputs.version }} - message: ${{ github.event.inputs.message }} - token: ${{ secrets.GITHUB_TOKEN }} + tag: + uses: upbound/uptest/.github/workflows/provider-tag.yml@main + with: + version: ${{ github.event.inputs.version }} + message: ${{ github.event.inputs.message }} diff --git a/Makefile b/Makefile index f109ebf..b562866 100644 --- a/Makefile +++ b/Makefile @@ -4,7 +4,7 @@ PROJECT_NAME := provider-cloudflare PROJECT_REPO := github.com/cdloh/$(PROJECT_NAME) -export TERRAFORM_VERSION := 1.3.3 +export TERRAFORM_VERSION := 1.5.5 export TERRAFORM_PROVIDER_SOURCE := cloudflare/cloudflare export TERRAFORM_PROVIDER_REPO := https://github.com/cloudflare/terraform-provider-cloudflare @@ -38,8 +38,8 @@ NPROCS ?= 1 # to half the number of CPU cores. GO_TEST_PARALLEL := $(shell echo $$(( $(NPROCS) / 2 ))) -GO_REQUIRED_VERSION ?= 1.19 -GOLANGCILINT_VERSION ?= 1.50.0 +GO_REQUIRED_VERSION ?= 1.21 +GOLANGCILINT_VERSION ?= 1.55.2 GO_STATIC_PACKAGES = $(GO_PROJECT)/cmd/provider $(GO_PROJECT)/cmd/generator GO_LDFLAGS += -X $(GO_PROJECT)/internal/version.Version=$(VERSION) GO_SUBDIRS += cmd internal apis @@ -48,10 +48,17 @@ GO_SUBDIRS += cmd internal apis # ==================================================================================== # Setup Kubernetes tools -KIND_VERSION = v0.15.0 -UP_VERSION = v0.14.0 +KIND_VERSION = v0.21.0 +UP_VERSION = v0.20.0 UP_CHANNEL = stable -UPTEST_VERSION = v0.2.1 +UPTEST_VERSION = v0.11.1 +KUSTOMIZE_VERSION = v5.3.0 +YQ_VERSION = v4.40.5 +UXP_VERSION = 1.14.6-up.1 + +export UP_VERSION := $(UP_VERSION) +export UP_CHANNEL := $(UP_CHANNEL) + -include build/makelib/k8s_tools.mk # ==================================================================================== @@ -71,14 +78,6 @@ XPKG_REG_ORGS_NO_PROMOTE ?= xpkg.upbound.io/upbound XPKGS = $(PROJECT_NAME) -include build/makelib/xpkg.mk -# NOTE(hasheddan): we force image building to happen prior to xpkg build so that -# we ensure image is present in daemon. -xpkg.build.provider-cloudflare: do.build.images - -# NOTE(hasheddan): we ensure up is installed prior to running platform-specific -# build steps in parallel to avoid encountering an installation race condition. -build.init: $(UP) - # ==================================================================================== # Fallthrough @@ -93,6 +92,14 @@ fallthrough: submodules @echo Initial setup complete. Running make again . . . @make +# NOTE(hasheddan): we force image building to happen prior to xpkg build so that +# we ensure image is present in daemon. +xpkg.build.upjet-provider-template: do.build.images + +# NOTE(hasheddan): we ensure up is installed prior to running platform-specific +# build steps in parallel to avoid encountering an installation race condition. +build.init: $(UP) + # ==================================================================================== # Setup Terraform for fetching provider schema TERRAFORM := $(TOOLS_HOST_DIR)/terraform-$(TERRAFORM_VERSION) @@ -164,9 +171,23 @@ CROSSPLANE_NAMESPACE = upbound-system -include build/makelib/local.xpkg.mk -include build/makelib/controlplane.mk +# This target requires the following environment variables to be set: +# - UPTEST_EXAMPLE_LIST, a comma-separated list of examples to test +# To ensure the proper functioning of the end-to-end test resource pre-deletion hook, it is crucial to arrange your resources appropriately. +# You can check the basic implementation here: https://github.com/upbound/uptest/blob/main/internal/templates/01-delete.yaml.tmpl. +# - UPTEST_CLOUD_CREDENTIALS (optional), multiple sets of AWS IAM User credentials specified as key=value pairs. +# The support keys are currently `DEFAULT` and `PEER`. So, an example for the value of this env. variable is: +# DEFAULT='[default] +# aws_access_key_id = REDACTED +# aws_secret_access_key = REDACTED' +# PEER='[default] +# aws_access_key_id = REDACTED +# aws_secret_access_key = REDACTED' +# The associated `ProviderConfig`s will be named as `default` and `peer`. +# - UPTEST_DATASOURCE_PATH (optional), see https://github.com/upbound/uptest#injecting-dynamic-values-and-datasource uptest: $(UPTEST) $(KUBECTL) $(KUTTL) @$(INFO) running automated tests - @KUBECTL=$(KUBECTL) KUTTL=$(KUTTL) $(UPTEST) e2e "${UPTEST_EXAMPLE_LIST}" --setup-script=cluster/test/setup.sh || $(FAIL) + @KUBECTL=$(KUBECTL) KUTTL=$(KUTTL) $(UPTEST) e2e "${UPTEST_EXAMPLE_LIST}" --data-source="${UPTEST_DATASOURCE_PATH}" --setup-script=cluster/test/setup.sh --default-conditions="Test" || $(FAIL) @$(OK) running automated tests local-deploy: build controlplane.up local.xpkg.deploy.provider.$(PROJECT_NAME) @@ -177,6 +198,33 @@ local-deploy: build controlplane.up local.xpkg.deploy.provider.$(PROJECT_NAME) e2e: local-deploy uptest +crddiff: $(UPTEST) + @$(INFO) Checking breaking CRD schema changes + @for crd in $${MODIFIED_CRD_LIST}; do \ + if ! git cat-file -e "$${GITHUB_BASE_REF}:$${crd}" 2>/dev/null; then \ + echo "CRD $${crd} does not exist in the $${GITHUB_BASE_REF} branch. Skipping..." ; \ + continue ; \ + fi ; \ + echo "Checking $${crd} for breaking API changes..." ; \ + changes_detected=$$($(UPTEST) crddiff revision <(git cat-file -p "$${GITHUB_BASE_REF}:$${crd}") "$${crd}" 2>&1) ; \ + if [[ $$? != 0 ]] ; then \ + printf "\033[31m"; echo "Breaking change detected!"; printf "\033[0m" ; \ + echo "$${changes_detected}" ; \ + echo ; \ + fi ; \ + done + @$(OK) Checking breaking CRD schema changes + +schema-version-diff: + @$(INFO) Checking for native state schema version changes + @export PREV_PROVIDER_VERSION=$$(git cat-file -p "${GITHUB_BASE_REF}:Makefile" | sed -nr 's/^export[[:space:]]*TERRAFORM_PROVIDER_VERSION[[:space:]]*:=[[:space:]]*(.+)/\1/p'); \ + echo Detected previous Terraform provider version: $${PREV_PROVIDER_VERSION}; \ + echo Current Terraform provider version: $${TERRAFORM_PROVIDER_VERSION}; \ + mkdir -p $(WORK_DIR); \ + git cat-file -p "$${GITHUB_BASE_REF}:config/schema.json" > "$(WORK_DIR)/schema.json.$${PREV_PROVIDER_VERSION}"; \ + ./scripts/version_diff.py config/generated.lst "$(WORK_DIR)/schema.json.$${PREV_PROVIDER_VERSION}" config/schema.json + @$(OK) Checking for native state schema version changes + .PHONY: cobertura submodules fallthrough run crds.clean # ==================================================================================== diff --git a/apis/access/v1alpha1/zz_application_terraformed.go b/apis/access/v1alpha1/zz_application_terraformed.go new file mode 100755 index 0000000..b54b990 --- /dev/null +++ b/apis/access/v1alpha1/zz_application_terraformed.go @@ -0,0 +1,135 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Application +func (mg *Application) GetTerraformResourceType() string { + return "cloudflare_access_application" +} + +// GetConnectionDetailsMapping for this Application +func (tr *Application) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Application +func (tr *Application) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Application +func (tr *Application) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Application +func (tr *Application) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Application +func (tr *Application) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Application +func (tr *Application) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Application +func (tr *Application) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Application +func (tr *Application) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Application using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Application) LateInitialize(attrs []byte) (bool, error) { + params := &ApplicationParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("AccountID")) + opts = append(opts, resource.WithNameFilter("ZoneID")) + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Application) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/access/v1alpha1/zz_application_types.go b/apis/access/v1alpha1/zz_application_types.go index 7d1c5dd..c0df59a 100755 --- a/apis/access/v1alpha1/zz_application_types.go +++ b/apis/access/v1alpha1/zz_application_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,16 +17,194 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ApplicationInitParameters struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (Set of String) The identity providers selected for the application. + // The identity providers selected for the application. + // +listType=set + AllowedIdps []*string `json:"allowedIdps,omitempty" tf:"allowed_idps,omitempty"` + + // (Boolean) Option to show/hide applications in App Launcher. Defaults to true. + // Option to show/hide applications in App Launcher. Defaults to `true`. + AppLauncherVisible *bool `json:"appLauncherVisible,omitempty" tf:"app_launcher_visible,omitempty"` + + // (Boolean) Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false. + // Option to skip identity provider selection if only one is configured in `allowed_idps`. Defaults to `false`. + AutoRedirectToIdentity *bool `json:"autoRedirectToIdentity,omitempty" tf:"auto_redirect_to_identity,omitempty"` + + // (Block List) CORS configuration for the Access Application. See below for reference structure. (see below for nested schema) + // CORS configuration for the Access Application. See below for reference structure. + CorsHeaders []CorsHeadersInitParameters `json:"corsHeaders,omitempty" tf:"cors_headers,omitempty"` + + // (String) Option that returns a custom error message when a user is denied access to the application. + // Option that returns a custom error message when a user is denied access to the application. + CustomDenyMessage *string `json:"customDenyMessage,omitempty" tf:"custom_deny_message,omitempty"` + + // (String) Option that redirects to a custom URL when a user is denied access to the application. + // Option that redirects to a custom URL when a user is denied access to the application. + CustomDenyURL *string `json:"customDenyUrl,omitempty" tf:"custom_deny_url,omitempty"` + + // (String) The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. + // The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. + Domain *string `json:"domain,omitempty" tf:"domain,omitempty"` + + // (Boolean) Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false. + // Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to `false`. + EnableBindingCookie *bool `json:"enableBindingCookie,omitempty" tf:"enable_binding_cookie,omitempty"` + + // (Boolean) Option to add the HttpOnly cookie flag to access tokens. + // Option to add the `HttpOnly` cookie flag to access tokens. + HTTPOnlyCookieAttribute *bool `json:"httpOnlyCookieAttribute,omitempty" tf:"http_only_cookie_attribute,omitempty"` + + // (String) Image URL for the logo shown in the app launcher dashboard. + // Image URL for the logo shown in the app launcher dashboard. + LogoURL *string `json:"logoUrl,omitempty" tf:"logo_url,omitempty"` + + // (String) Friendly name of the Access Application. + // Friendly name of the Access Application. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Block List, Max: 1) SaaS configuration for the Access Application. (see below for nested schema) + // SaaS configuration for the Access Application. + SaasApp []SaasAppInitParameters `json:"saasApp,omitempty" tf:"saas_app,omitempty"` + + // site cookie setting for access tokens. Available values: none, lax, strict. + // Defines the same-site cookie setting for access tokens. Available values: `none`, `lax`, `strict`. + SameSiteCookieAttribute *string `json:"sameSiteCookieAttribute,omitempty" tf:"same_site_cookie_attribute,omitempty"` + + // (Boolean) Option to return a 401 status code in service authentication rules on failed requests. Defaults to false. + // Option to return a 401 status code in service authentication rules on failed requests. Defaults to `false`. + ServiceAuth401Redirect *bool `json:"serviceAuth401Redirect,omitempty" tf:"service_auth_401_redirect,omitempty"` + + // authorise. Must be in the format 48h or 2h45m. Defaults to 24h. + // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. Defaults to `24h`. + SessionDuration *string `json:"sessionDuration,omitempty" tf:"session_duration,omitempty"` + + // (Boolean) Option to skip the authorization interstitial when using the CLI. Defaults to false. + // Option to skip the authorization interstitial when using the CLI. Defaults to `false`. + SkipInterstitial *bool `json:"skipInterstitial,omitempty" tf:"skip_interstitial,omitempty"` + + // (String) The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted. + // The application type. Available values: `app_launcher`, `bookmark`, `biso`, `dash_sso`, `saas`, `self_hosted`, `ssh`, `vnc`, `warp`. Defaults to `self_hosted`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type ApplicationObservation struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (Set of String) The identity providers selected for the application. + // The identity providers selected for the application. + // +listType=set + AllowedIdps []*string `json:"allowedIdps,omitempty" tf:"allowed_idps,omitempty"` + + // (Boolean) Option to show/hide applications in App Launcher. Defaults to true. + // Option to show/hide applications in App Launcher. Defaults to `true`. + AppLauncherVisible *bool `json:"appLauncherVisible,omitempty" tf:"app_launcher_visible,omitempty"` + + // (String) Application Audience (AUD) Tag of the application. // Application Audience (AUD) Tag of the application. Aud *string `json:"aud,omitempty" tf:"aud,omitempty"` + // (Boolean) Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false. + // Option to skip identity provider selection if only one is configured in `allowed_idps`. Defaults to `false`. + AutoRedirectToIdentity *bool `json:"autoRedirectToIdentity,omitempty" tf:"auto_redirect_to_identity,omitempty"` + + // (Block List) CORS configuration for the Access Application. See below for reference structure. (see below for nested schema) + // CORS configuration for the Access Application. See below for reference structure. + CorsHeaders []CorsHeadersObservation `json:"corsHeaders,omitempty" tf:"cors_headers,omitempty"` + + // (String) Option that returns a custom error message when a user is denied access to the application. + // Option that returns a custom error message when a user is denied access to the application. + CustomDenyMessage *string `json:"customDenyMessage,omitempty" tf:"custom_deny_message,omitempty"` + + // (String) Option that redirects to a custom URL when a user is denied access to the application. + // Option that redirects to a custom URL when a user is denied access to the application. + CustomDenyURL *string `json:"customDenyUrl,omitempty" tf:"custom_deny_url,omitempty"` + + // (String) The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. + // The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. + Domain *string `json:"domain,omitempty" tf:"domain,omitempty"` + + // (Boolean) Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false. + // Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to `false`. + EnableBindingCookie *bool `json:"enableBindingCookie,omitempty" tf:"enable_binding_cookie,omitempty"` + + // (Boolean) Option to add the HttpOnly cookie flag to access tokens. + // Option to add the `HttpOnly` cookie flag to access tokens. + HTTPOnlyCookieAttribute *bool `json:"httpOnlyCookieAttribute,omitempty" tf:"http_only_cookie_attribute,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) Image URL for the logo shown in the app launcher dashboard. + // Image URL for the logo shown in the app launcher dashboard. + LogoURL *string `json:"logoUrl,omitempty" tf:"logo_url,omitempty"` + + // (String) Friendly name of the Access Application. + // Friendly name of the Access Application. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Block List, Max: 1) SaaS configuration for the Access Application. (see below for nested schema) + // SaaS configuration for the Access Application. + SaasApp []SaasAppObservation `json:"saasApp,omitempty" tf:"saas_app,omitempty"` + + // site cookie setting for access tokens. Available values: none, lax, strict. + // Defines the same-site cookie setting for access tokens. Available values: `none`, `lax`, `strict`. + SameSiteCookieAttribute *string `json:"sameSiteCookieAttribute,omitempty" tf:"same_site_cookie_attribute,omitempty"` + + // (Boolean) Option to return a 401 status code in service authentication rules on failed requests. Defaults to false. + // Option to return a 401 status code in service authentication rules on failed requests. Defaults to `false`. + ServiceAuth401Redirect *bool `json:"serviceAuth401Redirect,omitempty" tf:"service_auth_401_redirect,omitempty"` + + // authorise. Must be in the format 48h or 2h45m. Defaults to 24h. + // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. Defaults to `24h`. + SessionDuration *string `json:"sessionDuration,omitempty" tf:"session_duration,omitempty"` + + // (Boolean) Option to skip the authorization interstitial when using the CLI. Defaults to false. + // Option to skip the authorization interstitial when using the CLI. Defaults to `false`. + SkipInterstitial *bool `json:"skipInterstitial,omitempty" tf:"skip_interstitial,omitempty"` + + // (String) The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted. + // The application type. Available values: `app_launcher`, `bookmark`, `biso`, `dash_sso`, `saas`, `self_hosted`, `ssh`, `vnc`, `warp`. Defaults to `self_hosted`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type ApplicationParameters struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. // The account identifier to target for the resource. Conflicts with `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -36,74 +218,93 @@ type ApplicationParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (Set of String) The identity providers selected for the application. // The identity providers selected for the application. // +kubebuilder:validation:Optional + // +listType=set AllowedIdps []*string `json:"allowedIdps,omitempty" tf:"allowed_idps,omitempty"` + // (Boolean) Option to show/hide applications in App Launcher. Defaults to true. // Option to show/hide applications in App Launcher. Defaults to `true`. // +kubebuilder:validation:Optional AppLauncherVisible *bool `json:"appLauncherVisible,omitempty" tf:"app_launcher_visible,omitempty"` + // (Boolean) Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false. // Option to skip identity provider selection if only one is configured in `allowed_idps`. Defaults to `false`. // +kubebuilder:validation:Optional AutoRedirectToIdentity *bool `json:"autoRedirectToIdentity,omitempty" tf:"auto_redirect_to_identity,omitempty"` + // (Block List) CORS configuration for the Access Application. See below for reference structure. (see below for nested schema) // CORS configuration for the Access Application. See below for reference structure. // +kubebuilder:validation:Optional CorsHeaders []CorsHeadersParameters `json:"corsHeaders,omitempty" tf:"cors_headers,omitempty"` + // (String) Option that returns a custom error message when a user is denied access to the application. // Option that returns a custom error message when a user is denied access to the application. // +kubebuilder:validation:Optional CustomDenyMessage *string `json:"customDenyMessage,omitempty" tf:"custom_deny_message,omitempty"` + // (String) Option that redirects to a custom URL when a user is denied access to the application. // Option that redirects to a custom URL when a user is denied access to the application. // +kubebuilder:validation:Optional CustomDenyURL *string `json:"customDenyUrl,omitempty" tf:"custom_deny_url,omitempty"` + // (String) The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. // The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. // +kubebuilder:validation:Optional Domain *string `json:"domain,omitempty" tf:"domain,omitempty"` + // (Boolean) Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false. // Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to `false`. // +kubebuilder:validation:Optional EnableBindingCookie *bool `json:"enableBindingCookie,omitempty" tf:"enable_binding_cookie,omitempty"` + // (Boolean) Option to add the HttpOnly cookie flag to access tokens. // Option to add the `HttpOnly` cookie flag to access tokens. // +kubebuilder:validation:Optional HTTPOnlyCookieAttribute *bool `json:"httpOnlyCookieAttribute,omitempty" tf:"http_only_cookie_attribute,omitempty"` + // (String) Image URL for the logo shown in the app launcher dashboard. // Image URL for the logo shown in the app launcher dashboard. // +kubebuilder:validation:Optional LogoURL *string `json:"logoUrl,omitempty" tf:"logo_url,omitempty"` + // (String) Friendly name of the Access Application. // Friendly name of the Access Application. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (Block List, Max: 1) SaaS configuration for the Access Application. (see below for nested schema) // SaaS configuration for the Access Application. // +kubebuilder:validation:Optional SaasApp []SaasAppParameters `json:"saasApp,omitempty" tf:"saas_app,omitempty"` + // site cookie setting for access tokens. Available values: none, lax, strict. // Defines the same-site cookie setting for access tokens. Available values: `none`, `lax`, `strict`. // +kubebuilder:validation:Optional SameSiteCookieAttribute *string `json:"sameSiteCookieAttribute,omitempty" tf:"same_site_cookie_attribute,omitempty"` + // (Boolean) Option to return a 401 status code in service authentication rules on failed requests. Defaults to false. // Option to return a 401 status code in service authentication rules on failed requests. Defaults to `false`. // +kubebuilder:validation:Optional ServiceAuth401Redirect *bool `json:"serviceAuth401Redirect,omitempty" tf:"service_auth_401_redirect,omitempty"` + // authorise. Must be in the format 48h or 2h45m. Defaults to 24h. // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. Defaults to `24h`. // +kubebuilder:validation:Optional SessionDuration *string `json:"sessionDuration,omitempty" tf:"session_duration,omitempty"` + // (Boolean) Option to skip the authorization interstitial when using the CLI. Defaults to false. // Option to skip the authorization interstitial when using the CLI. Defaults to `false`. // +kubebuilder:validation:Optional SkipInterstitial *bool `json:"skipInterstitial,omitempty" tf:"skip_interstitial,omitempty"` + // (String) The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted. // The application type. Available values: `app_launcher`, `bookmark`, `biso`, `dash_sso`, `saas`, `self_hosted`, `ssh`, `vnc`, `warp`. Defaults to `self_hosted`. // +kubebuilder:validation:Optional Type *string `json:"type,omitempty" tf:"type,omitempty"` + // (String) The zone identifier to target for the resource. Conflicts with account_id. // The zone identifier to target for the resource. Conflicts with `account_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -118,59 +319,173 @@ type ApplicationParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type CorsHeadersInitParameters struct { + + // (Boolean) Value to determine whether all HTTP headers are exposed. + // Value to determine whether all HTTP headers are exposed. + AllowAllHeaders *bool `json:"allowAllHeaders,omitempty" tf:"allow_all_headers,omitempty"` + + // (Boolean) Value to determine whether all methods are exposed. + // Value to determine whether all methods are exposed. + AllowAllMethods *bool `json:"allowAllMethods,omitempty" tf:"allow_all_methods,omitempty"` + + // (Boolean) Value to determine whether all origins are permitted to make CORS requests. + // Value to determine whether all origins are permitted to make CORS requests. + AllowAllOrigins *bool `json:"allowAllOrigins,omitempty" tf:"allow_all_origins,omitempty"` + + // (Boolean) Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. + // Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. + AllowCredentials *bool `json:"allowCredentials,omitempty" tf:"allow_credentials,omitempty"` + + // (Set of String) List of HTTP headers to expose via CORS. + // List of HTTP headers to expose via CORS. + // +listType=set + AllowedHeaders []*string `json:"allowedHeaders,omitempty" tf:"allowed_headers,omitempty"` + + // (Set of String) List of methods to expose via CORS. + // List of methods to expose via CORS. + // +listType=set + AllowedMethods []*string `json:"allowedMethods,omitempty" tf:"allowed_methods,omitempty"` + + // (Set of String) List of origins permitted to make CORS requests. + // List of origins permitted to make CORS requests. + // +listType=set + AllowedOrigins []*string `json:"allowedOrigins,omitempty" tf:"allowed_origins,omitempty"` + + // (Number) The maximum time a preflight request will be cached. + // The maximum time a preflight request will be cached. + MaxAge *float64 `json:"maxAge,omitempty" tf:"max_age,omitempty"` +} + type CorsHeadersObservation struct { + + // (Boolean) Value to determine whether all HTTP headers are exposed. + // Value to determine whether all HTTP headers are exposed. + AllowAllHeaders *bool `json:"allowAllHeaders,omitempty" tf:"allow_all_headers,omitempty"` + + // (Boolean) Value to determine whether all methods are exposed. + // Value to determine whether all methods are exposed. + AllowAllMethods *bool `json:"allowAllMethods,omitempty" tf:"allow_all_methods,omitempty"` + + // (Boolean) Value to determine whether all origins are permitted to make CORS requests. + // Value to determine whether all origins are permitted to make CORS requests. + AllowAllOrigins *bool `json:"allowAllOrigins,omitempty" tf:"allow_all_origins,omitempty"` + + // (Boolean) Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. + // Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. + AllowCredentials *bool `json:"allowCredentials,omitempty" tf:"allow_credentials,omitempty"` + + // (Set of String) List of HTTP headers to expose via CORS. + // List of HTTP headers to expose via CORS. + // +listType=set + AllowedHeaders []*string `json:"allowedHeaders,omitempty" tf:"allowed_headers,omitempty"` + + // (Set of String) List of methods to expose via CORS. + // List of methods to expose via CORS. + // +listType=set + AllowedMethods []*string `json:"allowedMethods,omitempty" tf:"allowed_methods,omitempty"` + + // (Set of String) List of origins permitted to make CORS requests. + // List of origins permitted to make CORS requests. + // +listType=set + AllowedOrigins []*string `json:"allowedOrigins,omitempty" tf:"allowed_origins,omitempty"` + + // (Number) The maximum time a preflight request will be cached. + // The maximum time a preflight request will be cached. + MaxAge *float64 `json:"maxAge,omitempty" tf:"max_age,omitempty"` } type CorsHeadersParameters struct { + // (Boolean) Value to determine whether all HTTP headers are exposed. // Value to determine whether all HTTP headers are exposed. // +kubebuilder:validation:Optional AllowAllHeaders *bool `json:"allowAllHeaders,omitempty" tf:"allow_all_headers,omitempty"` + // (Boolean) Value to determine whether all methods are exposed. // Value to determine whether all methods are exposed. // +kubebuilder:validation:Optional AllowAllMethods *bool `json:"allowAllMethods,omitempty" tf:"allow_all_methods,omitempty"` + // (Boolean) Value to determine whether all origins are permitted to make CORS requests. // Value to determine whether all origins are permitted to make CORS requests. // +kubebuilder:validation:Optional AllowAllOrigins *bool `json:"allowAllOrigins,omitempty" tf:"allow_all_origins,omitempty"` + // (Boolean) Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. // Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. // +kubebuilder:validation:Optional AllowCredentials *bool `json:"allowCredentials,omitempty" tf:"allow_credentials,omitempty"` + // (Set of String) List of HTTP headers to expose via CORS. // List of HTTP headers to expose via CORS. // +kubebuilder:validation:Optional + // +listType=set AllowedHeaders []*string `json:"allowedHeaders,omitempty" tf:"allowed_headers,omitempty"` + // (Set of String) List of methods to expose via CORS. // List of methods to expose via CORS. // +kubebuilder:validation:Optional + // +listType=set AllowedMethods []*string `json:"allowedMethods,omitempty" tf:"allowed_methods,omitempty"` + // (Set of String) List of origins permitted to make CORS requests. // List of origins permitted to make CORS requests. // +kubebuilder:validation:Optional + // +listType=set AllowedOrigins []*string `json:"allowedOrigins,omitempty" tf:"allowed_origins,omitempty"` + // (Number) The maximum time a preflight request will be cached. // The maximum time a preflight request will be cached. // +kubebuilder:validation:Optional MaxAge *float64 `json:"maxAge,omitempty" tf:"max_age,omitempty"` } +type SaasAppInitParameters struct { + + // (String) The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. + // The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. + ConsumerServiceURL *string `json:"consumerServiceUrl,omitempty" tf:"consumer_service_url,omitempty"` + + // (String) The format of the name identifier sent to the SaaS application. Defaults to email. + // The format of the name identifier sent to the SaaS application. Defaults to `email`. + NameIDFormat *string `json:"nameIdFormat,omitempty" tf:"name_id_format,omitempty"` + + // (String) A globally unique name for an identity or service provider. + // A globally unique name for an identity or service provider. + SpEntityID *string `json:"spEntityId,omitempty" tf:"sp_entity_id,omitempty"` +} + type SaasAppObservation struct { + + // (String) The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. + // The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. + ConsumerServiceURL *string `json:"consumerServiceUrl,omitempty" tf:"consumer_service_url,omitempty"` + + // (String) The format of the name identifier sent to the SaaS application. Defaults to email. + // The format of the name identifier sent to the SaaS application. Defaults to `email`. + NameIDFormat *string `json:"nameIdFormat,omitempty" tf:"name_id_format,omitempty"` + + // (String) A globally unique name for an identity or service provider. + // A globally unique name for an identity or service provider. + SpEntityID *string `json:"spEntityId,omitempty" tf:"sp_entity_id,omitempty"` } type SaasAppParameters struct { + // (String) The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. // The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional ConsumerServiceURL *string `json:"consumerServiceUrl" tf:"consumer_service_url,omitempty"` + // (String) The format of the name identifier sent to the SaaS application. Defaults to email. // The format of the name identifier sent to the SaaS application. Defaults to `email`. // +kubebuilder:validation:Optional NameIDFormat *string `json:"nameIdFormat,omitempty" tf:"name_id_format,omitempty"` + // (String) A globally unique name for an identity or service provider. // A globally unique name for an identity or service provider. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional SpEntityID *string `json:"spEntityId" tf:"sp_entity_id,omitempty"` } @@ -178,6 +493,17 @@ type SaasAppParameters struct { type ApplicationSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ApplicationParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ApplicationInitParameters `json:"initProvider,omitempty"` } // ApplicationStatus defines the observed state of Application. @@ -187,19 +513,21 @@ type ApplicationStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Application is the Schema for the Applications API. +// Application is the Schema for the Applications API. Provides a Cloudflare Access Application resource. Access Applications are used to restrict access to a whole application using an authorisation gateway managed by Cloudflare. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Application struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec ApplicationSpec `json:"spec"` - Status ApplicationStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec ApplicationSpec `json:"spec"` + Status ApplicationStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/access/v1alpha1/zz_bookmark_terraformed.go b/apis/access/v1alpha1/zz_bookmark_terraformed.go new file mode 100755 index 0000000..5dfb985 --- /dev/null +++ b/apis/access/v1alpha1/zz_bookmark_terraformed.go @@ -0,0 +1,135 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Bookmark +func (mg *Bookmark) GetTerraformResourceType() string { + return "cloudflare_access_bookmark" +} + +// GetConnectionDetailsMapping for this Bookmark +func (tr *Bookmark) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Bookmark +func (tr *Bookmark) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Bookmark +func (tr *Bookmark) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Bookmark +func (tr *Bookmark) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Bookmark +func (tr *Bookmark) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Bookmark +func (tr *Bookmark) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Bookmark +func (tr *Bookmark) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Bookmark +func (tr *Bookmark) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Bookmark using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Bookmark) LateInitialize(attrs []byte) (bool, error) { + params := &BookmarkParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("AccountID")) + opts = append(opts, resource.WithNameFilter("ZoneID")) + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Bookmark) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/access/v1alpha1/zz_bookmark_types.go b/apis/access/v1alpha1/zz_bookmark_types.go index 9adf239..b130bd7 100755 --- a/apis/access/v1alpha1/zz_bookmark_types.go +++ b/apis/access/v1alpha1/zz_bookmark_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,84 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type BookmarkInitParameters struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (Boolean) Option to show/hide the bookmark in the app launcher. Defaults to true. + // Option to show/hide the bookmark in the app launcher. Defaults to `true`. + AppLauncherVisible *bool `json:"appLauncherVisible,omitempty" tf:"app_launcher_visible,omitempty"` + + // (String) The domain of the bookmark application. Can include subdomains, paths, or both. + // The domain of the bookmark application. Can include subdomains, paths, or both. + Domain *string `json:"domain,omitempty" tf:"domain,omitempty"` + + // (String) The image URL for the logo shown in the app launcher dashboard. + // The image URL for the logo shown in the app launcher dashboard. + LogoURL *string `json:"logoUrl,omitempty" tf:"logo_url,omitempty"` + + // (String) Name of the bookmark application. + // Name of the bookmark application. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type BookmarkObservation struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (Boolean) Option to show/hide the bookmark in the app launcher. Defaults to true. + // Option to show/hide the bookmark in the app launcher. Defaults to `true`. + AppLauncherVisible *bool `json:"appLauncherVisible,omitempty" tf:"app_launcher_visible,omitempty"` + + // (String) The domain of the bookmark application. Can include subdomains, paths, or both. + // The domain of the bookmark application. Can include subdomains, paths, or both. + Domain *string `json:"domain,omitempty" tf:"domain,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The image URL for the logo shown in the app launcher dashboard. + // The image URL for the logo shown in the app launcher dashboard. + LogoURL *string `json:"logoUrl,omitempty" tf:"logo_url,omitempty"` + + // (String) Name of the bookmark application. + // Name of the bookmark application. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type BookmarkParameters struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. // The account identifier to target for the resource. Conflicts with `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,22 +108,27 @@ type BookmarkParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (Boolean) Option to show/hide the bookmark in the app launcher. Defaults to true. // Option to show/hide the bookmark in the app launcher. Defaults to `true`. // +kubebuilder:validation:Optional AppLauncherVisible *bool `json:"appLauncherVisible,omitempty" tf:"app_launcher_visible,omitempty"` + // (String) The domain of the bookmark application. Can include subdomains, paths, or both. // The domain of the bookmark application. Can include subdomains, paths, or both. - // +kubebuilder:validation:Required - Domain *string `json:"domain" tf:"domain,omitempty"` + // +kubebuilder:validation:Optional + Domain *string `json:"domain,omitempty" tf:"domain,omitempty"` + // (String) The image URL for the logo shown in the app launcher dashboard. // The image URL for the logo shown in the app launcher dashboard. // +kubebuilder:validation:Optional LogoURL *string `json:"logoUrl,omitempty" tf:"logo_url,omitempty"` + // (String) Name of the bookmark application. // Name of the bookmark application. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) The zone identifier to target for the resource. Conflicts with account_id. // The zone identifier to target for the resource. Conflicts with `account_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -66,6 +147,17 @@ type BookmarkParameters struct { type BookmarkSpec struct { v1.ResourceSpec `json:",inline"` ForProvider BookmarkParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider BookmarkInitParameters `json:"initProvider,omitempty"` } // BookmarkStatus defines the observed state of Bookmark. @@ -75,19 +167,22 @@ type BookmarkStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Bookmark is the Schema for the Bookmarks API. +// Bookmark is the Schema for the Bookmarks API. Provides a Cloudflare Access Bookmark resource. Access Bookmark applications are not protected behind Access but are displayed in the App Launcher. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Bookmark struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec BookmarkSpec `json:"spec"` - Status BookmarkStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.domain) || (has(self.initProvider) && has(self.initProvider.domain))",message="spec.forProvider.domain is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec BookmarkSpec `json:"spec"` + Status BookmarkStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/access/v1alpha1/zz_cacertificate_terraformed.go b/apis/access/v1alpha1/zz_cacertificate_terraformed.go new file mode 100755 index 0000000..009f6ac --- /dev/null +++ b/apis/access/v1alpha1/zz_cacertificate_terraformed.go @@ -0,0 +1,135 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this CACertificate +func (mg *CACertificate) GetTerraformResourceType() string { + return "cloudflare_access_ca_certificate" +} + +// GetConnectionDetailsMapping for this CACertificate +func (tr *CACertificate) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this CACertificate +func (tr *CACertificate) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this CACertificate +func (tr *CACertificate) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this CACertificate +func (tr *CACertificate) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this CACertificate +func (tr *CACertificate) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this CACertificate +func (tr *CACertificate) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this CACertificate +func (tr *CACertificate) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this CACertificate +func (tr *CACertificate) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this CACertificate using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *CACertificate) LateInitialize(attrs []byte) (bool, error) { + params := &CACertificateParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("AccountID")) + opts = append(opts, resource.WithNameFilter("ZoneID")) + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *CACertificate) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/access/v1alpha1/zz_cacertificate_types.go b/apis/access/v1alpha1/zz_cacertificate_types.go index ae3f98d..dd496c9 100755 --- a/apis/access/v1alpha1/zz_cacertificate_types.go +++ b/apis/access/v1alpha1/zz_cacertificate_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,19 +17,77 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type CACertificateInitParameters struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) The Access Application ID to associate with the CA certificate. + // The Access Application ID to associate with the CA certificate. + // +crossplane:generate:reference:type=Application + ApplicationID *string `json:"applicationId,omitempty" tf:"application_id,omitempty"` + + // Reference to a Application to populate applicationId. + // +kubebuilder:validation:Optional + ApplicationIDRef *v1.Reference `json:"applicationIdRef,omitempty" tf:"-"` + + // Selector for a Application to populate applicationId. + // +kubebuilder:validation:Optional + ApplicationIDSelector *v1.Selector `json:"applicationIdSelector,omitempty" tf:"-"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type CACertificateObservation struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) The Access Application ID to associate with the CA certificate. + // The Access Application ID to associate with the CA certificate. + ApplicationID *string `json:"applicationId,omitempty" tf:"application_id,omitempty"` + + // (String) Application Audience (AUD) Tag of the CA certificate. // Application Audience (AUD) Tag of the CA certificate. Aud *string `json:"aud,omitempty" tf:"aud,omitempty"` + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (String) Cryptographic public key of the generated CA certificate. // Cryptographic public key of the generated CA certificate. PublicKey *string `json:"publicKey,omitempty" tf:"public_key,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type CACertificateParameters struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. // The account identifier to target for the resource. Conflicts with `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -39,6 +101,7 @@ type CACertificateParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) The Access Application ID to associate with the CA certificate. // The Access Application ID to associate with the CA certificate. // +crossplane:generate:reference:type=Application // +kubebuilder:validation:Optional @@ -52,6 +115,7 @@ type CACertificateParameters struct { // +kubebuilder:validation:Optional ApplicationIDSelector *v1.Selector `json:"applicationIdSelector,omitempty" tf:"-"` + // (String) The zone identifier to target for the resource. Conflicts with account_id. // The zone identifier to target for the resource. Conflicts with `account_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -70,6 +134,17 @@ type CACertificateParameters struct { type CACertificateSpec struct { v1.ResourceSpec `json:",inline"` ForProvider CACertificateParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider CACertificateInitParameters `json:"initProvider,omitempty"` } // CACertificateStatus defines the observed state of CACertificate. @@ -79,13 +154,14 @@ type CACertificateStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// CACertificate is the Schema for the CACertificates API. +// CACertificate is the Schema for the CACertificates API. Cloudflare Access can replace traditional SSH key models with short-lived certificates issued to your users based on the token generated by their Access login. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type CACertificate struct { metav1.TypeMeta `json:",inline"` diff --git a/apis/access/v1alpha1/zz_generated.conversion_hubs.go b/apis/access/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..f9cec1c --- /dev/null +++ b/apis/access/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,44 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Application) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Bookmark) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *CACertificate) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Group) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *IdentityProvider) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *KeysConfiguration) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *MutualTLSCertificate) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Organization) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Policy) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Rule) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *ServiceToken) Hub() {} diff --git a/apis/access/v1alpha1/zz_generated.deepcopy.go b/apis/access/v1alpha1/zz_generated.deepcopy.go index 1aab7cc..8708a7a 100644 --- a/apis/access/v1alpha1/zz_generated.deepcopy.go +++ b/apis/access/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,146 @@ func (in *Application) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ApplicationInitParameters) DeepCopyInto(out *ApplicationInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.AllowedIdps != nil { + in, out := &in.AllowedIdps, &out.AllowedIdps + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.AppLauncherVisible != nil { + in, out := &in.AppLauncherVisible, &out.AppLauncherVisible + *out = new(bool) + **out = **in + } + if in.AutoRedirectToIdentity != nil { + in, out := &in.AutoRedirectToIdentity, &out.AutoRedirectToIdentity + *out = new(bool) + **out = **in + } + if in.CorsHeaders != nil { + in, out := &in.CorsHeaders, &out.CorsHeaders + *out = make([]CorsHeadersInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CustomDenyMessage != nil { + in, out := &in.CustomDenyMessage, &out.CustomDenyMessage + *out = new(string) + **out = **in + } + if in.CustomDenyURL != nil { + in, out := &in.CustomDenyURL, &out.CustomDenyURL + *out = new(string) + **out = **in + } + if in.Domain != nil { + in, out := &in.Domain, &out.Domain + *out = new(string) + **out = **in + } + if in.EnableBindingCookie != nil { + in, out := &in.EnableBindingCookie, &out.EnableBindingCookie + *out = new(bool) + **out = **in + } + if in.HTTPOnlyCookieAttribute != nil { + in, out := &in.HTTPOnlyCookieAttribute, &out.HTTPOnlyCookieAttribute + *out = new(bool) + **out = **in + } + if in.LogoURL != nil { + in, out := &in.LogoURL, &out.LogoURL + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.SaasApp != nil { + in, out := &in.SaasApp, &out.SaasApp + *out = make([]SaasAppInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SameSiteCookieAttribute != nil { + in, out := &in.SameSiteCookieAttribute, &out.SameSiteCookieAttribute + *out = new(string) + **out = **in + } + if in.ServiceAuth401Redirect != nil { + in, out := &in.ServiceAuth401Redirect, &out.ServiceAuth401Redirect + *out = new(bool) + **out = **in + } + if in.SessionDuration != nil { + in, out := &in.SessionDuration, &out.SessionDuration + *out = new(string) + **out = **in + } + if in.SkipInterstitial != nil { + in, out := &in.SkipInterstitial, &out.SkipInterstitial + *out = new(bool) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationInitParameters. +func (in *ApplicationInitParameters) DeepCopy() *ApplicationInitParameters { + if in == nil { + return nil + } + out := new(ApplicationInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ApplicationList) DeepCopyInto(out *ApplicationList) { *out = *in @@ -76,16 +215,121 @@ func (in *ApplicationList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ApplicationObservation) DeepCopyInto(out *ApplicationObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AllowedIdps != nil { + in, out := &in.AllowedIdps, &out.AllowedIdps + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.AppLauncherVisible != nil { + in, out := &in.AppLauncherVisible, &out.AppLauncherVisible + *out = new(bool) + **out = **in + } if in.Aud != nil { in, out := &in.Aud, &out.Aud *out = new(string) **out = **in } + if in.AutoRedirectToIdentity != nil { + in, out := &in.AutoRedirectToIdentity, &out.AutoRedirectToIdentity + *out = new(bool) + **out = **in + } + if in.CorsHeaders != nil { + in, out := &in.CorsHeaders, &out.CorsHeaders + *out = make([]CorsHeadersObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CustomDenyMessage != nil { + in, out := &in.CustomDenyMessage, &out.CustomDenyMessage + *out = new(string) + **out = **in + } + if in.CustomDenyURL != nil { + in, out := &in.CustomDenyURL, &out.CustomDenyURL + *out = new(string) + **out = **in + } + if in.Domain != nil { + in, out := &in.Domain, &out.Domain + *out = new(string) + **out = **in + } + if in.EnableBindingCookie != nil { + in, out := &in.EnableBindingCookie, &out.EnableBindingCookie + *out = new(bool) + **out = **in + } + if in.HTTPOnlyCookieAttribute != nil { + in, out := &in.HTTPOnlyCookieAttribute, &out.HTTPOnlyCookieAttribute + *out = new(bool) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.LogoURL != nil { + in, out := &in.LogoURL, &out.LogoURL + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.SaasApp != nil { + in, out := &in.SaasApp, &out.SaasApp + *out = make([]SaasAppObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SameSiteCookieAttribute != nil { + in, out := &in.SameSiteCookieAttribute, &out.SameSiteCookieAttribute + *out = new(string) + **out = **in + } + if in.ServiceAuth401Redirect != nil { + in, out := &in.ServiceAuth401Redirect, &out.ServiceAuth401Redirect + *out = new(bool) + **out = **in + } + if in.SessionDuration != nil { + in, out := &in.SessionDuration, &out.SessionDuration + *out = new(string) + **out = **in + } + if in.SkipInterstitial != nil { + in, out := &in.SkipInterstitial, &out.SkipInterstitial + *out = new(bool) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationObservation. @@ -243,6 +487,7 @@ func (in *ApplicationSpec) DeepCopyInto(out *ApplicationSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationSpec. @@ -273,22 +518,7 @@ func (in *ApplicationStatus) DeepCopy() *ApplicationStatus { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ApprovalGroupObservation) DeepCopyInto(out *ApprovalGroupObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApprovalGroupObservation. -func (in *ApprovalGroupObservation) DeepCopy() *ApprovalGroupObservation { - if in == nil { - return nil - } - out := new(ApprovalGroupObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ApprovalGroupParameters) DeepCopyInto(out *ApprovalGroupParameters) { +func (in *ApprovalGroupInitParameters) DeepCopyInto(out *ApprovalGroupInitParameters) { *out = *in if in.ApprovalsNeeded != nil { in, out := &in.ApprovalsNeeded, &out.ApprovalsNeeded @@ -313,12 +543,115 @@ func (in *ApprovalGroupParameters) DeepCopyInto(out *ApprovalGroupParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApprovalGroupParameters. -func (in *ApprovalGroupParameters) DeepCopy() *ApprovalGroupParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApprovalGroupInitParameters. +func (in *ApprovalGroupInitParameters) DeepCopy() *ApprovalGroupInitParameters { if in == nil { return nil } - out := new(ApprovalGroupParameters) + out := new(ApprovalGroupInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ApprovalGroupObservation) DeepCopyInto(out *ApprovalGroupObservation) { + *out = *in + if in.ApprovalsNeeded != nil { + in, out := &in.ApprovalsNeeded, &out.ApprovalsNeeded + *out = new(float64) + **out = **in + } + if in.EmailAddresses != nil { + in, out := &in.EmailAddresses, &out.EmailAddresses + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailListUUID != nil { + in, out := &in.EmailListUUID, &out.EmailListUUID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApprovalGroupObservation. +func (in *ApprovalGroupObservation) DeepCopy() *ApprovalGroupObservation { + if in == nil { + return nil + } + out := new(ApprovalGroupObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ApprovalGroupParameters) DeepCopyInto(out *ApprovalGroupParameters) { + *out = *in + if in.ApprovalsNeeded != nil { + in, out := &in.ApprovalsNeeded, &out.ApprovalsNeeded + *out = new(float64) + **out = **in + } + if in.EmailAddresses != nil { + in, out := &in.EmailAddresses, &out.EmailAddresses + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailListUUID != nil { + in, out := &in.EmailListUUID, &out.EmailListUUID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApprovalGroupParameters. +func (in *ApprovalGroupParameters) DeepCopy() *ApprovalGroupParameters { + if in == nil { + return nil + } + out := new(ApprovalGroupParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AzureInitParameters) DeepCopyInto(out *AzureInitParameters) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureInitParameters. +func (in *AzureInitParameters) DeepCopy() *AzureInitParameters { + if in == nil { + return nil + } + out := new(AzureInitParameters) in.DeepCopyInto(out) return out } @@ -326,6 +659,22 @@ func (in *ApprovalGroupParameters) DeepCopy() *ApprovalGroupParameters { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AzureObservation) DeepCopyInto(out *AzureObservation) { *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureObservation. @@ -396,6 +745,71 @@ func (in *Bookmark) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BookmarkInitParameters) DeepCopyInto(out *BookmarkInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.AppLauncherVisible != nil { + in, out := &in.AppLauncherVisible, &out.AppLauncherVisible + *out = new(bool) + **out = **in + } + if in.Domain != nil { + in, out := &in.Domain, &out.Domain + *out = new(string) + **out = **in + } + if in.LogoURL != nil { + in, out := &in.LogoURL, &out.LogoURL + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BookmarkInitParameters. +func (in *BookmarkInitParameters) DeepCopy() *BookmarkInitParameters { + if in == nil { + return nil + } + out := new(BookmarkInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BookmarkList) DeepCopyInto(out *BookmarkList) { *out = *in @@ -431,11 +845,41 @@ func (in *BookmarkList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BookmarkObservation) DeepCopyInto(out *BookmarkObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AppLauncherVisible != nil { + in, out := &in.AppLauncherVisible, &out.AppLauncherVisible + *out = new(bool) + **out = **in + } + if in.Domain != nil { + in, out := &in.Domain, &out.Domain + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.LogoURL != nil { + in, out := &in.LogoURL, &out.LogoURL + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BookmarkObservation. @@ -518,6 +962,7 @@ func (in *BookmarkSpec) DeepCopyInto(out *BookmarkSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BookmarkSpec. @@ -575,55 +1020,130 @@ func (in *CACertificate) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CACertificateList) DeepCopyInto(out *CACertificateList) { +func (in *CACertificateInitParameters) DeepCopyInto(out *CACertificateInitParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]CACertificate, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CACertificateList. -func (in *CACertificateList) DeepCopy() *CACertificateList { - if in == nil { - return nil + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) } - out := new(CACertificateList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CACertificateList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CACertificateObservation) DeepCopyInto(out *CACertificateObservation) { - *out = *in - if in.Aud != nil { - in, out := &in.Aud, &out.Aud + if in.ApplicationID != nil { + in, out := &in.ApplicationID, &out.ApplicationID *out = new(string) **out = **in } - if in.ID != nil { - in, out := &in.ID, &out.ID - *out = new(string) - **out = **in + if in.ApplicationIDRef != nil { + in, out := &in.ApplicationIDRef, &out.ApplicationIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ApplicationIDSelector != nil { + in, out := &in.ApplicationIDSelector, &out.ApplicationIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CACertificateInitParameters. +func (in *CACertificateInitParameters) DeepCopy() *CACertificateInitParameters { + if in == nil { + return nil + } + out := new(CACertificateInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CACertificateList) DeepCopyInto(out *CACertificateList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]CACertificate, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CACertificateList. +func (in *CACertificateList) DeepCopy() *CACertificateList { + if in == nil { + return nil + } + out := new(CACertificateList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CACertificateList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CACertificateObservation) DeepCopyInto(out *CACertificateObservation) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.ApplicationID != nil { + in, out := &in.ApplicationID, &out.ApplicationID + *out = new(string) + **out = **in + } + if in.Aud != nil { + in, out := &in.Aud, &out.Aud + *out = new(string) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in } if in.PublicKey != nil { in, out := &in.PublicKey, &out.PublicKey *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CACertificateObservation. @@ -701,6 +1221,7 @@ func (in *CACertificateSpec) DeepCopyInto(out *CACertificateSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CACertificateSpec. @@ -731,22 +1252,7 @@ func (in *CACertificateStatus) DeepCopy() *CACertificateStatus { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigObservation) DeepCopyInto(out *ConfigObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigObservation. -func (in *ConfigObservation) DeepCopy() *ConfigObservation { - if in == nil { - return nil - } - out := new(ConfigObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigParameters) DeepCopyInto(out *ConfigParameters) { +func (in *ConfigInitParameters) DeepCopyInto(out *ConfigInitParameters) { *out = *in if in.APIToken != nil { in, out := &in.APIToken, &out.APIToken @@ -861,96 +1367,31 @@ func (in *ConfigParameters) DeepCopyInto(out *ConfigParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigParameters. -func (in *ConfigParameters) DeepCopy() *ConfigParameters { - if in == nil { - return nil - } - out := new(ConfigParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigurationObservation) DeepCopyInto(out *ConfigurationObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationObservation. -func (in *ConfigurationObservation) DeepCopy() *ConfigurationObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigInitParameters. +func (in *ConfigInitParameters) DeepCopy() *ConfigInitParameters { if in == nil { return nil } - out := new(ConfigurationObservation) + out := new(ConfigInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigurationParameters) DeepCopyInto(out *ConfigurationParameters) { +func (in *ConfigObservation) DeepCopyInto(out *ConfigObservation) { *out = *in - if in.Target != nil { - in, out := &in.Target, &out.Target + if in.APIToken != nil { + in, out := &in.APIToken, &out.APIToken *out = new(string) **out = **in } - if in.Value != nil { - in, out := &in.Value, &out.Value + if in.AppsDomain != nil { + in, out := &in.AppsDomain, &out.AppsDomain *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationParameters. -func (in *ConfigurationParameters) DeepCopy() *ConfigurationParameters { - if in == nil { - return nil - } - out := new(ConfigurationParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CorsHeadersObservation) DeepCopyInto(out *CorsHeadersObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CorsHeadersObservation. -func (in *CorsHeadersObservation) DeepCopy() *CorsHeadersObservation { - if in == nil { - return nil - } - out := new(CorsHeadersObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CorsHeadersParameters) DeepCopyInto(out *CorsHeadersParameters) { - *out = *in - if in.AllowAllHeaders != nil { - in, out := &in.AllowAllHeaders, &out.AllowAllHeaders - *out = new(bool) - **out = **in - } - if in.AllowAllMethods != nil { - in, out := &in.AllowAllMethods, &out.AllowAllMethods - *out = new(bool) - **out = **in - } - if in.AllowAllOrigins != nil { - in, out := &in.AllowAllOrigins, &out.AllowAllOrigins - *out = new(bool) - **out = **in - } - if in.AllowCredentials != nil { - in, out := &in.AllowCredentials, &out.AllowCredentials - *out = new(bool) - **out = **in - } - if in.AllowedHeaders != nil { - in, out := &in.AllowedHeaders, &out.AllowedHeaders + if in.Attributes != nil { + in, out := &in.Attributes, &out.Attributes *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -960,65 +1401,123 @@ func (in *CorsHeadersParameters) DeepCopyInto(out *CorsHeadersParameters) { } } } - if in.AllowedMethods != nil { - in, out := &in.AllowedMethods, &out.AllowedMethods - *out = make([]*string, len(*in)) - for i := range *in { - if (*in)[i] != nil { - in, out := &(*in)[i], &(*out)[i] - *out = new(string) - **out = **in - } - } + if in.AuthURL != nil { + in, out := &in.AuthURL, &out.AuthURL + *out = new(string) + **out = **in } - if in.AllowedOrigins != nil { - in, out := &in.AllowedOrigins, &out.AllowedOrigins - *out = make([]*string, len(*in)) - for i := range *in { - if (*in)[i] != nil { - in, out := &(*in)[i], &(*out)[i] - *out = new(string) - **out = **in - } - } + if in.CentrifyAccount != nil { + in, out := &in.CentrifyAccount, &out.CentrifyAccount + *out = new(string) + **out = **in } - if in.MaxAge != nil { - in, out := &in.MaxAge, &out.MaxAge - *out = new(float64) + if in.CentrifyAppID != nil { + in, out := &in.CentrifyAppID, &out.CentrifyAppID + *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CorsHeadersParameters. -func (in *CorsHeadersParameters) DeepCopy() *CorsHeadersParameters { - if in == nil { - return nil + if in.CertsURL != nil { + in, out := &in.CertsURL, &out.CertsURL + *out = new(string) + **out = **in } - out := new(CorsHeadersParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeAzureObservation) DeepCopyInto(out *ExcludeAzureObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeAzureObservation. -func (in *ExcludeAzureObservation) DeepCopy() *ExcludeAzureObservation { - if in == nil { - return nil + if in.ClientID != nil { + in, out := &in.ClientID, &out.ClientID + *out = new(string) + **out = **in } - out := new(ExcludeAzureObservation) - in.DeepCopyInto(out) - return out + if in.ClientSecret != nil { + in, out := &in.ClientSecret, &out.ClientSecret + *out = new(string) + **out = **in + } + if in.DirectoryID != nil { + in, out := &in.DirectoryID, &out.DirectoryID + *out = new(string) + **out = **in + } + if in.EmailAttributeName != nil { + in, out := &in.EmailAttributeName, &out.EmailAttributeName + *out = new(string) + **out = **in + } + if in.IdpPublicCert != nil { + in, out := &in.IdpPublicCert, &out.IdpPublicCert + *out = new(string) + **out = **in + } + if in.IssuerURL != nil { + in, out := &in.IssuerURL, &out.IssuerURL + *out = new(string) + **out = **in + } + if in.OktaAccount != nil { + in, out := &in.OktaAccount, &out.OktaAccount + *out = new(string) + **out = **in + } + if in.OneloginAccount != nil { + in, out := &in.OneloginAccount, &out.OneloginAccount + *out = new(string) + **out = **in + } + if in.PkceEnabled != nil { + in, out := &in.PkceEnabled, &out.PkceEnabled + *out = new(bool) + **out = **in + } + if in.RedirectURL != nil { + in, out := &in.RedirectURL, &out.RedirectURL + *out = new(string) + **out = **in + } + if in.SignRequest != nil { + in, out := &in.SignRequest, &out.SignRequest + *out = new(bool) + **out = **in + } + if in.SsoTargetURL != nil { + in, out := &in.SsoTargetURL, &out.SsoTargetURL + *out = new(string) + **out = **in + } + if in.SupportGroups != nil { + in, out := &in.SupportGroups, &out.SupportGroups + *out = new(bool) + **out = **in + } + if in.TokenURL != nil { + in, out := &in.TokenURL, &out.TokenURL + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigObservation. +func (in *ConfigObservation) DeepCopy() *ConfigObservation { + if in == nil { + return nil + } + out := new(ConfigObservation) + in.DeepCopyInto(out) + return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeAzureParameters) DeepCopyInto(out *ExcludeAzureParameters) { +func (in *ConfigParameters) DeepCopyInto(out *ConfigParameters) { *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID + if in.APIToken != nil { + in, out := &in.APIToken, &out.APIToken + *out = new(string) + **out = **in + } + if in.AppsDomain != nil { + in, out := &in.AppsDomain, &out.AppsDomain + *out = new(string) + **out = **in + } + if in.Attributes != nil { + in, out := &in.Attributes, &out.Attributes *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1028,134 +1527,208 @@ func (in *ExcludeAzureParameters) DeepCopyInto(out *ExcludeAzureParameters) { } } } - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID + if in.AuthURL != nil { + in, out := &in.AuthURL, &out.AuthURL *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeAzureParameters. -func (in *ExcludeAzureParameters) DeepCopy() *ExcludeAzureParameters { - if in == nil { - return nil + if in.CentrifyAccount != nil { + in, out := &in.CentrifyAccount, &out.CentrifyAccount + *out = new(string) + **out = **in + } + if in.CentrifyAppID != nil { + in, out := &in.CentrifyAppID, &out.CentrifyAppID + *out = new(string) + **out = **in + } + if in.CertsURL != nil { + in, out := &in.CertsURL, &out.CertsURL + *out = new(string) + **out = **in + } + if in.ClientID != nil { + in, out := &in.ClientID, &out.ClientID + *out = new(string) + **out = **in + } + if in.ClientSecret != nil { + in, out := &in.ClientSecret, &out.ClientSecret + *out = new(string) + **out = **in + } + if in.DirectoryID != nil { + in, out := &in.DirectoryID, &out.DirectoryID + *out = new(string) + **out = **in + } + if in.EmailAttributeName != nil { + in, out := &in.EmailAttributeName, &out.EmailAttributeName + *out = new(string) + **out = **in + } + if in.IdpPublicCert != nil { + in, out := &in.IdpPublicCert, &out.IdpPublicCert + *out = new(string) + **out = **in + } + if in.IssuerURL != nil { + in, out := &in.IssuerURL, &out.IssuerURL + *out = new(string) + **out = **in + } + if in.OktaAccount != nil { + in, out := &in.OktaAccount, &out.OktaAccount + *out = new(string) + **out = **in + } + if in.OneloginAccount != nil { + in, out := &in.OneloginAccount, &out.OneloginAccount + *out = new(string) + **out = **in + } + if in.PkceEnabled != nil { + in, out := &in.PkceEnabled, &out.PkceEnabled + *out = new(bool) + **out = **in + } + if in.RedirectURL != nil { + in, out := &in.RedirectURL, &out.RedirectURL + *out = new(string) + **out = **in + } + if in.SignRequest != nil { + in, out := &in.SignRequest, &out.SignRequest + *out = new(bool) + **out = **in + } + if in.SsoTargetURL != nil { + in, out := &in.SsoTargetURL, &out.SsoTargetURL + *out = new(string) + **out = **in + } + if in.SupportGroups != nil { + in, out := &in.SupportGroups, &out.SupportGroups + *out = new(bool) + **out = **in + } + if in.TokenURL != nil { + in, out := &in.TokenURL, &out.TokenURL + *out = new(string) + **out = **in } - out := new(ExcludeAzureParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeExternalEvaluationObservation) DeepCopyInto(out *ExcludeExternalEvaluationObservation) { - *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeExternalEvaluationObservation. -func (in *ExcludeExternalEvaluationObservation) DeepCopy() *ExcludeExternalEvaluationObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigParameters. +func (in *ConfigParameters) DeepCopy() *ConfigParameters { if in == nil { return nil } - out := new(ExcludeExternalEvaluationObservation) + out := new(ConfigParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeExternalEvaluationParameters) DeepCopyInto(out *ExcludeExternalEvaluationParameters) { +func (in *ConfigurationInitParameters) DeepCopyInto(out *ConfigurationInitParameters) { *out = *in - if in.EvaluateURL != nil { - in, out := &in.EvaluateURL, &out.EvaluateURL + if in.Target != nil { + in, out := &in.Target, &out.Target *out = new(string) **out = **in } - if in.KeysURL != nil { - in, out := &in.KeysURL, &out.KeysURL + if in.Value != nil { + in, out := &in.Value, &out.Value *out = new(string) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeExternalEvaluationParameters. -func (in *ExcludeExternalEvaluationParameters) DeepCopy() *ExcludeExternalEvaluationParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationInitParameters. +func (in *ConfigurationInitParameters) DeepCopy() *ConfigurationInitParameters { if in == nil { return nil } - out := new(ExcludeExternalEvaluationParameters) + out := new(ConfigurationInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeGithubObservation) DeepCopyInto(out *ExcludeGithubObservation) { +func (in *ConfigurationObservation) DeepCopyInto(out *ConfigurationObservation) { *out = *in + if in.Target != nil { + in, out := &in.Target, &out.Target + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeGithubObservation. -func (in *ExcludeGithubObservation) DeepCopy() *ExcludeGithubObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationObservation. +func (in *ConfigurationObservation) DeepCopy() *ConfigurationObservation { if in == nil { return nil } - out := new(ExcludeGithubObservation) + out := new(ConfigurationObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeGithubParameters) DeepCopyInto(out *ExcludeGithubParameters) { +func (in *ConfigurationParameters) DeepCopyInto(out *ConfigurationParameters) { *out = *in - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID + if in.Target != nil { + in, out := &in.Target, &out.Target *out = new(string) **out = **in } - if in.Name != nil { - in, out := &in.Name, &out.Name + if in.Value != nil { + in, out := &in.Value, &out.Value *out = new(string) **out = **in } - if in.Teams != nil { - in, out := &in.Teams, &out.Teams - *out = make([]*string, len(*in)) - for i := range *in { - if (*in)[i] != nil { - in, out := &(*in)[i], &(*out)[i] - *out = new(string) - **out = **in - } - } - } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeGithubParameters. -func (in *ExcludeGithubParameters) DeepCopy() *ExcludeGithubParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationParameters. +func (in *ConfigurationParameters) DeepCopy() *ConfigurationParameters { if in == nil { return nil } - out := new(ExcludeGithubParameters) + out := new(ConfigurationParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeGsuiteObservation) DeepCopyInto(out *ExcludeGsuiteObservation) { +func (in *CorsHeadersInitParameters) DeepCopyInto(out *CorsHeadersInitParameters) { *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeGsuiteObservation. -func (in *ExcludeGsuiteObservation) DeepCopy() *ExcludeGsuiteObservation { - if in == nil { - return nil + if in.AllowAllHeaders != nil { + in, out := &in.AllowAllHeaders, &out.AllowAllHeaders + *out = new(bool) + **out = **in } - out := new(ExcludeGsuiteObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeGsuiteParameters) DeepCopyInto(out *ExcludeGsuiteParameters) { - *out = *in - if in.Email != nil { - in, out := &in.Email, &out.Email + if in.AllowAllMethods != nil { + in, out := &in.AllowAllMethods, &out.AllowAllMethods + *out = new(bool) + **out = **in + } + if in.AllowAllOrigins != nil { + in, out := &in.AllowAllOrigins, &out.AllowAllOrigins + *out = new(bool) + **out = **in + } + if in.AllowCredentials != nil { + in, out := &in.AllowCredentials, &out.AllowCredentials + *out = new(bool) + **out = **in + } + if in.AllowedHeaders != nil { + in, out := &in.AllowedHeaders, &out.AllowedHeaders *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1165,63 +1738,19 @@ func (in *ExcludeGsuiteParameters) DeepCopyInto(out *ExcludeGsuiteParameters) { } } } - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID - *out = new(string) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeGsuiteParameters. -func (in *ExcludeGsuiteParameters) DeepCopy() *ExcludeGsuiteParameters { - if in == nil { - return nil - } - out := new(ExcludeGsuiteParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeObservation) DeepCopyInto(out *ExcludeObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeObservation. -func (in *ExcludeObservation) DeepCopy() *ExcludeObservation { - if in == nil { - return nil - } - out := new(ExcludeObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeOktaObservation) DeepCopyInto(out *ExcludeOktaObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeOktaObservation. -func (in *ExcludeOktaObservation) DeepCopy() *ExcludeOktaObservation { - if in == nil { - return nil - } - out := new(ExcludeOktaObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeOktaParameters) DeepCopyInto(out *ExcludeOktaParameters) { - *out = *in - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID - *out = new(string) - **out = **in + if in.AllowedMethods != nil { + in, out := &in.AllowedMethods, &out.AllowedMethods + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } - if in.Name != nil { - in, out := &in.Name, &out.Name + if in.AllowedOrigins != nil { + in, out := &in.AllowedOrigins, &out.AllowedOrigins *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1231,50 +1760,48 @@ func (in *ExcludeOktaParameters) DeepCopyInto(out *ExcludeOktaParameters) { } } } + if in.MaxAge != nil { + in, out := &in.MaxAge, &out.MaxAge + *out = new(float64) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeOktaParameters. -func (in *ExcludeOktaParameters) DeepCopy() *ExcludeOktaParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CorsHeadersInitParameters. +func (in *CorsHeadersInitParameters) DeepCopy() *CorsHeadersInitParameters { if in == nil { return nil } - out := new(ExcludeOktaParameters) + out := new(CorsHeadersInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeParameters) DeepCopyInto(out *ExcludeParameters) { +func (in *CorsHeadersObservation) DeepCopyInto(out *CorsHeadersObservation) { *out = *in - if in.AnyValidServiceToken != nil { - in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + if in.AllowAllHeaders != nil { + in, out := &in.AllowAllHeaders, &out.AllowAllHeaders *out = new(bool) **out = **in } - if in.AuthMethod != nil { - in, out := &in.AuthMethod, &out.AuthMethod - *out = new(string) + if in.AllowAllMethods != nil { + in, out := &in.AllowAllMethods, &out.AllowAllMethods + *out = new(bool) **out = **in } - if in.Azure != nil { - in, out := &in.Azure, &out.Azure - *out = make([]AzureParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Certificate != nil { - in, out := &in.Certificate, &out.Certificate + if in.AllowAllOrigins != nil { + in, out := &in.AllowAllOrigins, &out.AllowAllOrigins *out = new(bool) **out = **in } - if in.CommonName != nil { - in, out := &in.CommonName, &out.CommonName - *out = new(string) + if in.AllowCredentials != nil { + in, out := &in.AllowCredentials, &out.AllowCredentials + *out = new(bool) **out = **in } - if in.DevicePosture != nil { - in, out := &in.DevicePosture, &out.DevicePosture + if in.AllowedHeaders != nil { + in, out := &in.AllowedHeaders, &out.AllowedHeaders *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1284,8 +1811,8 @@ func (in *ExcludeParameters) DeepCopyInto(out *ExcludeParameters) { } } } - if in.Email != nil { - in, out := &in.Email, &out.Email + if in.AllowedMethods != nil { + in, out := &in.AllowedMethods, &out.AllowedMethods *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1295,8 +1822,8 @@ func (in *ExcludeParameters) DeepCopyInto(out *ExcludeParameters) { } } } - if in.EmailDomain != nil { - in, out := &in.EmailDomain, &out.EmailDomain + if in.AllowedOrigins != nil { + in, out := &in.AllowedOrigins, &out.AllowedOrigins *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1306,20 +1833,48 @@ func (in *ExcludeParameters) DeepCopyInto(out *ExcludeParameters) { } } } - if in.Everyone != nil { - in, out := &in.Everyone, &out.Everyone + if in.MaxAge != nil { + in, out := &in.MaxAge, &out.MaxAge + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CorsHeadersObservation. +func (in *CorsHeadersObservation) DeepCopy() *CorsHeadersObservation { + if in == nil { + return nil + } + out := new(CorsHeadersObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CorsHeadersParameters) DeepCopyInto(out *CorsHeadersParameters) { + *out = *in + if in.AllowAllHeaders != nil { + in, out := &in.AllowAllHeaders, &out.AllowAllHeaders *out = new(bool) **out = **in } - if in.ExternalEvaluation != nil { - in, out := &in.ExternalEvaluation, &out.ExternalEvaluation - *out = make([]ExternalEvaluationParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.AllowAllMethods != nil { + in, out := &in.AllowAllMethods, &out.AllowAllMethods + *out = new(bool) + **out = **in } - if in.Geo != nil { - in, out := &in.Geo, &out.Geo + if in.AllowAllOrigins != nil { + in, out := &in.AllowAllOrigins, &out.AllowAllOrigins + *out = new(bool) + **out = **in + } + if in.AllowCredentials != nil { + in, out := &in.AllowCredentials, &out.AllowCredentials + *out = new(bool) + **out = **in + } + if in.AllowedHeaders != nil { + in, out := &in.AllowedHeaders, &out.AllowedHeaders *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1329,15 +1884,8 @@ func (in *ExcludeParameters) DeepCopyInto(out *ExcludeParameters) { } } } - if in.Github != nil { - in, out := &in.Github, &out.Github - *out = make([]GithubParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Group != nil { - in, out := &in.Group, &out.Group + if in.AllowedMethods != nil { + in, out := &in.AllowedMethods, &out.AllowedMethods *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1347,15 +1895,8 @@ func (in *ExcludeParameters) DeepCopyInto(out *ExcludeParameters) { } } } - if in.Gsuite != nil { - in, out := &in.Gsuite, &out.Gsuite - *out = make([]GsuiteParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.IP != nil { - in, out := &in.IP, &out.IP + if in.AllowedOrigins != nil { + in, out := &in.AllowedOrigins, &out.AllowedOrigins *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1365,8 +1906,28 @@ func (in *ExcludeParameters) DeepCopyInto(out *ExcludeParameters) { } } } - if in.LoginMethod != nil { - in, out := &in.LoginMethod, &out.LoginMethod + if in.MaxAge != nil { + in, out := &in.MaxAge, &out.MaxAge + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CorsHeadersParameters. +func (in *CorsHeadersParameters) DeepCopy() *CorsHeadersParameters { + if in == nil { + return nil + } + out := new(CorsHeadersParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExcludeAzureInitParameters) DeepCopyInto(out *ExcludeAzureInitParameters) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1376,22 +1937,28 @@ func (in *ExcludeParameters) DeepCopyInto(out *ExcludeParameters) { } } } - if in.Okta != nil { - in, out := &in.Okta, &out.Okta - *out = make([]OktaParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.SAML != nil { - in, out := &in.SAML, &out.SAML - *out = make([]SAMLParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in } - if in.ServiceToken != nil { - in, out := &in.ServiceToken, &out.ServiceToken +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeAzureInitParameters. +func (in *ExcludeAzureInitParameters) DeepCopy() *ExcludeAzureInitParameters { + if in == nil { + return nil + } + out := new(ExcludeAzureInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExcludeAzureObservation) DeepCopyInto(out *ExcludeAzureObservation) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1401,80 +1968,106 @@ func (in *ExcludeParameters) DeepCopyInto(out *ExcludeParameters) { } } } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeParameters. -func (in *ExcludeParameters) DeepCopy() *ExcludeParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeAzureObservation. +func (in *ExcludeAzureObservation) DeepCopy() *ExcludeAzureObservation { if in == nil { return nil } - out := new(ExcludeParameters) + out := new(ExcludeAzureObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeSAMLObservation) DeepCopyInto(out *ExcludeSAMLObservation) { +func (in *ExcludeAzureParameters) DeepCopyInto(out *ExcludeAzureParameters) { *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeSAMLObservation. -func (in *ExcludeSAMLObservation) DeepCopy() *ExcludeSAMLObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeAzureParameters. +func (in *ExcludeAzureParameters) DeepCopy() *ExcludeAzureParameters { if in == nil { return nil } - out := new(ExcludeSAMLObservation) + out := new(ExcludeAzureParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExcludeSAMLParameters) DeepCopyInto(out *ExcludeSAMLParameters) { +func (in *ExcludeExternalEvaluationInitParameters) DeepCopyInto(out *ExcludeExternalEvaluationInitParameters) { *out = *in - if in.AttributeName != nil { - in, out := &in.AttributeName, &out.AttributeName - *out = new(string) - **out = **in - } - if in.AttributeValue != nil { - in, out := &in.AttributeValue, &out.AttributeValue + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL *out = new(string) **out = **in } - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL *out = new(string) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeSAMLParameters. -func (in *ExcludeSAMLParameters) DeepCopy() *ExcludeSAMLParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeExternalEvaluationInitParameters. +func (in *ExcludeExternalEvaluationInitParameters) DeepCopy() *ExcludeExternalEvaluationInitParameters { if in == nil { return nil } - out := new(ExcludeSAMLParameters) + out := new(ExcludeExternalEvaluationInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExternalEvaluationObservation) DeepCopyInto(out *ExternalEvaluationObservation) { +func (in *ExcludeExternalEvaluationObservation) DeepCopyInto(out *ExcludeExternalEvaluationObservation) { *out = *in + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalEvaluationObservation. -func (in *ExternalEvaluationObservation) DeepCopy() *ExternalEvaluationObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeExternalEvaluationObservation. +func (in *ExcludeExternalEvaluationObservation) DeepCopy() *ExcludeExternalEvaluationObservation { if in == nil { return nil } - out := new(ExternalEvaluationObservation) + out := new(ExcludeExternalEvaluationObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExternalEvaluationParameters) DeepCopyInto(out *ExternalEvaluationParameters) { +func (in *ExcludeExternalEvaluationParameters) DeepCopyInto(out *ExcludeExternalEvaluationParameters) { *out = *in if in.EvaluateURL != nil { in, out := &in.EvaluateURL, &out.EvaluateURL @@ -1488,33 +2081,54 @@ func (in *ExternalEvaluationParameters) DeepCopyInto(out *ExternalEvaluationPara } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalEvaluationParameters. -func (in *ExternalEvaluationParameters) DeepCopy() *ExternalEvaluationParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeExternalEvaluationParameters. +func (in *ExcludeExternalEvaluationParameters) DeepCopy() *ExcludeExternalEvaluationParameters { if in == nil { return nil } - out := new(ExternalEvaluationParameters) + out := new(ExcludeExternalEvaluationParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GithubObservation) DeepCopyInto(out *GithubObservation) { +func (in *ExcludeGithubInitParameters) DeepCopyInto(out *ExcludeGithubInitParameters) { *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GithubObservation. -func (in *GithubObservation) DeepCopy() *GithubObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeGithubInitParameters. +func (in *ExcludeGithubInitParameters) DeepCopy() *ExcludeGithubInitParameters { if in == nil { return nil } - out := new(GithubObservation) + out := new(ExcludeGithubInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GithubParameters) DeepCopyInto(out *GithubParameters) { +func (in *ExcludeGithubObservation) DeepCopyInto(out *ExcludeGithubObservation) { *out = *in if in.IdentityProviderID != nil { in, out := &in.IdentityProviderID, &out.IdentityProviderID @@ -1539,220 +2153,4306 @@ func (in *GithubParameters) DeepCopyInto(out *GithubParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GithubParameters. -func (in *GithubParameters) DeepCopy() *GithubParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeGithubObservation. +func (in *ExcludeGithubObservation) DeepCopy() *ExcludeGithubObservation { if in == nil { return nil } - out := new(GithubParameters) + out := new(ExcludeGithubObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Group) DeepCopyInto(out *Group) { +func (in *ExcludeGithubParameters) DeepCopyInto(out *ExcludeGithubParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Group. -func (in *Group) DeepCopy() *Group { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeGithubParameters. +func (in *ExcludeGithubParameters) DeepCopy() *ExcludeGithubParameters { if in == nil { return nil } - out := new(Group) + out := new(ExcludeGithubParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Group) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GroupList) DeepCopyInto(out *GroupList) { +func (in *ExcludeGsuiteInitParameters) DeepCopyInto(out *ExcludeGsuiteInitParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Group, len(*in)) + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } } } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupList. -func (in *GroupList) DeepCopy() *GroupList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeGsuiteInitParameters. +func (in *ExcludeGsuiteInitParameters) DeepCopy() *ExcludeGsuiteInitParameters { if in == nil { return nil } - out := new(GroupList) + out := new(ExcludeGsuiteInitParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *GroupList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GroupObservation) DeepCopyInto(out *GroupObservation) { +func (in *ExcludeGsuiteObservation) DeepCopyInto(out *ExcludeGsuiteObservation) { *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID *out = new(string) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupObservation. -func (in *GroupObservation) DeepCopy() *GroupObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeGsuiteObservation. +func (in *ExcludeGsuiteObservation) DeepCopy() *ExcludeGsuiteObservation { if in == nil { return nil } - out := new(GroupObservation) + out := new(ExcludeGsuiteObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GroupParameters) DeepCopyInto(out *GroupParameters) { +func (in *ExcludeGsuiteParameters) DeepCopyInto(out *ExcludeGsuiteParameters) { *out = *in - if in.AccountID != nil { - in, out := &in.AccountID, &out.AccountID + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID *out = new(string) **out = **in } - if in.AccountIDRef != nil { - in, out := &in.AccountIDRef, &out.AccountIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.AccountIDSelector != nil { - in, out := &in.AccountIDSelector, &out.AccountIDSelector - *out = new(v1.Selector) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeGsuiteParameters. +func (in *ExcludeGsuiteParameters) DeepCopy() *ExcludeGsuiteParameters { + if in == nil { + return nil + } + out := new(ExcludeGsuiteParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExcludeInitParameters) DeepCopyInto(out *ExcludeInitParameters) { + *out = *in + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) + **out = **in + } + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod + *out = new(string) + **out = **in + } + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]AzureInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) + **out = **in + } + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) + **out = **in + } + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]ExternalEvaluationInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]GithubInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]GsuiteInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]OktaInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]SAMLInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeInitParameters. +func (in *ExcludeInitParameters) DeepCopy() *ExcludeInitParameters { + if in == nil { + return nil + } + out := new(ExcludeInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExcludeObservation) DeepCopyInto(out *ExcludeObservation) { + *out = *in + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) + **out = **in + } + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod + *out = new(string) + **out = **in + } + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]AzureObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) + **out = **in + } + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) + **out = **in + } + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]ExternalEvaluationObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]GithubObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]GsuiteObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]OktaObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]SAMLObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeObservation. +func (in *ExcludeObservation) DeepCopy() *ExcludeObservation { + if in == nil { + return nil + } + out := new(ExcludeObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExcludeOktaInitParameters) DeepCopyInto(out *ExcludeOktaInitParameters) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeOktaInitParameters. +func (in *ExcludeOktaInitParameters) DeepCopy() *ExcludeOktaInitParameters { + if in == nil { + return nil + } + out := new(ExcludeOktaInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExcludeOktaObservation) DeepCopyInto(out *ExcludeOktaObservation) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeOktaObservation. +func (in *ExcludeOktaObservation) DeepCopy() *ExcludeOktaObservation { + if in == nil { + return nil + } + out := new(ExcludeOktaObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExcludeOktaParameters) DeepCopyInto(out *ExcludeOktaParameters) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeOktaParameters. +func (in *ExcludeOktaParameters) DeepCopy() *ExcludeOktaParameters { + if in == nil { + return nil + } + out := new(ExcludeOktaParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExcludeParameters) DeepCopyInto(out *ExcludeParameters) { + *out = *in + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) + **out = **in + } + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod + *out = new(string) + **out = **in + } + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]AzureParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) + **out = **in + } + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) + **out = **in + } + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]ExternalEvaluationParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]GithubParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]GsuiteParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]OktaParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]SAMLParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeParameters. +func (in *ExcludeParameters) DeepCopy() *ExcludeParameters { + if in == nil { + return nil + } + out := new(ExcludeParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExcludeSAMLInitParameters) DeepCopyInto(out *ExcludeSAMLInitParameters) { + *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeSAMLInitParameters. +func (in *ExcludeSAMLInitParameters) DeepCopy() *ExcludeSAMLInitParameters { + if in == nil { + return nil + } + out := new(ExcludeSAMLInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExcludeSAMLObservation) DeepCopyInto(out *ExcludeSAMLObservation) { + *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeSAMLObservation. +func (in *ExcludeSAMLObservation) DeepCopy() *ExcludeSAMLObservation { + if in == nil { + return nil + } + out := new(ExcludeSAMLObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExcludeSAMLParameters) DeepCopyInto(out *ExcludeSAMLParameters) { + *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeSAMLParameters. +func (in *ExcludeSAMLParameters) DeepCopy() *ExcludeSAMLParameters { + if in == nil { + return nil + } + out := new(ExcludeSAMLParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalEvaluationInitParameters) DeepCopyInto(out *ExternalEvaluationInitParameters) { + *out = *in + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalEvaluationInitParameters. +func (in *ExternalEvaluationInitParameters) DeepCopy() *ExternalEvaluationInitParameters { + if in == nil { + return nil + } + out := new(ExternalEvaluationInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalEvaluationObservation) DeepCopyInto(out *ExternalEvaluationObservation) { + *out = *in + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalEvaluationObservation. +func (in *ExternalEvaluationObservation) DeepCopy() *ExternalEvaluationObservation { + if in == nil { + return nil + } + out := new(ExternalEvaluationObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalEvaluationParameters) DeepCopyInto(out *ExternalEvaluationParameters) { + *out = *in + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalEvaluationParameters. +func (in *ExternalEvaluationParameters) DeepCopy() *ExternalEvaluationParameters { + if in == nil { + return nil + } + out := new(ExternalEvaluationParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GithubInitParameters) DeepCopyInto(out *GithubInitParameters) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GithubInitParameters. +func (in *GithubInitParameters) DeepCopy() *GithubInitParameters { + if in == nil { + return nil + } + out := new(GithubInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GithubObservation) DeepCopyInto(out *GithubObservation) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GithubObservation. +func (in *GithubObservation) DeepCopy() *GithubObservation { + if in == nil { + return nil + } + out := new(GithubObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GithubParameters) DeepCopyInto(out *GithubParameters) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GithubParameters. +func (in *GithubParameters) DeepCopy() *GithubParameters { + if in == nil { + return nil + } + out := new(GithubParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Group) DeepCopyInto(out *Group) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Group. +func (in *Group) DeepCopy() *Group { + if in == nil { + return nil + } + out := new(Group) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Group) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupInitParameters) DeepCopyInto(out *GroupInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Exclude != nil { + in, out := &in.Exclude, &out.Exclude + *out = make([]ExcludeInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]IncludeInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Require != nil { + in, out := &in.Require, &out.Require + *out = make([]RequireInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupInitParameters. +func (in *GroupInitParameters) DeepCopy() *GroupInitParameters { + if in == nil { + return nil + } + out := new(GroupInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupList) DeepCopyInto(out *GroupList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Group, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupList. +func (in *GroupList) DeepCopy() *GroupList { + if in == nil { + return nil + } + out := new(GroupList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *GroupList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupObservation) DeepCopyInto(out *GroupObservation) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Exclude != nil { + in, out := &in.Exclude, &out.Exclude + *out = make([]ExcludeObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]IncludeObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Require != nil { + in, out := &in.Require, &out.Require + *out = make([]RequireObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupObservation. +func (in *GroupObservation) DeepCopy() *GroupObservation { + if in == nil { + return nil + } + out := new(GroupObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupParameters) DeepCopyInto(out *GroupParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Exclude != nil { + in, out := &in.Exclude, &out.Exclude + *out = make([]ExcludeParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]IncludeParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Require != nil { + in, out := &in.Require, &out.Require + *out = make([]RequireParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupParameters. +func (in *GroupParameters) DeepCopy() *GroupParameters { + if in == nil { + return nil + } + out := new(GroupParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupSpec) DeepCopyInto(out *GroupSpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSpec. +func (in *GroupSpec) DeepCopy() *GroupSpec { + if in == nil { + return nil + } + out := new(GroupSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupStatus) DeepCopyInto(out *GroupStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupStatus. +func (in *GroupStatus) DeepCopy() *GroupStatus { + if in == nil { + return nil + } + out := new(GroupStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GsuiteInitParameters) DeepCopyInto(out *GsuiteInitParameters) { + *out = *in + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GsuiteInitParameters. +func (in *GsuiteInitParameters) DeepCopy() *GsuiteInitParameters { + if in == nil { + return nil + } + out := new(GsuiteInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GsuiteObservation) DeepCopyInto(out *GsuiteObservation) { + *out = *in + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GsuiteObservation. +func (in *GsuiteObservation) DeepCopy() *GsuiteObservation { + if in == nil { + return nil + } + out := new(GsuiteObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GsuiteParameters) DeepCopyInto(out *GsuiteParameters) { + *out = *in + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GsuiteParameters. +func (in *GsuiteParameters) DeepCopy() *GsuiteParameters { + if in == nil { + return nil + } + out := new(GsuiteParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IdentityProvider) DeepCopyInto(out *IdentityProvider) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProvider. +func (in *IdentityProvider) DeepCopy() *IdentityProvider { + if in == nil { + return nil + } + out := new(IdentityProvider) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *IdentityProvider) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IdentityProviderInitParameters) DeepCopyInto(out *IdentityProviderInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Config != nil { + in, out := &in.Config, &out.Config + *out = make([]ConfigInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderInitParameters. +func (in *IdentityProviderInitParameters) DeepCopy() *IdentityProviderInitParameters { + if in == nil { + return nil + } + out := new(IdentityProviderInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IdentityProviderList) DeepCopyInto(out *IdentityProviderList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]IdentityProvider, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderList. +func (in *IdentityProviderList) DeepCopy() *IdentityProviderList { + if in == nil { + return nil + } + out := new(IdentityProviderList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *IdentityProviderList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IdentityProviderObservation) DeepCopyInto(out *IdentityProviderObservation) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Config != nil { + in, out := &in.Config, &out.Config + *out = make([]ConfigObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderObservation. +func (in *IdentityProviderObservation) DeepCopy() *IdentityProviderObservation { + if in == nil { + return nil + } + out := new(IdentityProviderObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IdentityProviderParameters) DeepCopyInto(out *IdentityProviderParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Config != nil { + in, out := &in.Config, &out.Config + *out = make([]ConfigParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderParameters. +func (in *IdentityProviderParameters) DeepCopy() *IdentityProviderParameters { + if in == nil { + return nil + } + out := new(IdentityProviderParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IdentityProviderSpec) DeepCopyInto(out *IdentityProviderSpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderSpec. +func (in *IdentityProviderSpec) DeepCopy() *IdentityProviderSpec { + if in == nil { + return nil + } + out := new(IdentityProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IdentityProviderStatus) DeepCopyInto(out *IdentityProviderStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderStatus. +func (in *IdentityProviderStatus) DeepCopy() *IdentityProviderStatus { + if in == nil { + return nil + } + out := new(IdentityProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeAzureInitParameters) DeepCopyInto(out *IncludeAzureInitParameters) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeAzureInitParameters. +func (in *IncludeAzureInitParameters) DeepCopy() *IncludeAzureInitParameters { + if in == nil { + return nil + } + out := new(IncludeAzureInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeAzureObservation) DeepCopyInto(out *IncludeAzureObservation) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeAzureObservation. +func (in *IncludeAzureObservation) DeepCopy() *IncludeAzureObservation { + if in == nil { + return nil + } + out := new(IncludeAzureObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeAzureParameters) DeepCopyInto(out *IncludeAzureParameters) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeAzureParameters. +func (in *IncludeAzureParameters) DeepCopy() *IncludeAzureParameters { + if in == nil { + return nil + } + out := new(IncludeAzureParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeExternalEvaluationInitParameters) DeepCopyInto(out *IncludeExternalEvaluationInitParameters) { + *out = *in + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeExternalEvaluationInitParameters. +func (in *IncludeExternalEvaluationInitParameters) DeepCopy() *IncludeExternalEvaluationInitParameters { + if in == nil { + return nil + } + out := new(IncludeExternalEvaluationInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeExternalEvaluationObservation) DeepCopyInto(out *IncludeExternalEvaluationObservation) { + *out = *in + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeExternalEvaluationObservation. +func (in *IncludeExternalEvaluationObservation) DeepCopy() *IncludeExternalEvaluationObservation { + if in == nil { + return nil + } + out := new(IncludeExternalEvaluationObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeExternalEvaluationParameters) DeepCopyInto(out *IncludeExternalEvaluationParameters) { + *out = *in + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeExternalEvaluationParameters. +func (in *IncludeExternalEvaluationParameters) DeepCopy() *IncludeExternalEvaluationParameters { + if in == nil { + return nil + } + out := new(IncludeExternalEvaluationParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeGithubInitParameters) DeepCopyInto(out *IncludeGithubInitParameters) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeGithubInitParameters. +func (in *IncludeGithubInitParameters) DeepCopy() *IncludeGithubInitParameters { + if in == nil { + return nil + } + out := new(IncludeGithubInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeGithubObservation) DeepCopyInto(out *IncludeGithubObservation) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeGithubObservation. +func (in *IncludeGithubObservation) DeepCopy() *IncludeGithubObservation { + if in == nil { + return nil + } + out := new(IncludeGithubObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeGithubParameters) DeepCopyInto(out *IncludeGithubParameters) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeGithubParameters. +func (in *IncludeGithubParameters) DeepCopy() *IncludeGithubParameters { + if in == nil { + return nil + } + out := new(IncludeGithubParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeGsuiteInitParameters) DeepCopyInto(out *IncludeGsuiteInitParameters) { + *out = *in + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeGsuiteInitParameters. +func (in *IncludeGsuiteInitParameters) DeepCopy() *IncludeGsuiteInitParameters { + if in == nil { + return nil + } + out := new(IncludeGsuiteInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeGsuiteObservation) DeepCopyInto(out *IncludeGsuiteObservation) { + *out = *in + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeGsuiteObservation. +func (in *IncludeGsuiteObservation) DeepCopy() *IncludeGsuiteObservation { + if in == nil { + return nil + } + out := new(IncludeGsuiteObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeGsuiteParameters) DeepCopyInto(out *IncludeGsuiteParameters) { + *out = *in + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeGsuiteParameters. +func (in *IncludeGsuiteParameters) DeepCopy() *IncludeGsuiteParameters { + if in == nil { + return nil + } + out := new(IncludeGsuiteParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeInitParameters) DeepCopyInto(out *IncludeInitParameters) { + *out = *in + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) + **out = **in + } + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod + *out = new(string) + **out = **in + } + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]IncludeAzureInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) + **out = **in + } + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) + **out = **in + } + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]IncludeExternalEvaluationInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]IncludeGithubInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]IncludeGsuiteInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]IncludeOktaInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]IncludeSAMLInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeInitParameters. +func (in *IncludeInitParameters) DeepCopy() *IncludeInitParameters { + if in == nil { + return nil + } + out := new(IncludeInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeObservation) DeepCopyInto(out *IncludeObservation) { + *out = *in + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) + **out = **in + } + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod + *out = new(string) + **out = **in + } + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]IncludeAzureObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) + **out = **in + } + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) + **out = **in + } + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]IncludeExternalEvaluationObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]IncludeGithubObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]IncludeGsuiteObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]IncludeOktaObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]IncludeSAMLObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeObservation. +func (in *IncludeObservation) DeepCopy() *IncludeObservation { + if in == nil { + return nil + } + out := new(IncludeObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeOktaInitParameters) DeepCopyInto(out *IncludeOktaInitParameters) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeOktaInitParameters. +func (in *IncludeOktaInitParameters) DeepCopy() *IncludeOktaInitParameters { + if in == nil { + return nil + } + out := new(IncludeOktaInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeOktaObservation) DeepCopyInto(out *IncludeOktaObservation) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeOktaObservation. +func (in *IncludeOktaObservation) DeepCopy() *IncludeOktaObservation { + if in == nil { + return nil + } + out := new(IncludeOktaObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeOktaParameters) DeepCopyInto(out *IncludeOktaParameters) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeOktaParameters. +func (in *IncludeOktaParameters) DeepCopy() *IncludeOktaParameters { + if in == nil { + return nil + } + out := new(IncludeOktaParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeParameters) DeepCopyInto(out *IncludeParameters) { + *out = *in + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) + **out = **in + } + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod + *out = new(string) + **out = **in + } + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]IncludeAzureParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) + **out = **in + } + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) + **out = **in + } + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]IncludeExternalEvaluationParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]IncludeGithubParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]IncludeGsuiteParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]IncludeOktaParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]IncludeSAMLParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeParameters. +func (in *IncludeParameters) DeepCopy() *IncludeParameters { + if in == nil { + return nil + } + out := new(IncludeParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeSAMLInitParameters) DeepCopyInto(out *IncludeSAMLInitParameters) { + *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeSAMLInitParameters. +func (in *IncludeSAMLInitParameters) DeepCopy() *IncludeSAMLInitParameters { + if in == nil { + return nil + } + out := new(IncludeSAMLInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeSAMLObservation) DeepCopyInto(out *IncludeSAMLObservation) { + *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeSAMLObservation. +func (in *IncludeSAMLObservation) DeepCopy() *IncludeSAMLObservation { + if in == nil { + return nil + } + out := new(IncludeSAMLObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeSAMLParameters) DeepCopyInto(out *IncludeSAMLParameters) { + *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeSAMLParameters. +func (in *IncludeSAMLParameters) DeepCopy() *IncludeSAMLParameters { + if in == nil { + return nil + } + out := new(IncludeSAMLParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KeysConfiguration) DeepCopyInto(out *KeysConfiguration) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfiguration. +func (in *KeysConfiguration) DeepCopy() *KeysConfiguration { + if in == nil { + return nil + } + out := new(KeysConfiguration) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *KeysConfiguration) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KeysConfigurationInitParameters) DeepCopyInto(out *KeysConfigurationInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.KeyRotationIntervalDays != nil { + in, out := &in.KeyRotationIntervalDays, &out.KeyRotationIntervalDays + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfigurationInitParameters. +func (in *KeysConfigurationInitParameters) DeepCopy() *KeysConfigurationInitParameters { + if in == nil { + return nil + } + out := new(KeysConfigurationInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KeysConfigurationList) DeepCopyInto(out *KeysConfigurationList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]KeysConfiguration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfigurationList. +func (in *KeysConfigurationList) DeepCopy() *KeysConfigurationList { + if in == nil { + return nil + } + out := new(KeysConfigurationList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *KeysConfigurationList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KeysConfigurationObservation) DeepCopyInto(out *KeysConfigurationObservation) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.KeyRotationIntervalDays != nil { + in, out := &in.KeyRotationIntervalDays, &out.KeyRotationIntervalDays + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfigurationObservation. +func (in *KeysConfigurationObservation) DeepCopy() *KeysConfigurationObservation { + if in == nil { + return nil + } + out := new(KeysConfigurationObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KeysConfigurationParameters) DeepCopyInto(out *KeysConfigurationParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.KeyRotationIntervalDays != nil { + in, out := &in.KeyRotationIntervalDays, &out.KeyRotationIntervalDays + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfigurationParameters. +func (in *KeysConfigurationParameters) DeepCopy() *KeysConfigurationParameters { + if in == nil { + return nil + } + out := new(KeysConfigurationParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KeysConfigurationSpec) DeepCopyInto(out *KeysConfigurationSpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfigurationSpec. +func (in *KeysConfigurationSpec) DeepCopy() *KeysConfigurationSpec { + if in == nil { + return nil + } + out := new(KeysConfigurationSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KeysConfigurationStatus) DeepCopyInto(out *KeysConfigurationStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfigurationStatus. +func (in *KeysConfigurationStatus) DeepCopy() *KeysConfigurationStatus { + if in == nil { + return nil + } + out := new(KeysConfigurationStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoginDesignInitParameters) DeepCopyInto(out *LoginDesignInitParameters) { + *out = *in + if in.BackgroundColor != nil { + in, out := &in.BackgroundColor, &out.BackgroundColor + *out = new(string) + **out = **in + } + if in.FooterText != nil { + in, out := &in.FooterText, &out.FooterText + *out = new(string) + **out = **in + } + if in.HeaderText != nil { + in, out := &in.HeaderText, &out.HeaderText + *out = new(string) + **out = **in + } + if in.LogoPath != nil { + in, out := &in.LogoPath, &out.LogoPath + *out = new(string) + **out = **in + } + if in.TextColor != nil { + in, out := &in.TextColor, &out.TextColor + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoginDesignInitParameters. +func (in *LoginDesignInitParameters) DeepCopy() *LoginDesignInitParameters { + if in == nil { + return nil + } + out := new(LoginDesignInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoginDesignObservation) DeepCopyInto(out *LoginDesignObservation) { + *out = *in + if in.BackgroundColor != nil { + in, out := &in.BackgroundColor, &out.BackgroundColor + *out = new(string) + **out = **in + } + if in.FooterText != nil { + in, out := &in.FooterText, &out.FooterText + *out = new(string) + **out = **in + } + if in.HeaderText != nil { + in, out := &in.HeaderText, &out.HeaderText + *out = new(string) + **out = **in + } + if in.LogoPath != nil { + in, out := &in.LogoPath, &out.LogoPath + *out = new(string) + **out = **in + } + if in.TextColor != nil { + in, out := &in.TextColor, &out.TextColor + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoginDesignObservation. +func (in *LoginDesignObservation) DeepCopy() *LoginDesignObservation { + if in == nil { + return nil + } + out := new(LoginDesignObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoginDesignParameters) DeepCopyInto(out *LoginDesignParameters) { + *out = *in + if in.BackgroundColor != nil { + in, out := &in.BackgroundColor, &out.BackgroundColor + *out = new(string) + **out = **in + } + if in.FooterText != nil { + in, out := &in.FooterText, &out.FooterText + *out = new(string) + **out = **in + } + if in.HeaderText != nil { + in, out := &in.HeaderText, &out.HeaderText + *out = new(string) + **out = **in + } + if in.LogoPath != nil { + in, out := &in.LogoPath, &out.LogoPath + *out = new(string) + **out = **in + } + if in.TextColor != nil { + in, out := &in.TextColor, &out.TextColor + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoginDesignParameters. +func (in *LoginDesignParameters) DeepCopy() *LoginDesignParameters { + if in == nil { + return nil + } + out := new(LoginDesignParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MutualTLSCertificate) DeepCopyInto(out *MutualTLSCertificate) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificate. +func (in *MutualTLSCertificate) DeepCopy() *MutualTLSCertificate { + if in == nil { + return nil + } + out := new(MutualTLSCertificate) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MutualTLSCertificate) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MutualTLSCertificateInitParameters) DeepCopyInto(out *MutualTLSCertificateInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.AssociatedHostnames != nil { + in, out := &in.AssociatedHostnames, &out.AssociatedHostnames + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificateInitParameters. +func (in *MutualTLSCertificateInitParameters) DeepCopy() *MutualTLSCertificateInitParameters { + if in == nil { + return nil + } + out := new(MutualTLSCertificateInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MutualTLSCertificateList) DeepCopyInto(out *MutualTLSCertificateList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]MutualTLSCertificate, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificateList. +func (in *MutualTLSCertificateList) DeepCopy() *MutualTLSCertificateList { + if in == nil { + return nil + } + out := new(MutualTLSCertificateList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MutualTLSCertificateList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MutualTLSCertificateObservation) DeepCopyInto(out *MutualTLSCertificateObservation) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AssociatedHostnames != nil { + in, out := &in.AssociatedHostnames, &out.AssociatedHostnames + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(string) + **out = **in + } + if in.Fingerprint != nil { + in, out := &in.Fingerprint, &out.Fingerprint + *out = new(string) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificateObservation. +func (in *MutualTLSCertificateObservation) DeepCopy() *MutualTLSCertificateObservation { + if in == nil { + return nil + } + out := new(MutualTLSCertificateObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MutualTLSCertificateParameters) DeepCopyInto(out *MutualTLSCertificateParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.AssociatedHostnames != nil { + in, out := &in.AssociatedHostnames, &out.AssociatedHostnames + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificateParameters. +func (in *MutualTLSCertificateParameters) DeepCopy() *MutualTLSCertificateParameters { + if in == nil { + return nil + } + out := new(MutualTLSCertificateParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MutualTLSCertificateSpec) DeepCopyInto(out *MutualTLSCertificateSpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificateSpec. +func (in *MutualTLSCertificateSpec) DeepCopy() *MutualTLSCertificateSpec { + if in == nil { + return nil + } + out := new(MutualTLSCertificateSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MutualTLSCertificateStatus) DeepCopyInto(out *MutualTLSCertificateStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificateStatus. +func (in *MutualTLSCertificateStatus) DeepCopy() *MutualTLSCertificateStatus { + if in == nil { + return nil + } + out := new(MutualTLSCertificateStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OktaInitParameters) DeepCopyInto(out *OktaInitParameters) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OktaInitParameters. +func (in *OktaInitParameters) DeepCopy() *OktaInitParameters { + if in == nil { + return nil + } + out := new(OktaInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OktaObservation) DeepCopyInto(out *OktaObservation) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OktaObservation. +func (in *OktaObservation) DeepCopy() *OktaObservation { + if in == nil { + return nil + } + out := new(OktaObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OktaParameters) DeepCopyInto(out *OktaParameters) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OktaParameters. +func (in *OktaParameters) DeepCopy() *OktaParameters { + if in == nil { + return nil + } + out := new(OktaParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Organization) DeepCopyInto(out *Organization) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Organization. +func (in *Organization) DeepCopy() *Organization { + if in == nil { + return nil + } + out := new(Organization) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Organization) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OrganizationInitParameters) DeepCopyInto(out *OrganizationInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.AuthDomain != nil { + in, out := &in.AuthDomain, &out.AuthDomain + *out = new(string) + **out = **in + } + if in.IsUIReadOnly != nil { + in, out := &in.IsUIReadOnly, &out.IsUIReadOnly + *out = new(bool) + **out = **in + } + if in.LoginDesign != nil { + in, out := &in.LoginDesign, &out.LoginDesign + *out = make([]LoginDesignInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationInitParameters. +func (in *OrganizationInitParameters) DeepCopy() *OrganizationInitParameters { + if in == nil { + return nil + } + out := new(OrganizationInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OrganizationList) DeepCopyInto(out *OrganizationList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Organization, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationList. +func (in *OrganizationList) DeepCopy() *OrganizationList { + if in == nil { + return nil + } + out := new(OrganizationList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OrganizationList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OrganizationObservation) DeepCopyInto(out *OrganizationObservation) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AuthDomain != nil { + in, out := &in.AuthDomain, &out.AuthDomain + *out = new(string) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.IsUIReadOnly != nil { + in, out := &in.IsUIReadOnly, &out.IsUIReadOnly + *out = new(bool) + **out = **in + } + if in.LoginDesign != nil { + in, out := &in.LoginDesign, &out.LoginDesign + *out = make([]LoginDesignObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationObservation. +func (in *OrganizationObservation) DeepCopy() *OrganizationObservation { + if in == nil { + return nil + } + out := new(OrganizationObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OrganizationParameters) DeepCopyInto(out *OrganizationParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.AuthDomain != nil { + in, out := &in.AuthDomain, &out.AuthDomain + *out = new(string) + **out = **in + } + if in.IsUIReadOnly != nil { + in, out := &in.IsUIReadOnly, &out.IsUIReadOnly + *out = new(bool) + **out = **in + } + if in.LoginDesign != nil { + in, out := &in.LoginDesign, &out.LoginDesign + *out = make([]LoginDesignParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) (*in).DeepCopyInto(*out) } - if in.Exclude != nil { - in, out := &in.Exclude, &out.Exclude - *out = make([]ExcludeParameters, len(*in)) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationParameters. +func (in *OrganizationParameters) DeepCopy() *OrganizationParameters { + if in == nil { + return nil + } + out := new(OrganizationParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OrganizationSpec) DeepCopyInto(out *OrganizationSpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationSpec. +func (in *OrganizationSpec) DeepCopy() *OrganizationSpec { + if in == nil { + return nil + } + out := new(OrganizationSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OrganizationStatus) DeepCopyInto(out *OrganizationStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationStatus. +func (in *OrganizationStatus) DeepCopy() *OrganizationStatus { + if in == nil { + return nil + } + out := new(OrganizationStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Policy) DeepCopyInto(out *Policy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy. +func (in *Policy) DeepCopy() *Policy { + if in == nil { + return nil + } + out := new(Policy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Policy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyExcludeInitParameters) DeepCopyInto(out *PolicyExcludeInitParameters) { + *out = *in + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) + **out = **in + } + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod + *out = new(string) + **out = **in + } + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]ExcludeAzureInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) + **out = **in + } + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) + **out = **in + } + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]ExcludeExternalEvaluationInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]ExcludeGithubInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]ExcludeGsuiteInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]ExcludeOktaInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]ExcludeSAMLInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyExcludeInitParameters. +func (in *PolicyExcludeInitParameters) DeepCopy() *PolicyExcludeInitParameters { + if in == nil { + return nil + } + out := new(PolicyExcludeInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyExcludeObservation) DeepCopyInto(out *PolicyExcludeObservation) { + *out = *in + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) + **out = **in + } + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod + *out = new(string) + **out = **in + } + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]ExcludeAzureObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) + **out = **in + } + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) + **out = **in + } + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]ExcludeExternalEvaluationObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.Include != nil { - in, out := &in.Include, &out.Include - *out = make([]IncludeParameters, len(*in)) + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]ExcludeGithubObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]ExcludeGsuiteObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]ExcludeOktaObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]ExcludeSAMLObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyExcludeObservation. +func (in *PolicyExcludeObservation) DeepCopy() *PolicyExcludeObservation { + if in == nil { + return nil + } + out := new(PolicyExcludeObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyExcludeParameters) DeepCopyInto(out *PolicyExcludeParameters) { + *out = *in + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) + **out = **in + } + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod + *out = new(string) + **out = **in + } + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]ExcludeAzureParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) + **out = **in + } + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) + **out = **in + } + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]ExcludeExternalEvaluationParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]ExcludeGithubParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]ExcludeGsuiteParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]ExcludeOktaParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.Name != nil { - in, out := &in.Name, &out.Name - *out = new(string) - **out = **in - } - if in.Require != nil { - in, out := &in.Require, &out.Require - *out = make([]RequireParameters, len(*in)) + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]ExcludeSAMLParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.ZoneID != nil { - in, out := &in.ZoneID, &out.ZoneID - *out = new(string) - **out = **in - } - if in.ZoneIDRef != nil { - in, out := &in.ZoneIDRef, &out.ZoneIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.ZoneIDSelector != nil { - in, out := &in.ZoneIDSelector, &out.ZoneIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupParameters. -func (in *GroupParameters) DeepCopy() *GroupParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyExcludeParameters. +func (in *PolicyExcludeParameters) DeepCopy() *PolicyExcludeParameters { if in == nil { return nil } - out := new(GroupParameters) + out := new(PolicyExcludeParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GroupSpec) DeepCopyInto(out *GroupSpec) { +func (in *PolicyIncludeAzureInitParameters) DeepCopyInto(out *PolicyIncludeAzureInitParameters) { *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSpec. -func (in *GroupSpec) DeepCopy() *GroupSpec { - if in == nil { - return nil + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in } - out := new(GroupSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GroupStatus) DeepCopyInto(out *GroupStatus) { - *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupStatus. -func (in *GroupStatus) DeepCopy() *GroupStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeAzureInitParameters. +func (in *PolicyIncludeAzureInitParameters) DeepCopy() *PolicyIncludeAzureInitParameters { if in == nil { return nil } - out := new(GroupStatus) + out := new(PolicyIncludeAzureInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GsuiteObservation) DeepCopyInto(out *GsuiteObservation) { +func (in *PolicyIncludeAzureObservation) DeepCopyInto(out *PolicyIncludeAzureObservation) { *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GsuiteObservation. -func (in *GsuiteObservation) DeepCopy() *GsuiteObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeAzureObservation. +func (in *PolicyIncludeAzureObservation) DeepCopy() *PolicyIncludeAzureObservation { if in == nil { return nil } - out := new(GsuiteObservation) + out := new(PolicyIncludeAzureObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GsuiteParameters) DeepCopyInto(out *GsuiteParameters) { +func (in *PolicyIncludeAzureParameters) DeepCopyInto(out *PolicyIncludeAzureParameters) { *out = *in - if in.Email != nil { - in, out := &in.Email, &out.Email + if in.ID != nil { + in, out := &in.ID, &out.ID *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1769,211 +6469,266 @@ func (in *GsuiteParameters) DeepCopyInto(out *GsuiteParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GsuiteParameters. -func (in *GsuiteParameters) DeepCopy() *GsuiteParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeAzureParameters. +func (in *PolicyIncludeAzureParameters) DeepCopy() *PolicyIncludeAzureParameters { if in == nil { return nil } - out := new(GsuiteParameters) + out := new(PolicyIncludeAzureParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IdentityProvider) DeepCopyInto(out *IdentityProvider) { +func (in *PolicyIncludeExternalEvaluationInitParameters) DeepCopyInto(out *PolicyIncludeExternalEvaluationInitParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProvider. -func (in *IdentityProvider) DeepCopy() *IdentityProvider { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeExternalEvaluationInitParameters. +func (in *PolicyIncludeExternalEvaluationInitParameters) DeepCopy() *PolicyIncludeExternalEvaluationInitParameters { if in == nil { return nil } - out := new(IdentityProvider) + out := new(PolicyIncludeExternalEvaluationInitParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *IdentityProvider) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IdentityProviderList) DeepCopyInto(out *IdentityProviderList) { +func (in *PolicyIncludeExternalEvaluationObservation) DeepCopyInto(out *PolicyIncludeExternalEvaluationObservation) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]IdentityProvider, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderList. -func (in *IdentityProviderList) DeepCopy() *IdentityProviderList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeExternalEvaluationObservation. +func (in *PolicyIncludeExternalEvaluationObservation) DeepCopy() *PolicyIncludeExternalEvaluationObservation { if in == nil { return nil } - out := new(IdentityProviderList) + out := new(PolicyIncludeExternalEvaluationObservation) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *IdentityProviderList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IdentityProviderObservation) DeepCopyInto(out *IdentityProviderObservation) { +func (in *PolicyIncludeExternalEvaluationParameters) DeepCopyInto(out *PolicyIncludeExternalEvaluationParameters) { *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL *out = new(string) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderObservation. -func (in *IdentityProviderObservation) DeepCopy() *IdentityProviderObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeExternalEvaluationParameters. +func (in *PolicyIncludeExternalEvaluationParameters) DeepCopy() *PolicyIncludeExternalEvaluationParameters { if in == nil { return nil } - out := new(IdentityProviderObservation) + out := new(PolicyIncludeExternalEvaluationParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IdentityProviderParameters) DeepCopyInto(out *IdentityProviderParameters) { +func (in *PolicyIncludeGithubInitParameters) DeepCopyInto(out *PolicyIncludeGithubInitParameters) { *out = *in - if in.AccountID != nil { - in, out := &in.AccountID, &out.AccountID + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID *out = new(string) **out = **in } - if in.AccountIDRef != nil { - in, out := &in.AccountIDRef, &out.AccountIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.AccountIDSelector != nil { - in, out := &in.AccountIDSelector, &out.AccountIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) - } - if in.Config != nil { - in, out := &in.Config, &out.Config - *out = make([]ConfigParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } if in.Name != nil { in, out := &in.Name, &out.Name *out = new(string) **out = **in } - if in.Type != nil { - in, out := &in.Type, &out.Type + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeGithubInitParameters. +func (in *PolicyIncludeGithubInitParameters) DeepCopy() *PolicyIncludeGithubInitParameters { + if in == nil { + return nil + } + out := new(PolicyIncludeGithubInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyIncludeGithubObservation) DeepCopyInto(out *PolicyIncludeGithubObservation) { + *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID *out = new(string) **out = **in } - if in.ZoneID != nil { - in, out := &in.ZoneID, &out.ZoneID + if in.Name != nil { + in, out := &in.Name, &out.Name *out = new(string) **out = **in } - if in.ZoneIDRef != nil { - in, out := &in.ZoneIDRef, &out.ZoneIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.ZoneIDSelector != nil { - in, out := &in.ZoneIDSelector, &out.ZoneIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderParameters. -func (in *IdentityProviderParameters) DeepCopy() *IdentityProviderParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeGithubObservation. +func (in *PolicyIncludeGithubObservation) DeepCopy() *PolicyIncludeGithubObservation { if in == nil { return nil } - out := new(IdentityProviderParameters) + out := new(PolicyIncludeGithubObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IdentityProviderSpec) DeepCopyInto(out *IdentityProviderSpec) { +func (in *PolicyIncludeGithubParameters) DeepCopyInto(out *PolicyIncludeGithubParameters) { *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderSpec. -func (in *IdentityProviderSpec) DeepCopy() *IdentityProviderSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeGithubParameters. +func (in *PolicyIncludeGithubParameters) DeepCopy() *PolicyIncludeGithubParameters { if in == nil { return nil } - out := new(IdentityProviderSpec) + out := new(PolicyIncludeGithubParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IdentityProviderStatus) DeepCopyInto(out *IdentityProviderStatus) { +func (in *PolicyIncludeGsuiteInitParameters) DeepCopyInto(out *PolicyIncludeGsuiteInitParameters) { *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderStatus. -func (in *IdentityProviderStatus) DeepCopy() *IdentityProviderStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeGsuiteInitParameters. +func (in *PolicyIncludeGsuiteInitParameters) DeepCopy() *PolicyIncludeGsuiteInitParameters { if in == nil { return nil } - out := new(IdentityProviderStatus) + out := new(PolicyIncludeGsuiteInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeAzureObservation) DeepCopyInto(out *IncludeAzureObservation) { +func (in *PolicyIncludeGsuiteObservation) DeepCopyInto(out *PolicyIncludeGsuiteObservation) { *out = *in + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeAzureObservation. -func (in *IncludeAzureObservation) DeepCopy() *IncludeAzureObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeGsuiteObservation. +func (in *PolicyIncludeGsuiteObservation) DeepCopy() *PolicyIncludeGsuiteObservation { if in == nil { return nil } - out := new(IncludeAzureObservation) + out := new(PolicyIncludeGsuiteObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeAzureParameters) DeepCopyInto(out *IncludeAzureParameters) { +func (in *PolicyIncludeGsuiteParameters) DeepCopyInto(out *PolicyIncludeGsuiteParameters) { *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID + if in.Email != nil { + in, out := &in.Email, &out.Email *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1990,86 +6745,218 @@ func (in *IncludeAzureParameters) DeepCopyInto(out *IncludeAzureParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeAzureParameters. -func (in *IncludeAzureParameters) DeepCopy() *IncludeAzureParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeGsuiteParameters. +func (in *PolicyIncludeGsuiteParameters) DeepCopy() *PolicyIncludeGsuiteParameters { if in == nil { return nil } - out := new(IncludeAzureParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeExternalEvaluationObservation) DeepCopyInto(out *IncludeExternalEvaluationObservation) { - *out = *in + out := new(PolicyIncludeGsuiteParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyIncludeInitParameters) DeepCopyInto(out *PolicyIncludeInitParameters) { + *out = *in + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) + **out = **in + } + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod + *out = new(string) + **out = **in + } + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]PolicyIncludeAzureInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) + **out = **in + } + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) + **out = **in + } + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]PolicyIncludeExternalEvaluationInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]PolicyIncludeGithubInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]PolicyIncludeGsuiteInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]PolicyIncludeOktaInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]PolicyIncludeSAMLInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeExternalEvaluationObservation. -func (in *IncludeExternalEvaluationObservation) DeepCopy() *IncludeExternalEvaluationObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeInitParameters. +func (in *PolicyIncludeInitParameters) DeepCopy() *PolicyIncludeInitParameters { if in == nil { return nil } - out := new(IncludeExternalEvaluationObservation) + out := new(PolicyIncludeInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeExternalEvaluationParameters) DeepCopyInto(out *IncludeExternalEvaluationParameters) { +func (in *PolicyIncludeObservation) DeepCopyInto(out *PolicyIncludeObservation) { *out = *in - if in.EvaluateURL != nil { - in, out := &in.EvaluateURL, &out.EvaluateURL - *out = new(string) + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) **out = **in } - if in.KeysURL != nil { - in, out := &in.KeysURL, &out.KeysURL + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeExternalEvaluationParameters. -func (in *IncludeExternalEvaluationParameters) DeepCopy() *IncludeExternalEvaluationParameters { - if in == nil { - return nil - } - out := new(IncludeExternalEvaluationParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeGithubObservation) DeepCopyInto(out *IncludeGithubObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeGithubObservation. -func (in *IncludeGithubObservation) DeepCopy() *IncludeGithubObservation { - if in == nil { - return nil + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]PolicyIncludeAzureObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - out := new(IncludeGithubObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeGithubParameters) DeepCopyInto(out *IncludeGithubParameters) { - *out = *in - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID - *out = new(string) + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) **out = **in } - if in.Name != nil { - in, out := &in.Name, &out.Name + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName *out = new(string) **out = **in } - if in.Teams != nil { - in, out := &in.Teams, &out.Teams + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -2079,36 +6966,6 @@ func (in *IncludeGithubParameters) DeepCopyInto(out *IncludeGithubParameters) { } } } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeGithubParameters. -func (in *IncludeGithubParameters) DeepCopy() *IncludeGithubParameters { - if in == nil { - return nil - } - out := new(IncludeGithubParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeGsuiteObservation) DeepCopyInto(out *IncludeGsuiteObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeGsuiteObservation. -func (in *IncludeGsuiteObservation) DeepCopy() *IncludeGsuiteObservation { - if in == nil { - return nil - } - out := new(IncludeGsuiteObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeGsuiteParameters) DeepCopyInto(out *IncludeGsuiteParameters) { - *out = *in if in.Email != nil { in, out := &in.Email, &out.Email *out = make([]*string, len(*in)) @@ -2120,55 +6977,188 @@ func (in *IncludeGsuiteParameters) DeepCopyInto(out *IncludeGsuiteParameters) { } } } - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID - *out = new(string) + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) **out = **in } + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]PolicyIncludeExternalEvaluationObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]PolicyIncludeGithubObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]PolicyIncludeGsuiteObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]PolicyIncludeOktaObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]PolicyIncludeSAMLObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeGsuiteParameters. -func (in *IncludeGsuiteParameters) DeepCopy() *IncludeGsuiteParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeObservation. +func (in *PolicyIncludeObservation) DeepCopy() *PolicyIncludeObservation { if in == nil { return nil } - out := new(IncludeGsuiteParameters) + out := new(PolicyIncludeObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeObservation) DeepCopyInto(out *IncludeObservation) { +func (in *PolicyIncludeOktaInitParameters) DeepCopyInto(out *PolicyIncludeOktaInitParameters) { *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeObservation. -func (in *IncludeObservation) DeepCopy() *IncludeObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeOktaInitParameters. +func (in *PolicyIncludeOktaInitParameters) DeepCopy() *PolicyIncludeOktaInitParameters { if in == nil { return nil } - out := new(IncludeObservation) + out := new(PolicyIncludeOktaInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeOktaObservation) DeepCopyInto(out *IncludeOktaObservation) { +func (in *PolicyIncludeOktaObservation) DeepCopyInto(out *PolicyIncludeOktaObservation) { *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeOktaObservation. -func (in *IncludeOktaObservation) DeepCopy() *IncludeOktaObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeOktaObservation. +func (in *PolicyIncludeOktaObservation) DeepCopy() *PolicyIncludeOktaObservation { if in == nil { return nil } - out := new(IncludeOktaObservation) + out := new(PolicyIncludeOktaObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeOktaParameters) DeepCopyInto(out *IncludeOktaParameters) { +func (in *PolicyIncludeOktaParameters) DeepCopyInto(out *PolicyIncludeOktaParameters) { *out = *in if in.IdentityProviderID != nil { in, out := &in.IdentityProviderID, &out.IdentityProviderID @@ -2188,18 +7178,18 @@ func (in *IncludeOktaParameters) DeepCopyInto(out *IncludeOktaParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeOktaParameters. -func (in *IncludeOktaParameters) DeepCopy() *IncludeOktaParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeOktaParameters. +func (in *PolicyIncludeOktaParameters) DeepCopy() *PolicyIncludeOktaParameters { if in == nil { return nil } - out := new(IncludeOktaParameters) + out := new(PolicyIncludeOktaParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeParameters) DeepCopyInto(out *IncludeParameters) { +func (in *PolicyIncludeParameters) DeepCopyInto(out *PolicyIncludeParameters) { *out = *in if in.AnyValidServiceToken != nil { in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken @@ -2213,7 +7203,7 @@ func (in *IncludeParameters) DeepCopyInto(out *IncludeParameters) { } if in.Azure != nil { in, out := &in.Azure, &out.Azure - *out = make([]IncludeAzureParameters, len(*in)) + *out = make([]PolicyIncludeAzureParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -2268,7 +7258,7 @@ func (in *IncludeParameters) DeepCopyInto(out *IncludeParameters) { } if in.ExternalEvaluation != nil { in, out := &in.ExternalEvaluation, &out.ExternalEvaluation - *out = make([]IncludeExternalEvaluationParameters, len(*in)) + *out = make([]PolicyIncludeExternalEvaluationParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -2286,7 +7276,7 @@ func (in *IncludeParameters) DeepCopyInto(out *IncludeParameters) { } if in.Github != nil { in, out := &in.Github, &out.Github - *out = make([]IncludeGithubParameters, len(*in)) + *out = make([]PolicyIncludeGithubParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -2304,7 +7294,7 @@ func (in *IncludeParameters) DeepCopyInto(out *IncludeParameters) { } if in.Gsuite != nil { in, out := &in.Gsuite, &out.Gsuite - *out = make([]IncludeGsuiteParameters, len(*in)) + *out = make([]PolicyIncludeGsuiteParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -2333,14 +7323,14 @@ func (in *IncludeParameters) DeepCopyInto(out *IncludeParameters) { } if in.Okta != nil { in, out := &in.Okta, &out.Okta - *out = make([]IncludeOktaParameters, len(*in)) + *out = make([]PolicyIncludeOktaParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } if in.SAML != nil { in, out := &in.SAML, &out.SAML - *out = make([]IncludeSAMLParameters, len(*in)) + *out = make([]PolicyIncludeSAMLParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -2358,33 +7348,48 @@ func (in *IncludeParameters) DeepCopyInto(out *IncludeParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeParameters. -func (in *IncludeParameters) DeepCopy() *IncludeParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeParameters. +func (in *PolicyIncludeParameters) DeepCopy() *PolicyIncludeParameters { if in == nil { return nil } - out := new(IncludeParameters) + out := new(PolicyIncludeParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeSAMLObservation) DeepCopyInto(out *IncludeSAMLObservation) { +func (in *PolicyIncludeSAMLInitParameters) DeepCopyInto(out *PolicyIncludeSAMLInitParameters) { *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeSAMLObservation. -func (in *IncludeSAMLObservation) DeepCopy() *IncludeSAMLObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeSAMLInitParameters. +func (in *PolicyIncludeSAMLInitParameters) DeepCopy() *PolicyIncludeSAMLInitParameters { if in == nil { return nil } - out := new(IncludeSAMLObservation) + out := new(PolicyIncludeSAMLInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IncludeSAMLParameters) DeepCopyInto(out *IncludeSAMLParameters) { +func (in *PolicyIncludeSAMLObservation) DeepCopyInto(out *PolicyIncludeSAMLObservation) { *out = *in if in.AttributeName != nil { in, out := &in.AttributeName, &out.AttributeName @@ -2403,37 +7408,190 @@ func (in *IncludeSAMLParameters) DeepCopyInto(out *IncludeSAMLParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeSAMLParameters. -func (in *IncludeSAMLParameters) DeepCopy() *IncludeSAMLParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeSAMLObservation. +func (in *PolicyIncludeSAMLObservation) DeepCopy() *PolicyIncludeSAMLObservation { if in == nil { return nil } - out := new(IncludeSAMLParameters) + out := new(PolicyIncludeSAMLObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KeysConfiguration) DeepCopyInto(out *KeysConfiguration) { +func (in *PolicyIncludeSAMLParameters) DeepCopyInto(out *PolicyIncludeSAMLParameters) { + *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeSAMLParameters. +func (in *PolicyIncludeSAMLParameters) DeepCopy() *PolicyIncludeSAMLParameters { + if in == nil { + return nil + } + out := new(PolicyIncludeSAMLParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyInitParameters) DeepCopyInto(out *PolicyInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.ApplicationID != nil { + in, out := &in.ApplicationID, &out.ApplicationID + *out = new(string) + **out = **in + } + if in.ApplicationIDRef != nil { + in, out := &in.ApplicationIDRef, &out.ApplicationIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ApplicationIDSelector != nil { + in, out := &in.ApplicationIDSelector, &out.ApplicationIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.ApprovalGroup != nil { + in, out := &in.ApprovalGroup, &out.ApprovalGroup + *out = make([]ApprovalGroupInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ApprovalRequired != nil { + in, out := &in.ApprovalRequired, &out.ApprovalRequired + *out = new(bool) + **out = **in + } + if in.Decision != nil { + in, out := &in.Decision, &out.Decision + *out = new(string) + **out = **in + } + if in.Exclude != nil { + in, out := &in.Exclude, &out.Exclude + *out = make([]PolicyExcludeInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]PolicyIncludeInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Precedence != nil { + in, out := &in.Precedence, &out.Precedence + *out = new(float64) + **out = **in + } + if in.PurposeJustificationPrompt != nil { + in, out := &in.PurposeJustificationPrompt, &out.PurposeJustificationPrompt + *out = new(string) + **out = **in + } + if in.PurposeJustificationRequired != nil { + in, out := &in.PurposeJustificationRequired, &out.PurposeJustificationRequired + *out = new(bool) + **out = **in + } + if in.Require != nil { + in, out := &in.Require, &out.Require + *out = make([]PolicyRequireInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyInitParameters. +func (in *PolicyInitParameters) DeepCopy() *PolicyInitParameters { + if in == nil { + return nil + } + out := new(PolicyInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyList) DeepCopyInto(out *PolicyList) { *out = *in out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Policy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfiguration. -func (in *KeysConfiguration) DeepCopy() *KeysConfiguration { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList. +func (in *PolicyList) DeepCopy() *PolicyList { if in == nil { return nil } - out := new(KeysConfiguration) + out := new(PolicyList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *KeysConfiguration) DeepCopyObject() runtime.Object { +func (in *PolicyList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -2441,59 +7599,100 @@ func (in *KeysConfiguration) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KeysConfigurationList) DeepCopyInto(out *KeysConfigurationList) { +func (in *PolicyObservation) DeepCopyInto(out *PolicyObservation) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]KeysConfiguration, len(*in)) + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.ApplicationID != nil { + in, out := &in.ApplicationID, &out.ApplicationID + *out = new(string) + **out = **in + } + if in.ApprovalGroup != nil { + in, out := &in.ApprovalGroup, &out.ApprovalGroup + *out = make([]ApprovalGroupObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ApprovalRequired != nil { + in, out := &in.ApprovalRequired, &out.ApprovalRequired + *out = new(bool) + **out = **in + } + if in.Decision != nil { + in, out := &in.Decision, &out.Decision + *out = new(string) + **out = **in + } + if in.Exclude != nil { + in, out := &in.Exclude, &out.Exclude + *out = make([]PolicyExcludeObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]PolicyIncludeObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfigurationList. -func (in *KeysConfigurationList) DeepCopy() *KeysConfigurationList { - if in == nil { - return nil + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in } - out := new(KeysConfigurationList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *KeysConfigurationList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c + if in.Precedence != nil { + in, out := &in.Precedence, &out.Precedence + *out = new(float64) + **out = **in } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KeysConfigurationObservation) DeepCopyInto(out *KeysConfigurationObservation) { - *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID + if in.PurposeJustificationPrompt != nil { + in, out := &in.PurposeJustificationPrompt, &out.PurposeJustificationPrompt + *out = new(string) + **out = **in + } + if in.PurposeJustificationRequired != nil { + in, out := &in.PurposeJustificationRequired, &out.PurposeJustificationRequired + *out = new(bool) + **out = **in + } + if in.Require != nil { + in, out := &in.Require, &out.Require + *out = make([]PolicyRequireObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID *out = new(string) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfigurationObservation. -func (in *KeysConfigurationObservation) DeepCopy() *KeysConfigurationObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyObservation. +func (in *PolicyObservation) DeepCopy() *PolicyObservation { if in == nil { return nil } - out := new(KeysConfigurationObservation) + out := new(PolicyObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KeysConfigurationParameters) DeepCopyInto(out *KeysConfigurationParameters) { +func (in *PolicyParameters) DeepCopyInto(out *PolicyParameters) { *out = *in if in.AccountID != nil { in, out := &in.AccountID, &out.AccountID @@ -2510,216 +7709,173 @@ func (in *KeysConfigurationParameters) DeepCopyInto(out *KeysConfigurationParame *out = new(v1.Selector) (*in).DeepCopyInto(*out) } - if in.KeyRotationIntervalDays != nil { - in, out := &in.KeyRotationIntervalDays, &out.KeyRotationIntervalDays - *out = new(float64) + if in.ApplicationID != nil { + in, out := &in.ApplicationID, &out.ApplicationID + *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfigurationParameters. -func (in *KeysConfigurationParameters) DeepCopy() *KeysConfigurationParameters { - if in == nil { - return nil + if in.ApplicationIDRef != nil { + in, out := &in.ApplicationIDRef, &out.ApplicationIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) } - out := new(KeysConfigurationParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KeysConfigurationSpec) DeepCopyInto(out *KeysConfigurationSpec) { - *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfigurationSpec. -func (in *KeysConfigurationSpec) DeepCopy() *KeysConfigurationSpec { - if in == nil { - return nil + if in.ApplicationIDSelector != nil { + in, out := &in.ApplicationIDSelector, &out.ApplicationIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) } - out := new(KeysConfigurationSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KeysConfigurationStatus) DeepCopyInto(out *KeysConfigurationStatus) { - *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysConfigurationStatus. -func (in *KeysConfigurationStatus) DeepCopy() *KeysConfigurationStatus { - if in == nil { - return nil + if in.ApprovalGroup != nil { + in, out := &in.ApprovalGroup, &out.ApprovalGroup + *out = make([]ApprovalGroupParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - out := new(KeysConfigurationStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LoginDesignObservation) DeepCopyInto(out *LoginDesignObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoginDesignObservation. -func (in *LoginDesignObservation) DeepCopy() *LoginDesignObservation { - if in == nil { - return nil + if in.ApprovalRequired != nil { + in, out := &in.ApprovalRequired, &out.ApprovalRequired + *out = new(bool) + **out = **in } - out := new(LoginDesignObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LoginDesignParameters) DeepCopyInto(out *LoginDesignParameters) { - *out = *in - if in.BackgroundColor != nil { - in, out := &in.BackgroundColor, &out.BackgroundColor + if in.Decision != nil { + in, out := &in.Decision, &out.Decision *out = new(string) **out = **in } - if in.FooterText != nil { - in, out := &in.FooterText, &out.FooterText + if in.Exclude != nil { + in, out := &in.Exclude, &out.Exclude + *out = make([]PolicyExcludeParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]PolicyIncludeParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name *out = new(string) **out = **in } - if in.HeaderText != nil { - in, out := &in.HeaderText, &out.HeaderText - *out = new(string) + if in.Precedence != nil { + in, out := &in.Precedence, &out.Precedence + *out = new(float64) **out = **in } - if in.LogoPath != nil { - in, out := &in.LogoPath, &out.LogoPath + if in.PurposeJustificationPrompt != nil { + in, out := &in.PurposeJustificationPrompt, &out.PurposeJustificationPrompt *out = new(string) **out = **in } - if in.TextColor != nil { - in, out := &in.TextColor, &out.TextColor + if in.PurposeJustificationRequired != nil { + in, out := &in.PurposeJustificationRequired, &out.PurposeJustificationRequired + *out = new(bool) + **out = **in + } + if in.Require != nil { + in, out := &in.Require, &out.Require + *out = make([]PolicyRequireParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoginDesignParameters. -func (in *LoginDesignParameters) DeepCopy() *LoginDesignParameters { - if in == nil { - return nil + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) } - out := new(LoginDesignParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MutualTLSCertificate) DeepCopyInto(out *MutualTLSCertificate) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificate. -func (in *MutualTLSCertificate) DeepCopy() *MutualTLSCertificate { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyParameters. +func (in *PolicyParameters) DeepCopy() *PolicyParameters { if in == nil { return nil } - out := new(MutualTLSCertificate) + out := new(PolicyParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *MutualTLSCertificate) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MutualTLSCertificateList) DeepCopyInto(out *MutualTLSCertificateList) { +func (in *PolicyRequireAzureInitParameters) DeepCopyInto(out *PolicyRequireAzureInitParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]MutualTLSCertificate, len(*in)) + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = make([]*string, len(*in)) for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } } } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificateList. -func (in *MutualTLSCertificateList) DeepCopy() *MutualTLSCertificateList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireAzureInitParameters. +func (in *PolicyRequireAzureInitParameters) DeepCopy() *PolicyRequireAzureInitParameters { if in == nil { return nil } - out := new(MutualTLSCertificateList) + out := new(PolicyRequireAzureInitParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *MutualTLSCertificateList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MutualTLSCertificateObservation) DeepCopyInto(out *MutualTLSCertificateObservation) { +func (in *PolicyRequireAzureObservation) DeepCopyInto(out *PolicyRequireAzureObservation) { *out = *in - if in.Fingerprint != nil { - in, out := &in.Fingerprint, &out.Fingerprint - *out = new(string) - **out = **in - } if in.ID != nil { in, out := &in.ID, &out.ID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID *out = new(string) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificateObservation. -func (in *MutualTLSCertificateObservation) DeepCopy() *MutualTLSCertificateObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireAzureObservation. +func (in *PolicyRequireAzureObservation) DeepCopy() *PolicyRequireAzureObservation { if in == nil { return nil } - out := new(MutualTLSCertificateObservation) + out := new(PolicyRequireAzureObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MutualTLSCertificateParameters) DeepCopyInto(out *MutualTLSCertificateParameters) { +func (in *PolicyRequireAzureParameters) DeepCopyInto(out *PolicyRequireAzureParameters) { *out = *in - if in.AccountID != nil { - in, out := &in.AccountID, &out.AccountID - *out = new(string) - **out = **in - } - if in.AccountIDRef != nil { - in, out := &in.AccountIDRef, &out.AccountIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.AccountIDSelector != nil { - in, out := &in.AccountIDSelector, &out.AccountIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) - } - if in.AssociatedHostnames != nil { - in, out := &in.AssociatedHostnames, &out.AssociatedHostnames + if in.ID != nil { + in, out := &in.ID, &out.ID *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -2729,94 +7885,100 @@ func (in *MutualTLSCertificateParameters) DeepCopyInto(out *MutualTLSCertificate } } } - if in.Certificate != nil { - in, out := &in.Certificate, &out.Certificate - *out = new(string) - **out = **in - } - if in.Name != nil { - in, out := &in.Name, &out.Name - *out = new(string) - **out = **in - } - if in.ZoneID != nil { - in, out := &in.ZoneID, &out.ZoneID + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID *out = new(string) **out = **in } - if in.ZoneIDRef != nil { - in, out := &in.ZoneIDRef, &out.ZoneIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.ZoneIDSelector != nil { - in, out := &in.ZoneIDSelector, &out.ZoneIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) - } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificateParameters. -func (in *MutualTLSCertificateParameters) DeepCopy() *MutualTLSCertificateParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireAzureParameters. +func (in *PolicyRequireAzureParameters) DeepCopy() *PolicyRequireAzureParameters { if in == nil { return nil } - out := new(MutualTLSCertificateParameters) + out := new(PolicyRequireAzureParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MutualTLSCertificateSpec) DeepCopyInto(out *MutualTLSCertificateSpec) { +func (in *PolicyRequireExternalEvaluationInitParameters) DeepCopyInto(out *PolicyRequireExternalEvaluationInitParameters) { *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificateSpec. -func (in *MutualTLSCertificateSpec) DeepCopy() *MutualTLSCertificateSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireExternalEvaluationInitParameters. +func (in *PolicyRequireExternalEvaluationInitParameters) DeepCopy() *PolicyRequireExternalEvaluationInitParameters { if in == nil { return nil } - out := new(MutualTLSCertificateSpec) + out := new(PolicyRequireExternalEvaluationInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MutualTLSCertificateStatus) DeepCopyInto(out *MutualTLSCertificateStatus) { +func (in *PolicyRequireExternalEvaluationObservation) DeepCopyInto(out *PolicyRequireExternalEvaluationObservation) { *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTLSCertificateStatus. -func (in *MutualTLSCertificateStatus) DeepCopy() *MutualTLSCertificateStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireExternalEvaluationObservation. +func (in *PolicyRequireExternalEvaluationObservation) DeepCopy() *PolicyRequireExternalEvaluationObservation { if in == nil { return nil } - out := new(MutualTLSCertificateStatus) + out := new(PolicyRequireExternalEvaluationObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OktaObservation) DeepCopyInto(out *OktaObservation) { +func (in *PolicyRequireExternalEvaluationParameters) DeepCopyInto(out *PolicyRequireExternalEvaluationParameters) { *out = *in + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OktaObservation. -func (in *OktaObservation) DeepCopy() *OktaObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireExternalEvaluationParameters. +func (in *PolicyRequireExternalEvaluationParameters) DeepCopy() *PolicyRequireExternalEvaluationParameters { if in == nil { return nil } - out := new(OktaObservation) + out := new(PolicyRequireExternalEvaluationParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OktaParameters) DeepCopyInto(out *OktaParameters) { +func (in *PolicyRequireGithubInitParameters) DeepCopyInto(out *PolicyRequireGithubInitParameters) { *out = *in if in.IdentityProviderID != nil { in, out := &in.IdentityProviderID, &out.IdentityProviderID @@ -2825,6 +7987,11 @@ func (in *OktaParameters) DeepCopyInto(out *OktaParameters) { } if in.Name != nil { in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Teams != nil { + in, out := &in.Teams, &out.Teams *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -2836,240 +8003,353 @@ func (in *OktaParameters) DeepCopyInto(out *OktaParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OktaParameters. -func (in *OktaParameters) DeepCopy() *OktaParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireGithubInitParameters. +func (in *PolicyRequireGithubInitParameters) DeepCopy() *PolicyRequireGithubInitParameters { if in == nil { return nil } - out := new(OktaParameters) + out := new(PolicyRequireGithubInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Organization) DeepCopyInto(out *Organization) { +func (in *PolicyRequireGithubObservation) DeepCopyInto(out *PolicyRequireGithubObservation) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Organization. -func (in *Organization) DeepCopy() *Organization { - if in == nil { - return nil + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in } - out := new(Organization) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Organization) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrganizationList) DeepCopyInto(out *OrganizationList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Organization, len(*in)) + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationList. -func (in *OrganizationList) DeepCopy() *OrganizationList { - if in == nil { - return nil - } - out := new(OrganizationList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OrganizationList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrganizationObservation) DeepCopyInto(out *OrganizationObservation) { - *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID - *out = new(string) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationObservation. -func (in *OrganizationObservation) DeepCopy() *OrganizationObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireGithubObservation. +func (in *PolicyRequireGithubObservation) DeepCopy() *PolicyRequireGithubObservation { if in == nil { return nil } - out := new(OrganizationObservation) + out := new(PolicyRequireGithubObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrganizationParameters) DeepCopyInto(out *OrganizationParameters) { +func (in *PolicyRequireGithubParameters) DeepCopyInto(out *PolicyRequireGithubParameters) { *out = *in - if in.AccountID != nil { - in, out := &in.AccountID, &out.AccountID - *out = new(string) - **out = **in - } - if in.AccountIDRef != nil { - in, out := &in.AccountIDRef, &out.AccountIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.AccountIDSelector != nil { - in, out := &in.AccountIDSelector, &out.AccountIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) - } - if in.AuthDomain != nil { - in, out := &in.AuthDomain, &out.AuthDomain + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID *out = new(string) **out = **in } - if in.IsUIReadOnly != nil { - in, out := &in.IsUIReadOnly, &out.IsUIReadOnly - *out = new(bool) - **out = **in - } - if in.LoginDesign != nil { - in, out := &in.LoginDesign, &out.LoginDesign - *out = make([]LoginDesignParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } if in.Name != nil { in, out := &in.Name, &out.Name *out = new(string) **out = **in } - if in.ZoneID != nil { - in, out := &in.ZoneID, &out.ZoneID - *out = new(string) - **out = **in - } - if in.ZoneIDRef != nil { - in, out := &in.ZoneIDRef, &out.ZoneIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.ZoneIDSelector != nil { - in, out := &in.ZoneIDSelector, &out.ZoneIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationParameters. -func (in *OrganizationParameters) DeepCopy() *OrganizationParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireGithubParameters. +func (in *PolicyRequireGithubParameters) DeepCopy() *PolicyRequireGithubParameters { if in == nil { return nil } - out := new(OrganizationParameters) + out := new(PolicyRequireGithubParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrganizationSpec) DeepCopyInto(out *OrganizationSpec) { +func (in *PolicyRequireGsuiteInitParameters) DeepCopyInto(out *PolicyRequireGsuiteInitParameters) { *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationSpec. -func (in *OrganizationSpec) DeepCopy() *OrganizationSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireGsuiteInitParameters. +func (in *PolicyRequireGsuiteInitParameters) DeepCopy() *PolicyRequireGsuiteInitParameters { if in == nil { return nil } - out := new(OrganizationSpec) + out := new(PolicyRequireGsuiteInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrganizationStatus) DeepCopyInto(out *OrganizationStatus) { +func (in *PolicyRequireGsuiteObservation) DeepCopyInto(out *PolicyRequireGsuiteObservation) { *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationStatus. -func (in *OrganizationStatus) DeepCopy() *OrganizationStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireGsuiteObservation. +func (in *PolicyRequireGsuiteObservation) DeepCopy() *PolicyRequireGsuiteObservation { if in == nil { return nil } - out := new(OrganizationStatus) + out := new(PolicyRequireGsuiteObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Policy) DeepCopyInto(out *Policy) { +func (in *PolicyRequireGsuiteParameters) DeepCopyInto(out *PolicyRequireGsuiteParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy. -func (in *Policy) DeepCopy() *Policy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireGsuiteParameters. +func (in *PolicyRequireGsuiteParameters) DeepCopy() *PolicyRequireGsuiteParameters { if in == nil { return nil } - out := new(Policy) + out := new(PolicyRequireGsuiteParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Policy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyRequireInitParameters) DeepCopyInto(out *PolicyRequireInitParameters) { + *out = *in + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) + **out = **in + } + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod + *out = new(string) + **out = **in + } + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]PolicyRequireAzureInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) + **out = **in + } + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) + **out = **in + } + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]PolicyRequireExternalEvaluationInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]PolicyRequireGithubInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]PolicyRequireGsuiteInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]PolicyRequireOktaInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]PolicyRequireSAMLInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyExcludeObservation) DeepCopyInto(out *PolicyExcludeObservation) { - *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyExcludeObservation. -func (in *PolicyExcludeObservation) DeepCopy() *PolicyExcludeObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireInitParameters. +func (in *PolicyRequireInitParameters) DeepCopy() *PolicyRequireInitParameters { if in == nil { return nil } - out := new(PolicyExcludeObservation) + out := new(PolicyRequireInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyExcludeParameters) DeepCopyInto(out *PolicyExcludeParameters) { +func (in *PolicyRequireObservation) DeepCopyInto(out *PolicyRequireObservation) { *out = *in if in.AnyValidServiceToken != nil { in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken @@ -3083,7 +8363,7 @@ func (in *PolicyExcludeParameters) DeepCopyInto(out *PolicyExcludeParameters) { } if in.Azure != nil { in, out := &in.Azure, &out.Azure - *out = make([]ExcludeAzureParameters, len(*in)) + *out = make([]PolicyRequireAzureObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -3138,7 +8418,7 @@ func (in *PolicyExcludeParameters) DeepCopyInto(out *PolicyExcludeParameters) { } if in.ExternalEvaluation != nil { in, out := &in.ExternalEvaluation, &out.ExternalEvaluation - *out = make([]ExcludeExternalEvaluationParameters, len(*in)) + *out = make([]PolicyRequireExternalEvaluationObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -3156,7 +8436,7 @@ func (in *PolicyExcludeParameters) DeepCopyInto(out *PolicyExcludeParameters) { } if in.Github != nil { in, out := &in.Github, &out.Github - *out = make([]ExcludeGithubParameters, len(*in)) + *out = make([]PolicyRequireGithubObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -3174,7 +8454,7 @@ func (in *PolicyExcludeParameters) DeepCopyInto(out *PolicyExcludeParameters) { } if in.Gsuite != nil { in, out := &in.Gsuite, &out.Gsuite - *out = make([]ExcludeGsuiteParameters, len(*in)) + *out = make([]PolicyRequireGsuiteObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -3203,14 +8483,14 @@ func (in *PolicyExcludeParameters) DeepCopyInto(out *PolicyExcludeParameters) { } if in.Okta != nil { in, out := &in.Okta, &out.Okta - *out = make([]ExcludeOktaParameters, len(*in)) + *out = make([]PolicyRequireOktaObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } if in.SAML != nil { in, out := &in.SAML, &out.SAML - *out = make([]ExcludeSAMLParameters, len(*in)) + *out = make([]PolicyRequireSAMLObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -3228,119 +8508,18 @@ func (in *PolicyExcludeParameters) DeepCopyInto(out *PolicyExcludeParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyExcludeParameters. -func (in *PolicyExcludeParameters) DeepCopy() *PolicyExcludeParameters { - if in == nil { - return nil - } - out := new(PolicyExcludeParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeAzureObservation) DeepCopyInto(out *PolicyIncludeAzureObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeAzureObservation. -func (in *PolicyIncludeAzureObservation) DeepCopy() *PolicyIncludeAzureObservation { - if in == nil { - return nil - } - out := new(PolicyIncludeAzureObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeAzureParameters) DeepCopyInto(out *PolicyIncludeAzureParameters) { - *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID - *out = make([]*string, len(*in)) - for i := range *in { - if (*in)[i] != nil { - in, out := &(*in)[i], &(*out)[i] - *out = new(string) - **out = **in - } - } - } - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID - *out = new(string) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeAzureParameters. -func (in *PolicyIncludeAzureParameters) DeepCopy() *PolicyIncludeAzureParameters { - if in == nil { - return nil - } - out := new(PolicyIncludeAzureParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeExternalEvaluationObservation) DeepCopyInto(out *PolicyIncludeExternalEvaluationObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeExternalEvaluationObservation. -func (in *PolicyIncludeExternalEvaluationObservation) DeepCopy() *PolicyIncludeExternalEvaluationObservation { - if in == nil { - return nil - } - out := new(PolicyIncludeExternalEvaluationObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeExternalEvaluationParameters) DeepCopyInto(out *PolicyIncludeExternalEvaluationParameters) { - *out = *in - if in.EvaluateURL != nil { - in, out := &in.EvaluateURL, &out.EvaluateURL - *out = new(string) - **out = **in - } - if in.KeysURL != nil { - in, out := &in.KeysURL, &out.KeysURL - *out = new(string) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeExternalEvaluationParameters. -func (in *PolicyIncludeExternalEvaluationParameters) DeepCopy() *PolicyIncludeExternalEvaluationParameters { - if in == nil { - return nil - } - out := new(PolicyIncludeExternalEvaluationParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeGithubObservation) DeepCopyInto(out *PolicyIncludeGithubObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeGithubObservation. -func (in *PolicyIncludeGithubObservation) DeepCopy() *PolicyIncludeGithubObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireObservation. +func (in *PolicyRequireObservation) DeepCopy() *PolicyRequireObservation { if in == nil { return nil } - out := new(PolicyIncludeGithubObservation) + out := new(PolicyRequireObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeGithubParameters) DeepCopyInto(out *PolicyIncludeGithubParameters) { +func (in *PolicyRequireOktaInitParameters) DeepCopyInto(out *PolicyRequireOktaInitParameters) { *out = *in if in.IdentityProviderID != nil { in, out := &in.IdentityProviderID, &out.IdentityProviderID @@ -3349,11 +8528,6 @@ func (in *PolicyIncludeGithubParameters) DeepCopyInto(out *PolicyIncludeGithubPa } if in.Name != nil { in, out := &in.Name, &out.Name - *out = new(string) - **out = **in - } - if in.Teams != nil { - in, out := &in.Teams, &out.Teams *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -3365,36 +8539,26 @@ func (in *PolicyIncludeGithubParameters) DeepCopyInto(out *PolicyIncludeGithubPa } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeGithubParameters. -func (in *PolicyIncludeGithubParameters) DeepCopy() *PolicyIncludeGithubParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireOktaInitParameters. +func (in *PolicyRequireOktaInitParameters) DeepCopy() *PolicyRequireOktaInitParameters { if in == nil { return nil } - out := new(PolicyIncludeGithubParameters) + out := new(PolicyRequireOktaInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeGsuiteObservation) DeepCopyInto(out *PolicyIncludeGsuiteObservation) { +func (in *PolicyRequireOktaObservation) DeepCopyInto(out *PolicyRequireOktaObservation) { *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeGsuiteObservation. -func (in *PolicyIncludeGsuiteObservation) DeepCopy() *PolicyIncludeGsuiteObservation { - if in == nil { - return nil + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in } - out := new(PolicyIncludeGsuiteObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeGsuiteParameters) DeepCopyInto(out *PolicyIncludeGsuiteParameters) { - *out = *in - if in.Email != nil { - in, out := &in.Email, &out.Email + if in.Name != nil { + in, out := &in.Name, &out.Name *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -3404,55 +8568,20 @@ func (in *PolicyIncludeGsuiteParameters) DeepCopyInto(out *PolicyIncludeGsuitePa } } } - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID - *out = new(string) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeGsuiteParameters. -func (in *PolicyIncludeGsuiteParameters) DeepCopy() *PolicyIncludeGsuiteParameters { - if in == nil { - return nil - } - out := new(PolicyIncludeGsuiteParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeObservation) DeepCopyInto(out *PolicyIncludeObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeObservation. -func (in *PolicyIncludeObservation) DeepCopy() *PolicyIncludeObservation { - if in == nil { - return nil - } - out := new(PolicyIncludeObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeOktaObservation) DeepCopyInto(out *PolicyIncludeOktaObservation) { - *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeOktaObservation. -func (in *PolicyIncludeOktaObservation) DeepCopy() *PolicyIncludeOktaObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireOktaObservation. +func (in *PolicyRequireOktaObservation) DeepCopy() *PolicyRequireOktaObservation { if in == nil { return nil } - out := new(PolicyIncludeOktaObservation) + out := new(PolicyRequireOktaObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeOktaParameters) DeepCopyInto(out *PolicyIncludeOktaParameters) { +func (in *PolicyRequireOktaParameters) DeepCopyInto(out *PolicyRequireOktaParameters) { *out = *in if in.IdentityProviderID != nil { in, out := &in.IdentityProviderID, &out.IdentityProviderID @@ -3472,18 +8601,18 @@ func (in *PolicyIncludeOktaParameters) DeepCopyInto(out *PolicyIncludeOktaParame } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeOktaParameters. -func (in *PolicyIncludeOktaParameters) DeepCopy() *PolicyIncludeOktaParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireOktaParameters. +func (in *PolicyRequireOktaParameters) DeepCopy() *PolicyRequireOktaParameters { if in == nil { return nil } - out := new(PolicyIncludeOktaParameters) + out := new(PolicyRequireOktaParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeParameters) DeepCopyInto(out *PolicyIncludeParameters) { +func (in *PolicyRequireParameters) DeepCopyInto(out *PolicyRequireParameters) { *out = *in if in.AnyValidServiceToken != nil { in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken @@ -3497,7 +8626,7 @@ func (in *PolicyIncludeParameters) DeepCopyInto(out *PolicyIncludeParameters) { } if in.Azure != nil { in, out := &in.Azure, &out.Azure - *out = make([]PolicyIncludeAzureParameters, len(*in)) + *out = make([]PolicyRequireAzureParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -3552,7 +8681,7 @@ func (in *PolicyIncludeParameters) DeepCopyInto(out *PolicyIncludeParameters) { } if in.ExternalEvaluation != nil { in, out := &in.ExternalEvaluation, &out.ExternalEvaluation - *out = make([]PolicyIncludeExternalEvaluationParameters, len(*in)) + *out = make([]PolicyRequireExternalEvaluationParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -3570,7 +8699,7 @@ func (in *PolicyIncludeParameters) DeepCopyInto(out *PolicyIncludeParameters) { } if in.Github != nil { in, out := &in.Github, &out.Github - *out = make([]PolicyIncludeGithubParameters, len(*in)) + *out = make([]PolicyRequireGithubParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -3588,7 +8717,7 @@ func (in *PolicyIncludeParameters) DeepCopyInto(out *PolicyIncludeParameters) { } if in.Gsuite != nil { in, out := &in.Gsuite, &out.Gsuite - *out = make([]PolicyIncludeGsuiteParameters, len(*in)) + *out = make([]PolicyRequireGsuiteParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -3617,14 +8746,14 @@ func (in *PolicyIncludeParameters) DeepCopyInto(out *PolicyIncludeParameters) { } if in.Okta != nil { in, out := &in.Okta, &out.Okta - *out = make([]PolicyIncludeOktaParameters, len(*in)) + *out = make([]PolicyRequireOktaParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } if in.SAML != nil { in, out := &in.SAML, &out.SAML - *out = make([]PolicyIncludeSAMLParameters, len(*in)) + *out = make([]PolicyRequireSAMLParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -3642,33 +8771,78 @@ func (in *PolicyIncludeParameters) DeepCopyInto(out *PolicyIncludeParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeParameters. -func (in *PolicyIncludeParameters) DeepCopy() *PolicyIncludeParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireParameters. +func (in *PolicyRequireParameters) DeepCopy() *PolicyRequireParameters { + if in == nil { + return nil + } + out := new(PolicyRequireParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyRequireSAMLInitParameters) DeepCopyInto(out *PolicyRequireSAMLInitParameters) { + *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireSAMLInitParameters. +func (in *PolicyRequireSAMLInitParameters) DeepCopy() *PolicyRequireSAMLInitParameters { if in == nil { return nil } - out := new(PolicyIncludeParameters) + out := new(PolicyRequireSAMLInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeSAMLObservation) DeepCopyInto(out *PolicyIncludeSAMLObservation) { +func (in *PolicyRequireSAMLObservation) DeepCopyInto(out *PolicyRequireSAMLObservation) { *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeSAMLObservation. -func (in *PolicyIncludeSAMLObservation) DeepCopy() *PolicyIncludeSAMLObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireSAMLObservation. +func (in *PolicyRequireSAMLObservation) DeepCopy() *PolicyRequireSAMLObservation { if in == nil { return nil } - out := new(PolicyIncludeSAMLObservation) + out := new(PolicyRequireSAMLObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIncludeSAMLParameters) DeepCopyInto(out *PolicyIncludeSAMLParameters) { +func (in *PolicyRequireSAMLParameters) DeepCopyInto(out *PolicyRequireSAMLParameters) { *out = *in if in.AttributeName != nil { in, out := &in.AttributeName, &out.AttributeName @@ -3687,203 +8861,115 @@ func (in *PolicyIncludeSAMLParameters) DeepCopyInto(out *PolicyIncludeSAMLParame } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIncludeSAMLParameters. -func (in *PolicyIncludeSAMLParameters) DeepCopy() *PolicyIncludeSAMLParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireSAMLParameters. +func (in *PolicyRequireSAMLParameters) DeepCopy() *PolicyRequireSAMLParameters { if in == nil { return nil } - out := new(PolicyIncludeSAMLParameters) + out := new(PolicyRequireSAMLParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyList) DeepCopyInto(out *PolicyList) { +func (in *PolicySpec) DeepCopyInto(out *PolicySpec) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Policy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList. -func (in *PolicyList) DeepCopy() *PolicyList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec. +func (in *PolicySpec) DeepCopy() *PolicySpec { if in == nil { return nil } - out := new(PolicyList) + out := new(PolicySpec) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PolicyList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyObservation) DeepCopyInto(out *PolicyObservation) { +func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus) { *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID - *out = new(string) - **out = **in - } + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyObservation. -func (in *PolicyObservation) DeepCopy() *PolicyObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatus. +func (in *PolicyStatus) DeepCopy() *PolicyStatus { if in == nil { return nil } - out := new(PolicyObservation) + out := new(PolicyStatus) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyParameters) DeepCopyInto(out *PolicyParameters) { +func (in *RequireAzureInitParameters) DeepCopyInto(out *RequireAzureInitParameters) { *out = *in - if in.AccountID != nil { - in, out := &in.AccountID, &out.AccountID - *out = new(string) - **out = **in - } - if in.AccountIDRef != nil { - in, out := &in.AccountIDRef, &out.AccountIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.AccountIDSelector != nil { - in, out := &in.AccountIDSelector, &out.AccountIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) - } - if in.ApplicationID != nil { - in, out := &in.ApplicationID, &out.ApplicationID - *out = new(string) - **out = **in - } - if in.ApplicationIDRef != nil { - in, out := &in.ApplicationIDRef, &out.ApplicationIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.ApplicationIDSelector != nil { - in, out := &in.ApplicationIDSelector, &out.ApplicationIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) - } - if in.ApprovalGroup != nil { - in, out := &in.ApprovalGroup, &out.ApprovalGroup - *out = make([]ApprovalGroupParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.ApprovalRequired != nil { - in, out := &in.ApprovalRequired, &out.ApprovalRequired - *out = new(bool) - **out = **in - } - if in.Decision != nil { - in, out := &in.Decision, &out.Decision - *out = new(string) - **out = **in - } - if in.Exclude != nil { - in, out := &in.Exclude, &out.Exclude - *out = make([]PolicyExcludeParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Include != nil { - in, out := &in.Include, &out.Include - *out = make([]PolicyIncludeParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Name != nil { - in, out := &in.Name, &out.Name - *out = new(string) - **out = **in - } - if in.Precedence != nil { - in, out := &in.Precedence, &out.Precedence - *out = new(float64) - **out = **in - } - if in.PurposeJustificationPrompt != nil { - in, out := &in.PurposeJustificationPrompt, &out.PurposeJustificationPrompt - *out = new(string) - **out = **in - } - if in.PurposeJustificationRequired != nil { - in, out := &in.PurposeJustificationRequired, &out.PurposeJustificationRequired - *out = new(bool) - **out = **in - } - if in.Require != nil { - in, out := &in.Require, &out.Require - *out = make([]PolicyRequireParameters, len(*in)) + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = make([]*string, len(*in)) for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } } } - if in.ZoneID != nil { - in, out := &in.ZoneID, &out.ZoneID + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID *out = new(string) **out = **in } - if in.ZoneIDRef != nil { - in, out := &in.ZoneIDRef, &out.ZoneIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.ZoneIDSelector != nil { - in, out := &in.ZoneIDSelector, &out.ZoneIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) - } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyParameters. -func (in *PolicyParameters) DeepCopy() *PolicyParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireAzureInitParameters. +func (in *RequireAzureInitParameters) DeepCopy() *RequireAzureInitParameters { if in == nil { return nil } - out := new(PolicyParameters) + out := new(RequireAzureInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireAzureObservation) DeepCopyInto(out *PolicyRequireAzureObservation) { +func (in *RequireAzureObservation) DeepCopyInto(out *RequireAzureObservation) { *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireAzureObservation. -func (in *PolicyRequireAzureObservation) DeepCopy() *PolicyRequireAzureObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireAzureObservation. +func (in *RequireAzureObservation) DeepCopy() *RequireAzureObservation { if in == nil { return nil } - out := new(PolicyRequireAzureObservation) + out := new(RequireAzureObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireAzureParameters) DeepCopyInto(out *PolicyRequireAzureParameters) { +func (in *RequireAzureParameters) DeepCopyInto(out *RequireAzureParameters) { *out = *in if in.ID != nil { in, out := &in.ID, &out.ID @@ -3903,33 +8989,68 @@ func (in *PolicyRequireAzureParameters) DeepCopyInto(out *PolicyRequireAzurePara } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireAzureParameters. -func (in *PolicyRequireAzureParameters) DeepCopy() *PolicyRequireAzureParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireAzureParameters. +func (in *RequireAzureParameters) DeepCopy() *RequireAzureParameters { if in == nil { return nil } - out := new(PolicyRequireAzureParameters) + out := new(RequireAzureParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireExternalEvaluationObservation) DeepCopyInto(out *PolicyRequireExternalEvaluationObservation) { +func (in *RequireExternalEvaluationInitParameters) DeepCopyInto(out *RequireExternalEvaluationInitParameters) { *out = *in + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireExternalEvaluationInitParameters. +func (in *RequireExternalEvaluationInitParameters) DeepCopy() *RequireExternalEvaluationInitParameters { + if in == nil { + return nil + } + out := new(RequireExternalEvaluationInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RequireExternalEvaluationObservation) DeepCopyInto(out *RequireExternalEvaluationObservation) { + *out = *in + if in.EvaluateURL != nil { + in, out := &in.EvaluateURL, &out.EvaluateURL + *out = new(string) + **out = **in + } + if in.KeysURL != nil { + in, out := &in.KeysURL, &out.KeysURL + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireExternalEvaluationObservation. -func (in *PolicyRequireExternalEvaluationObservation) DeepCopy() *PolicyRequireExternalEvaluationObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireExternalEvaluationObservation. +func (in *RequireExternalEvaluationObservation) DeepCopy() *RequireExternalEvaluationObservation { if in == nil { return nil } - out := new(PolicyRequireExternalEvaluationObservation) + out := new(RequireExternalEvaluationObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireExternalEvaluationParameters) DeepCopyInto(out *PolicyRequireExternalEvaluationParameters) { +func (in *RequireExternalEvaluationParameters) DeepCopyInto(out *RequireExternalEvaluationParameters) { *out = *in if in.EvaluateURL != nil { in, out := &in.EvaluateURL, &out.EvaluateURL @@ -3943,33 +9064,54 @@ func (in *PolicyRequireExternalEvaluationParameters) DeepCopyInto(out *PolicyReq } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireExternalEvaluationParameters. -func (in *PolicyRequireExternalEvaluationParameters) DeepCopy() *PolicyRequireExternalEvaluationParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireExternalEvaluationParameters. +func (in *RequireExternalEvaluationParameters) DeepCopy() *RequireExternalEvaluationParameters { if in == nil { return nil } - out := new(PolicyRequireExternalEvaluationParameters) + out := new(RequireExternalEvaluationParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireGithubObservation) DeepCopyInto(out *PolicyRequireGithubObservation) { +func (in *RequireGithubInitParameters) DeepCopyInto(out *RequireGithubInitParameters) { *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireGithubObservation. -func (in *PolicyRequireGithubObservation) DeepCopy() *PolicyRequireGithubObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireGithubInitParameters. +func (in *RequireGithubInitParameters) DeepCopy() *RequireGithubInitParameters { if in == nil { return nil } - out := new(PolicyRequireGithubObservation) + out := new(RequireGithubInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireGithubParameters) DeepCopyInto(out *PolicyRequireGithubParameters) { +func (in *RequireGithubObservation) DeepCopyInto(out *RequireGithubObservation) { *out = *in if in.IdentityProviderID != nil { in, out := &in.IdentityProviderID, &out.IdentityProviderID @@ -3994,33 +9136,54 @@ func (in *PolicyRequireGithubParameters) DeepCopyInto(out *PolicyRequireGithubPa } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireGithubParameters. -func (in *PolicyRequireGithubParameters) DeepCopy() *PolicyRequireGithubParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireGithubObservation. +func (in *RequireGithubObservation) DeepCopy() *RequireGithubObservation { if in == nil { return nil } - out := new(PolicyRequireGithubParameters) + out := new(RequireGithubObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireGsuiteObservation) DeepCopyInto(out *PolicyRequireGsuiteObservation) { +func (in *RequireGithubParameters) DeepCopyInto(out *RequireGithubParameters) { *out = *in + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Teams != nil { + in, out := &in.Teams, &out.Teams + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireGsuiteObservation. -func (in *PolicyRequireGsuiteObservation) DeepCopy() *PolicyRequireGsuiteObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireGithubParameters. +func (in *RequireGithubParameters) DeepCopy() *RequireGithubParameters { if in == nil { return nil } - out := new(PolicyRequireGsuiteObservation) + out := new(RequireGithubParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireGsuiteParameters) DeepCopyInto(out *PolicyRequireGsuiteParameters) { +func (in *RequireGsuiteInitParameters) DeepCopyInto(out *RequireGsuiteInitParameters) { *out = *in if in.Email != nil { in, out := &in.Email, &out.Email @@ -4040,56 +9203,52 @@ func (in *PolicyRequireGsuiteParameters) DeepCopyInto(out *PolicyRequireGsuitePa } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireGsuiteParameters. -func (in *PolicyRequireGsuiteParameters) DeepCopy() *PolicyRequireGsuiteParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireGsuiteInitParameters. +func (in *RequireGsuiteInitParameters) DeepCopy() *RequireGsuiteInitParameters { if in == nil { return nil } - out := new(PolicyRequireGsuiteParameters) + out := new(RequireGsuiteInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireObservation) DeepCopyInto(out *PolicyRequireObservation) { +func (in *RequireGsuiteObservation) DeepCopyInto(out *RequireGsuiteObservation) { *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireObservation. -func (in *PolicyRequireObservation) DeepCopy() *PolicyRequireObservation { - if in == nil { - return nil + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in } - out := new(PolicyRequireObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireOktaObservation) DeepCopyInto(out *PolicyRequireOktaObservation) { - *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireOktaObservation. -func (in *PolicyRequireOktaObservation) DeepCopy() *PolicyRequireOktaObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireGsuiteObservation. +func (in *RequireGsuiteObservation) DeepCopy() *RequireGsuiteObservation { if in == nil { return nil } - out := new(PolicyRequireOktaObservation) + out := new(RequireGsuiteObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireOktaParameters) DeepCopyInto(out *PolicyRequireOktaParameters) { +func (in *RequireGsuiteParameters) DeepCopyInto(out *RequireGsuiteParameters) { *out = *in - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID - *out = new(string) - **out = **in - } - if in.Name != nil { - in, out := &in.Name, &out.Name + if in.Email != nil { + in, out := &in.Email, &out.Email *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -4099,20 +9258,25 @@ func (in *PolicyRequireOktaParameters) DeepCopyInto(out *PolicyRequireOktaParame } } } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireOktaParameters. -func (in *PolicyRequireOktaParameters) DeepCopy() *PolicyRequireOktaParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireGsuiteParameters. +func (in *RequireGsuiteParameters) DeepCopy() *RequireGsuiteParameters { if in == nil { return nil } - out := new(PolicyRequireOktaParameters) + out := new(RequireGsuiteParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireParameters) DeepCopyInto(out *PolicyRequireParameters) { +func (in *RequireInitParameters) DeepCopyInto(out *RequireInitParameters) { *out = *in if in.AnyValidServiceToken != nil { in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken @@ -4126,7 +9290,7 @@ func (in *PolicyRequireParameters) DeepCopyInto(out *PolicyRequireParameters) { } if in.Azure != nil { in, out := &in.Azure, &out.Azure - *out = make([]PolicyRequireAzureParameters, len(*in)) + *out = make([]RequireAzureInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -4181,7 +9345,7 @@ func (in *PolicyRequireParameters) DeepCopyInto(out *PolicyRequireParameters) { } if in.ExternalEvaluation != nil { in, out := &in.ExternalEvaluation, &out.ExternalEvaluation - *out = make([]PolicyRequireExternalEvaluationParameters, len(*in)) + *out = make([]RequireExternalEvaluationInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -4199,7 +9363,7 @@ func (in *PolicyRequireParameters) DeepCopyInto(out *PolicyRequireParameters) { } if in.Github != nil { in, out := &in.Github, &out.Github - *out = make([]PolicyRequireGithubParameters, len(*in)) + *out = make([]RequireGithubInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -4217,7 +9381,7 @@ func (in *PolicyRequireParameters) DeepCopyInto(out *PolicyRequireParameters) { } if in.Gsuite != nil { in, out := &in.Gsuite, &out.Gsuite - *out = make([]PolicyRequireGsuiteParameters, len(*in)) + *out = make([]RequireGsuiteInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -4246,14 +9410,14 @@ func (in *PolicyRequireParameters) DeepCopyInto(out *PolicyRequireParameters) { } if in.Okta != nil { in, out := &in.Okta, &out.Okta - *out = make([]PolicyRequireOktaParameters, len(*in)) + *out = make([]RequireOktaInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } if in.SAML != nil { in, out := &in.SAML, &out.SAML - *out = make([]PolicyRequireSAMLParameters, len(*in)) + *out = make([]RequireSAMLInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -4271,115 +9435,70 @@ func (in *PolicyRequireParameters) DeepCopyInto(out *PolicyRequireParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireParameters. -func (in *PolicyRequireParameters) DeepCopy() *PolicyRequireParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireInitParameters. +func (in *RequireInitParameters) DeepCopy() *RequireInitParameters { if in == nil { return nil } - out := new(PolicyRequireParameters) + out := new(RequireInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireSAMLObservation) DeepCopyInto(out *PolicyRequireSAMLObservation) { +func (in *RequireObservation) DeepCopyInto(out *RequireObservation) { *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireSAMLObservation. -func (in *PolicyRequireSAMLObservation) DeepCopy() *PolicyRequireSAMLObservation { - if in == nil { - return nil + if in.AnyValidServiceToken != nil { + in, out := &in.AnyValidServiceToken, &out.AnyValidServiceToken + *out = new(bool) + **out = **in } - out := new(PolicyRequireSAMLObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRequireSAMLParameters) DeepCopyInto(out *PolicyRequireSAMLParameters) { - *out = *in - if in.AttributeName != nil { - in, out := &in.AttributeName, &out.AttributeName + if in.AuthMethod != nil { + in, out := &in.AuthMethod, &out.AuthMethod *out = new(string) **out = **in } - if in.AttributeValue != nil { - in, out := &in.AttributeValue, &out.AttributeValue - *out = new(string) + if in.Azure != nil { + in, out := &in.Azure, &out.Azure + *out = make([]RequireAzureObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(bool) **out = **in } - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID + if in.CommonName != nil { + in, out := &in.CommonName, &out.CommonName *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRequireSAMLParameters. -func (in *PolicyRequireSAMLParameters) DeepCopy() *PolicyRequireSAMLParameters { - if in == nil { - return nil - } - out := new(PolicyRequireSAMLParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicySpec) DeepCopyInto(out *PolicySpec) { - *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec. -func (in *PolicySpec) DeepCopy() *PolicySpec { - if in == nil { - return nil - } - out := new(PolicySpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus) { - *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatus. -func (in *PolicyStatus) DeepCopy() *PolicyStatus { - if in == nil { - return nil + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } - out := new(PolicyStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequireAzureObservation) DeepCopyInto(out *RequireAzureObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireAzureObservation. -func (in *RequireAzureObservation) DeepCopy() *RequireAzureObservation { - if in == nil { - return nil + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } - out := new(RequireAzureObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequireAzureParameters) DeepCopyInto(out *RequireAzureParameters) { - *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID + if in.EmailDomain != nil { + in, out := &in.EmailDomain, &out.EmailDomain *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -4389,80 +9508,115 @@ func (in *RequireAzureParameters) DeepCopyInto(out *RequireAzureParameters) { } } } - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID - *out = new(string) + if in.Everyone != nil { + in, out := &in.Everyone, &out.Everyone + *out = new(bool) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireAzureParameters. -func (in *RequireAzureParameters) DeepCopy() *RequireAzureParameters { - if in == nil { - return nil + if in.ExternalEvaluation != nil { + in, out := &in.ExternalEvaluation, &out.ExternalEvaluation + *out = make([]RequireExternalEvaluationObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - out := new(RequireAzureParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequireExternalEvaluationObservation) DeepCopyInto(out *RequireExternalEvaluationObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireExternalEvaluationObservation. -func (in *RequireExternalEvaluationObservation) DeepCopy() *RequireExternalEvaluationObservation { - if in == nil { - return nil + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } - out := new(RequireExternalEvaluationObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequireExternalEvaluationParameters) DeepCopyInto(out *RequireExternalEvaluationParameters) { - *out = *in - if in.EvaluateURL != nil { - in, out := &in.EvaluateURL, &out.EvaluateURL - *out = new(string) - **out = **in + if in.Github != nil { + in, out := &in.Github, &out.Github + *out = make([]RequireGithubObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - if in.KeysURL != nil { - in, out := &in.KeysURL, &out.KeysURL - *out = new(string) - **out = **in + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireExternalEvaluationParameters. -func (in *RequireExternalEvaluationParameters) DeepCopy() *RequireExternalEvaluationParameters { - if in == nil { - return nil + if in.Gsuite != nil { + in, out := &in.Gsuite, &out.Gsuite + *out = make([]RequireGsuiteObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LoginMethod != nil { + in, out := &in.LoginMethod, &out.LoginMethod + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Okta != nil { + in, out := &in.Okta, &out.Okta + *out = make([]RequireOktaObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SAML != nil { + in, out := &in.SAML, &out.SAML + *out = make([]RequireSAMLObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceToken != nil { + in, out := &in.ServiceToken, &out.ServiceToken + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } - out := new(RequireExternalEvaluationParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequireGithubObservation) DeepCopyInto(out *RequireGithubObservation) { - *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireGithubObservation. -func (in *RequireGithubObservation) DeepCopy() *RequireGithubObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireObservation. +func (in *RequireObservation) DeepCopy() *RequireObservation { if in == nil { return nil } - out := new(RequireGithubObservation) + out := new(RequireObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequireGithubParameters) DeepCopyInto(out *RequireGithubParameters) { +func (in *RequireOktaInitParameters) DeepCopyInto(out *RequireOktaInitParameters) { *out = *in if in.IdentityProviderID != nil { in, out := &in.IdentityProviderID, &out.IdentityProviderID @@ -4471,11 +9625,6 @@ func (in *RequireGithubParameters) DeepCopyInto(out *RequireGithubParameters) { } if in.Name != nil { in, out := &in.Name, &out.Name - *out = new(string) - **out = **in - } - if in.Teams != nil { - in, out := &in.Teams, &out.Teams *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -4487,36 +9636,26 @@ func (in *RequireGithubParameters) DeepCopyInto(out *RequireGithubParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireGithubParameters. -func (in *RequireGithubParameters) DeepCopy() *RequireGithubParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireOktaInitParameters. +func (in *RequireOktaInitParameters) DeepCopy() *RequireOktaInitParameters { if in == nil { return nil } - out := new(RequireGithubParameters) + out := new(RequireOktaInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequireGsuiteObservation) DeepCopyInto(out *RequireGsuiteObservation) { +func (in *RequireOktaObservation) DeepCopyInto(out *RequireOktaObservation) { *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireGsuiteObservation. -func (in *RequireGsuiteObservation) DeepCopy() *RequireGsuiteObservation { - if in == nil { - return nil + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in } - out := new(RequireGsuiteObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequireGsuiteParameters) DeepCopyInto(out *RequireGsuiteParameters) { - *out = *in - if in.Email != nil { - in, out := &in.Email, &out.Email + if in.Name != nil { + in, out := &in.Name, &out.Name *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -4526,41 +9665,6 @@ func (in *RequireGsuiteParameters) DeepCopyInto(out *RequireGsuiteParameters) { } } } - if in.IdentityProviderID != nil { - in, out := &in.IdentityProviderID, &out.IdentityProviderID - *out = new(string) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireGsuiteParameters. -func (in *RequireGsuiteParameters) DeepCopy() *RequireGsuiteParameters { - if in == nil { - return nil - } - out := new(RequireGsuiteParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequireObservation) DeepCopyInto(out *RequireObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireObservation. -func (in *RequireObservation) DeepCopy() *RequireObservation { - if in == nil { - return nil - } - out := new(RequireObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequireOktaObservation) DeepCopyInto(out *RequireOktaObservation) { - *out = *in } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireOktaObservation. @@ -4764,12 +9868,42 @@ func (in *RequireParameters) DeepCopyInto(out *RequireParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireParameters. -func (in *RequireParameters) DeepCopy() *RequireParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireParameters. +func (in *RequireParameters) DeepCopy() *RequireParameters { + if in == nil { + return nil + } + out := new(RequireParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RequireSAMLInitParameters) DeepCopyInto(out *RequireSAMLInitParameters) { + *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireSAMLInitParameters. +func (in *RequireSAMLInitParameters) DeepCopy() *RequireSAMLInitParameters { if in == nil { return nil } - out := new(RequireParameters) + out := new(RequireSAMLInitParameters) in.DeepCopyInto(out) return out } @@ -4777,6 +9911,21 @@ func (in *RequireParameters) DeepCopy() *RequireParameters { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RequireSAMLObservation) DeepCopyInto(out *RequireSAMLObservation) { *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequireSAMLObservation. @@ -4846,6 +9995,68 @@ func (in *Rule) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RuleInitParameters) DeepCopyInto(out *RuleInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Configuration != nil { + in, out := &in.Configuration, &out.Configuration + *out = make([]ConfigurationInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.Notes != nil { + in, out := &in.Notes, &out.Notes + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleInitParameters. +func (in *RuleInitParameters) DeepCopy() *RuleInitParameters { + if in == nil { + return nil + } + out := new(RuleInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleList) DeepCopyInto(out *RuleList) { *out = *in @@ -4881,11 +10092,38 @@ func (in *RuleList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleObservation) DeepCopyInto(out *RuleObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Configuration != nil { + in, out := &in.Configuration, &out.Configuration + *out = make([]ConfigurationObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.Notes != nil { + in, out := &in.Notes, &out.Notes + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleObservation. @@ -4965,6 +10203,7 @@ func (in *RuleSpec) DeepCopyInto(out *RuleSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleSpec. @@ -4994,9 +10233,54 @@ func (in *RuleStatus) DeepCopy() *RuleStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SAMLInitParameters) DeepCopyInto(out *SAMLInitParameters) { + *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SAMLInitParameters. +func (in *SAMLInitParameters) DeepCopy() *SAMLInitParameters { + if in == nil { + return nil + } + out := new(SAMLInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SAMLObservation) DeepCopyInto(out *SAMLObservation) { *out = *in + if in.AttributeName != nil { + in, out := &in.AttributeName, &out.AttributeName + *out = new(string) + **out = **in + } + if in.AttributeValue != nil { + in, out := &in.AttributeValue, &out.AttributeValue + *out = new(string) + **out = **in + } + if in.IdentityProviderID != nil { + in, out := &in.IdentityProviderID, &out.IdentityProviderID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SAMLObservation. @@ -5039,9 +10323,54 @@ func (in *SAMLParameters) DeepCopy() *SAMLParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SaasAppInitParameters) DeepCopyInto(out *SaasAppInitParameters) { + *out = *in + if in.ConsumerServiceURL != nil { + in, out := &in.ConsumerServiceURL, &out.ConsumerServiceURL + *out = new(string) + **out = **in + } + if in.NameIDFormat != nil { + in, out := &in.NameIDFormat, &out.NameIDFormat + *out = new(string) + **out = **in + } + if in.SpEntityID != nil { + in, out := &in.SpEntityID, &out.SpEntityID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SaasAppInitParameters. +func (in *SaasAppInitParameters) DeepCopy() *SaasAppInitParameters { + if in == nil { + return nil + } + out := new(SaasAppInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SaasAppObservation) DeepCopyInto(out *SaasAppObservation) { *out = *in + if in.ConsumerServiceURL != nil { + in, out := &in.ConsumerServiceURL, &out.ConsumerServiceURL + *out = new(string) + **out = **in + } + if in.NameIDFormat != nil { + in, out := &in.NameIDFormat, &out.NameIDFormat + *out = new(string) + **out = **in + } + if in.SpEntityID != nil { + in, out := &in.SpEntityID, &out.SpEntityID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SaasAppObservation. @@ -5111,6 +10440,61 @@ func (in *ServiceToken) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceTokenInitParameters) DeepCopyInto(out *ServiceTokenInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.MinDaysForRenewal != nil { + in, out := &in.MinDaysForRenewal, &out.MinDaysForRenewal + *out = new(float64) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceTokenInitParameters. +func (in *ServiceTokenInitParameters) DeepCopy() *ServiceTokenInitParameters { + if in == nil { + return nil + } + out := new(ServiceTokenInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ServiceTokenList) DeepCopyInto(out *ServiceTokenList) { *out = *in @@ -5146,6 +10530,11 @@ func (in *ServiceTokenList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ServiceTokenObservation) DeepCopyInto(out *ServiceTokenObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } if in.ClientID != nil { in, out := &in.ClientID, &out.ClientID *out = new(string) @@ -5161,6 +10550,21 @@ func (in *ServiceTokenObservation) DeepCopyInto(out *ServiceTokenObservation) { *out = new(string) **out = **in } + if in.MinDaysForRenewal != nil { + in, out := &in.MinDaysForRenewal, &out.MinDaysForRenewal + *out = new(float64) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceTokenObservation. @@ -5233,6 +10637,7 @@ func (in *ServiceTokenSpec) DeepCopyInto(out *ServiceTokenSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceTokenSpec. diff --git a/apis/access/v1alpha1/zz_generated.managed.go b/apis/access/v1alpha1/zz_generated.managed.go index a9b96c8..35c108a 100644 --- a/apis/access/v1alpha1/zz_generated.managed.go +++ b/apis/access/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Application) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Application. +func (mg *Application) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Application. func (mg *Application) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Application. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Application) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Application. func (mg *Application) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Application) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Application. +func (mg *Application) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Application. func (mg *Application) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Application. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Application) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Application. func (mg *Application) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *Bookmark) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Bookmark. +func (mg *Bookmark) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Bookmark. func (mg *Bookmark) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Bookmark. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Bookmark) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Bookmark. func (mg *Bookmark) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *Bookmark) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Bookmark. +func (mg *Bookmark) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Bookmark. func (mg *Bookmark) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Bookmark. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Bookmark) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Bookmark. func (mg *Bookmark) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -149,19 +137,16 @@ func (mg *CACertificate) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this CACertificate. +func (mg *CACertificate) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this CACertificate. func (mg *CACertificate) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this CACertificate. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *CACertificate) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this CACertificate. func (mg *CACertificate) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -182,19 +167,16 @@ func (mg *CACertificate) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this CACertificate. +func (mg *CACertificate) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this CACertificate. func (mg *CACertificate) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this CACertificate. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *CACertificate) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this CACertificate. func (mg *CACertificate) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -215,19 +197,16 @@ func (mg *Group) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Group. +func (mg *Group) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Group. func (mg *Group) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Group. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Group) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Group. func (mg *Group) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -248,19 +227,16 @@ func (mg *Group) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Group. +func (mg *Group) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Group. func (mg *Group) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Group. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Group) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Group. func (mg *Group) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -281,19 +257,16 @@ func (mg *IdentityProvider) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this IdentityProvider. +func (mg *IdentityProvider) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this IdentityProvider. func (mg *IdentityProvider) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this IdentityProvider. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *IdentityProvider) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this IdentityProvider. func (mg *IdentityProvider) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -314,19 +287,16 @@ func (mg *IdentityProvider) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this IdentityProvider. +func (mg *IdentityProvider) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this IdentityProvider. func (mg *IdentityProvider) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this IdentityProvider. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *IdentityProvider) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this IdentityProvider. func (mg *IdentityProvider) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -347,19 +317,16 @@ func (mg *KeysConfiguration) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this KeysConfiguration. +func (mg *KeysConfiguration) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this KeysConfiguration. func (mg *KeysConfiguration) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this KeysConfiguration. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *KeysConfiguration) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this KeysConfiguration. func (mg *KeysConfiguration) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -380,19 +347,16 @@ func (mg *KeysConfiguration) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this KeysConfiguration. +func (mg *KeysConfiguration) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this KeysConfiguration. func (mg *KeysConfiguration) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this KeysConfiguration. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *KeysConfiguration) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this KeysConfiguration. func (mg *KeysConfiguration) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -413,19 +377,16 @@ func (mg *MutualTLSCertificate) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this MutualTLSCertificate. +func (mg *MutualTLSCertificate) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this MutualTLSCertificate. func (mg *MutualTLSCertificate) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this MutualTLSCertificate. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *MutualTLSCertificate) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this MutualTLSCertificate. func (mg *MutualTLSCertificate) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -446,19 +407,16 @@ func (mg *MutualTLSCertificate) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this MutualTLSCertificate. +func (mg *MutualTLSCertificate) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this MutualTLSCertificate. func (mg *MutualTLSCertificate) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this MutualTLSCertificate. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *MutualTLSCertificate) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this MutualTLSCertificate. func (mg *MutualTLSCertificate) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -479,19 +437,16 @@ func (mg *Organization) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Organization. +func (mg *Organization) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Organization. func (mg *Organization) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Organization. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Organization) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Organization. func (mg *Organization) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -512,19 +467,16 @@ func (mg *Organization) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Organization. +func (mg *Organization) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Organization. func (mg *Organization) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Organization. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Organization) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Organization. func (mg *Organization) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -545,19 +497,16 @@ func (mg *Policy) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Policy. +func (mg *Policy) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Policy. func (mg *Policy) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Policy. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Policy) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Policy. func (mg *Policy) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -578,19 +527,16 @@ func (mg *Policy) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Policy. +func (mg *Policy) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Policy. func (mg *Policy) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Policy. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Policy) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Policy. func (mg *Policy) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -611,19 +557,16 @@ func (mg *Rule) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Rule. +func (mg *Rule) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Rule. func (mg *Rule) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Rule. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Rule) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Rule. func (mg *Rule) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -644,19 +587,16 @@ func (mg *Rule) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Rule. +func (mg *Rule) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Rule. func (mg *Rule) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Rule. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Rule) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Rule. func (mg *Rule) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -677,19 +617,16 @@ func (mg *ServiceToken) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this ServiceToken. +func (mg *ServiceToken) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this ServiceToken. func (mg *ServiceToken) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this ServiceToken. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *ServiceToken) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this ServiceToken. func (mg *ServiceToken) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -710,19 +647,16 @@ func (mg *ServiceToken) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this ServiceToken. +func (mg *ServiceToken) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this ServiceToken. func (mg *ServiceToken) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this ServiceToken. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *ServiceToken) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this ServiceToken. func (mg *ServiceToken) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/access/v1alpha1/zz_generated.resolvers.go b/apis/access/v1alpha1/zz_generated.resolvers.go index 40a0f41..3fd0869 100644 --- a/apis/access/v1alpha1/zz_generated.resolvers.go +++ b/apis/access/v1alpha1/zz_generated.resolvers.go @@ -53,6 +53,38 @@ func (mg *Application) ResolveReferences(ctx context.Context, c client.Reader) e mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -95,6 +127,38 @@ func (mg *Bookmark) ResolveReferences(ctx context.Context, c client.Reader) erro mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -153,6 +217,54 @@ func (mg *CACertificate) ResolveReferences(ctx context.Context, c client.Reader) mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ApplicationID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ApplicationIDRef, + Selector: mg.Spec.InitProvider.ApplicationIDSelector, + To: reference.To{ + List: &ApplicationList{}, + Managed: &Application{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ApplicationID") + } + mg.Spec.InitProvider.ApplicationID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ApplicationIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -195,6 +307,38 @@ func (mg *Group) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -237,6 +381,38 @@ func (mg *IdentityProvider) ResolveReferences(ctx context.Context, c client.Read mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -263,6 +439,22 @@ func (mg *KeysConfiguration) ResolveReferences(ctx context.Context, c client.Rea mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -305,6 +497,38 @@ func (mg *MutualTLSCertificate) ResolveReferences(ctx context.Context, c client. mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -347,6 +571,38 @@ func (mg *Organization) ResolveReferences(ctx context.Context, c client.Reader) mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -405,6 +661,54 @@ func (mg *Policy) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ApplicationID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ApplicationIDRef, + Selector: mg.Spec.InitProvider.ApplicationIDSelector, + To: reference.To{ + List: &ApplicationList{}, + Managed: &Application{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ApplicationID") + } + mg.Spec.InitProvider.ApplicationID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ApplicationIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -447,6 +751,38 @@ func (mg *Rule) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -489,5 +825,37 @@ func (mg *ServiceToken) ResolveReferences(ctx context.Context, c client.Reader) mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/access/v1alpha1/zz_generated_terraformed.go b/apis/access/v1alpha1/zz_generated_terraformed.go deleted file mode 100755 index b8b22a8..0000000 --- a/apis/access/v1alpha1/zz_generated_terraformed.go +++ /dev/null @@ -1,848 +0,0 @@ -/* -Copyright 2022 Upbound Inc. -*/ - -// Code generated by upjet. DO NOT EDIT. - -package v1alpha1 - -import ( - "github.com/pkg/errors" - - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" -) - -// GetTerraformResourceType returns Terraform resource type for this Application -func (mg *Application) GetTerraformResourceType() string { - return "cloudflare_access_application" -} - -// GetConnectionDetailsMapping for this Application -func (tr *Application) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Application -func (tr *Application) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Application -func (tr *Application) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Application -func (tr *Application) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Application -func (tr *Application) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Application -func (tr *Application) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Application using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Application) LateInitialize(attrs []byte) (bool, error) { - params := &ApplicationParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - opts = append(opts, resource.WithNameFilter("AccountID")) - opts = append(opts, resource.WithNameFilter("ZoneID")) - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Application) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Bookmark -func (mg *Bookmark) GetTerraformResourceType() string { - return "cloudflare_access_bookmark" -} - -// GetConnectionDetailsMapping for this Bookmark -func (tr *Bookmark) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Bookmark -func (tr *Bookmark) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Bookmark -func (tr *Bookmark) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Bookmark -func (tr *Bookmark) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Bookmark -func (tr *Bookmark) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Bookmark -func (tr *Bookmark) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Bookmark using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Bookmark) LateInitialize(attrs []byte) (bool, error) { - params := &BookmarkParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - opts = append(opts, resource.WithNameFilter("AccountID")) - opts = append(opts, resource.WithNameFilter("ZoneID")) - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Bookmark) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this CACertificate -func (mg *CACertificate) GetTerraformResourceType() string { - return "cloudflare_access_ca_certificate" -} - -// GetConnectionDetailsMapping for this CACertificate -func (tr *CACertificate) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this CACertificate -func (tr *CACertificate) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this CACertificate -func (tr *CACertificate) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this CACertificate -func (tr *CACertificate) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this CACertificate -func (tr *CACertificate) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this CACertificate -func (tr *CACertificate) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this CACertificate using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *CACertificate) LateInitialize(attrs []byte) (bool, error) { - params := &CACertificateParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - opts = append(opts, resource.WithNameFilter("AccountID")) - opts = append(opts, resource.WithNameFilter("ZoneID")) - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *CACertificate) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Group -func (mg *Group) GetTerraformResourceType() string { - return "cloudflare_access_group" -} - -// GetConnectionDetailsMapping for this Group -func (tr *Group) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Group -func (tr *Group) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Group -func (tr *Group) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Group -func (tr *Group) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Group -func (tr *Group) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Group -func (tr *Group) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Group using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Group) LateInitialize(attrs []byte) (bool, error) { - params := &GroupParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - opts = append(opts, resource.WithNameFilter("AccountID")) - opts = append(opts, resource.WithNameFilter("ZoneID")) - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Group) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this IdentityProvider -func (mg *IdentityProvider) GetTerraformResourceType() string { - return "cloudflare_access_identity_provider" -} - -// GetConnectionDetailsMapping for this IdentityProvider -func (tr *IdentityProvider) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this IdentityProvider -func (tr *IdentityProvider) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this IdentityProvider -func (tr *IdentityProvider) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this IdentityProvider -func (tr *IdentityProvider) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this IdentityProvider -func (tr *IdentityProvider) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this IdentityProvider -func (tr *IdentityProvider) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this IdentityProvider using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *IdentityProvider) LateInitialize(attrs []byte) (bool, error) { - params := &IdentityProviderParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - opts = append(opts, resource.WithNameFilter("AccountID")) - opts = append(opts, resource.WithNameFilter("ZoneID")) - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *IdentityProvider) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this KeysConfiguration -func (mg *KeysConfiguration) GetTerraformResourceType() string { - return "cloudflare_access_keys_configuration" -} - -// GetConnectionDetailsMapping for this KeysConfiguration -func (tr *KeysConfiguration) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this KeysConfiguration -func (tr *KeysConfiguration) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this KeysConfiguration -func (tr *KeysConfiguration) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this KeysConfiguration -func (tr *KeysConfiguration) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this KeysConfiguration -func (tr *KeysConfiguration) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this KeysConfiguration -func (tr *KeysConfiguration) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this KeysConfiguration using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *KeysConfiguration) LateInitialize(attrs []byte) (bool, error) { - params := &KeysConfigurationParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *KeysConfiguration) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this MutualTLSCertificate -func (mg *MutualTLSCertificate) GetTerraformResourceType() string { - return "cloudflare_access_mutual_tls_certificate" -} - -// GetConnectionDetailsMapping for this MutualTLSCertificate -func (tr *MutualTLSCertificate) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this MutualTLSCertificate -func (tr *MutualTLSCertificate) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this MutualTLSCertificate -func (tr *MutualTLSCertificate) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this MutualTLSCertificate -func (tr *MutualTLSCertificate) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this MutualTLSCertificate -func (tr *MutualTLSCertificate) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this MutualTLSCertificate -func (tr *MutualTLSCertificate) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this MutualTLSCertificate using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *MutualTLSCertificate) LateInitialize(attrs []byte) (bool, error) { - params := &MutualTLSCertificateParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - opts = append(opts, resource.WithNameFilter("AccountID")) - opts = append(opts, resource.WithNameFilter("ZoneID")) - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *MutualTLSCertificate) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Organization -func (mg *Organization) GetTerraformResourceType() string { - return "cloudflare_access_organization" -} - -// GetConnectionDetailsMapping for this Organization -func (tr *Organization) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Organization -func (tr *Organization) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Organization -func (tr *Organization) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Organization -func (tr *Organization) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Organization -func (tr *Organization) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Organization -func (tr *Organization) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Organization using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Organization) LateInitialize(attrs []byte) (bool, error) { - params := &OrganizationParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - opts = append(opts, resource.WithNameFilter("AccountID")) - opts = append(opts, resource.WithNameFilter("ZoneID")) - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Organization) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Policy -func (mg *Policy) GetTerraformResourceType() string { - return "cloudflare_access_policy" -} - -// GetConnectionDetailsMapping for this Policy -func (tr *Policy) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Policy -func (tr *Policy) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Policy -func (tr *Policy) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Policy -func (tr *Policy) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Policy -func (tr *Policy) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Policy -func (tr *Policy) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Policy using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Policy) LateInitialize(attrs []byte) (bool, error) { - params := &PolicyParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - opts = append(opts, resource.WithNameFilter("AccountID")) - opts = append(opts, resource.WithNameFilter("ZoneID")) - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Policy) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Rule -func (mg *Rule) GetTerraformResourceType() string { - return "cloudflare_access_rule" -} - -// GetConnectionDetailsMapping for this Rule -func (tr *Rule) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Rule -func (tr *Rule) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Rule -func (tr *Rule) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Rule -func (tr *Rule) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Rule -func (tr *Rule) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Rule -func (tr *Rule) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Rule using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Rule) LateInitialize(attrs []byte) (bool, error) { - params := &RuleParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - opts = append(opts, resource.WithNameFilter("AccountID")) - opts = append(opts, resource.WithNameFilter("ZoneID")) - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Rule) GetTerraformSchemaVersion() int { - return 1 -} - -// GetTerraformResourceType returns Terraform resource type for this ServiceToken -func (mg *ServiceToken) GetTerraformResourceType() string { - return "cloudflare_access_service_token" -} - -// GetConnectionDetailsMapping for this ServiceToken -func (tr *ServiceToken) GetConnectionDetailsMapping() map[string]string { - return map[string]string{"client_secret": "status.atProvider.clientSecret"} -} - -// GetObservation of this ServiceToken -func (tr *ServiceToken) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this ServiceToken -func (tr *ServiceToken) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this ServiceToken -func (tr *ServiceToken) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this ServiceToken -func (tr *ServiceToken) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this ServiceToken -func (tr *ServiceToken) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this ServiceToken using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *ServiceToken) LateInitialize(attrs []byte) (bool, error) { - params := &ServiceTokenParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - opts = append(opts, resource.WithNameFilter("AccountID")) - opts = append(opts, resource.WithNameFilter("ZoneID")) - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *ServiceToken) GetTerraformSchemaVersion() int { - return 0 -} diff --git a/apis/access/v1alpha1/zz_group_terraformed.go b/apis/access/v1alpha1/zz_group_terraformed.go new file mode 100755 index 0000000..2922b9b --- /dev/null +++ b/apis/access/v1alpha1/zz_group_terraformed.go @@ -0,0 +1,135 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Group +func (mg *Group) GetTerraformResourceType() string { + return "cloudflare_access_group" +} + +// GetConnectionDetailsMapping for this Group +func (tr *Group) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Group +func (tr *Group) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Group +func (tr *Group) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Group +func (tr *Group) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Group +func (tr *Group) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Group +func (tr *Group) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Group +func (tr *Group) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Group +func (tr *Group) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Group using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Group) LateInitialize(attrs []byte) (bool, error) { + params := &GroupParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("AccountID")) + opts = append(opts, resource.WithNameFilter("ZoneID")) + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Group) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/access/v1alpha1/zz_group_types.go b/apis/access/v1alpha1/zz_group_types.go index 441fee1..9e984e4 100755 --- a/apis/access/v1alpha1/zz_group_types.go +++ b/apis/access/v1alpha1/zz_group_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,114 +17,372 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type AzureInitParameters struct { + + // (String) The ID of this resource. + ID []*string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type AzureObservation struct { + + // (String) The ID of this resource. + ID []*string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type AzureParameters struct { + // (String) The ID of this resource. // +kubebuilder:validation:Optional ID []*string `json:"id,omitempty" tf:"id,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type ExcludeInitParameters struct { + + // (Boolean) + AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + + // (String) + AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + + // (Block List) (see below for nested schema) + Azure []AzureInitParameters `json:"azure,omitempty" tf:"azure,omitempty"` + + // (Boolean) + Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) + CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + + // (List of String) + DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (List of String) + EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + + // (Boolean) + Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + ExternalEvaluation []ExternalEvaluationInitParameters `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + + // (List of String) + Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Block List) (see below for nested schema) + Github []GithubInitParameters `json:"github,omitempty" tf:"github,omitempty"` + + // (List of String) + Group []*string `json:"group,omitempty" tf:"group,omitempty"` + + // (Block List) (see below for nested schema) + Gsuite []GsuiteInitParameters `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + + // (List of String) + IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (List of String) + LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + + // (Block List) (see below for nested schema) + Okta []OktaInitParameters `json:"okta,omitempty" tf:"okta,omitempty"` + + // (Block List) (see below for nested schema) + SAML []SAMLInitParameters `json:"saml,omitempty" tf:"saml,omitempty"` + + // (List of String) + ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` +} + type ExcludeObservation struct { + + // (Boolean) + AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + + // (String) + AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + + // (Block List) (see below for nested schema) + Azure []AzureObservation `json:"azure,omitempty" tf:"azure,omitempty"` + + // (Boolean) + Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) + CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + + // (List of String) + DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (List of String) + EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + + // (Boolean) + Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + ExternalEvaluation []ExternalEvaluationObservation `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + + // (List of String) + Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Block List) (see below for nested schema) + Github []GithubObservation `json:"github,omitempty" tf:"github,omitempty"` + + // (List of String) + Group []*string `json:"group,omitempty" tf:"group,omitempty"` + + // (Block List) (see below for nested schema) + Gsuite []GsuiteObservation `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + + // (List of String) + IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (List of String) + LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + + // (Block List) (see below for nested schema) + Okta []OktaObservation `json:"okta,omitempty" tf:"okta,omitempty"` + + // (Block List) (see below for nested schema) + SAML []SAMLObservation `json:"saml,omitempty" tf:"saml,omitempty"` + + // (List of String) + ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` } type ExcludeParameters struct { + // (Boolean) // +kubebuilder:validation:Optional AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + // (String) // +kubebuilder:validation:Optional AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Azure []AzureParameters `json:"azure,omitempty" tf:"azure,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + // (String) // +kubebuilder:validation:Optional CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + // (List of String) // +kubebuilder:validation:Optional DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Email []*string `json:"email,omitempty" tf:"email,omitempty"` + // (List of String) // +kubebuilder:validation:Optional EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + // (Block List, Max: 1) (see below for nested schema) // +kubebuilder:validation:Optional ExternalEvaluation []ExternalEvaluationParameters `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Github []GithubParameters `json:"github,omitempty" tf:"github,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Group []*string `json:"group,omitempty" tf:"group,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Gsuite []GsuiteParameters `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + // (List of String) // +kubebuilder:validation:Optional IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + // (List of String) // +kubebuilder:validation:Optional LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Okta []OktaParameters `json:"okta,omitempty" tf:"okta,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional SAML []SAMLParameters `json:"saml,omitempty" tf:"saml,omitempty"` + // (List of String) // +kubebuilder:validation:Optional ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` } +type ExternalEvaluationInitParameters struct { + + // (String) + EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + + // (String) + KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` +} + type ExternalEvaluationObservation struct { + + // (String) + EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + + // (String) + KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` } type ExternalEvaluationParameters struct { + // (String) // +kubebuilder:validation:Optional EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + // (String) // +kubebuilder:validation:Optional KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` } +type GithubInitParameters struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (List of String) + Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` +} + type GithubObservation struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (List of String) + Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` } type GithubParameters struct { + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + // (String) // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` } +type GroupInitParameters struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (Block List) (see below for nested schema) + Exclude []ExcludeInitParameters `json:"exclude,omitempty" tf:"exclude,omitempty"` + + // (Block List, Min: 1) (see below for nested schema) + Include []IncludeInitParameters `json:"include,omitempty" tf:"include,omitempty"` + + // (String) + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Block List) (see below for nested schema) + Require []RequireInitParameters `json:"require,omitempty" tf:"require,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type GroupObservation struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (Block List) (see below for nested schema) + Exclude []ExcludeObservation `json:"exclude,omitempty" tf:"exclude,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Block List, Min: 1) (see below for nested schema) + Include []IncludeObservation `json:"include,omitempty" tf:"include,omitempty"` + + // (String) + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Block List) (see below for nested schema) + Require []RequireObservation `json:"require,omitempty" tf:"require,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type GroupParameters struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. // The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -134,18 +396,23 @@ type GroupParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Exclude []ExcludeParameters `json:"exclude,omitempty" tf:"exclude,omitempty"` - // +kubebuilder:validation:Required - Include []IncludeParameters `json:"include" tf:"include,omitempty"` + // (Block List, Min: 1) (see below for nested schema) + // +kubebuilder:validation:Optional + Include []IncludeParameters `json:"include,omitempty" tf:"include,omitempty"` - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // (String) + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Require []RequireParameters `json:"require,omitempty" tf:"require,omitempty"` + // (String) The zone identifier to target for the resource. Conflicts with account_id. // The zone identifier to target for the resource. Conflicts with `account_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -160,323 +427,885 @@ type GroupParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type GsuiteInitParameters struct { + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type GsuiteObservation struct { + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type GsuiteParameters struct { + // (List of String) // +kubebuilder:validation:Optional Email []*string `json:"email,omitempty" tf:"email,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type IncludeAzureInitParameters struct { + + // (String) The ID of this resource. + ID []*string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type IncludeAzureObservation struct { + + // (String) The ID of this resource. + ID []*string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type IncludeAzureParameters struct { + // (String) The ID of this resource. // +kubebuilder:validation:Optional ID []*string `json:"id,omitempty" tf:"id,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type IncludeExternalEvaluationInitParameters struct { + + // (String) + EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + + // (String) + KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` +} + type IncludeExternalEvaluationObservation struct { + + // (String) + EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + + // (String) + KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` } type IncludeExternalEvaluationParameters struct { + // (String) // +kubebuilder:validation:Optional EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + // (String) // +kubebuilder:validation:Optional KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` } +type IncludeGithubInitParameters struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (List of String) + Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` +} + type IncludeGithubObservation struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (List of String) + Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` } type IncludeGithubParameters struct { + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + // (String) // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` } +type IncludeGsuiteInitParameters struct { + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type IncludeGsuiteObservation struct { + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type IncludeGsuiteParameters struct { + // (List of String) // +kubebuilder:validation:Optional Email []*string `json:"email,omitempty" tf:"email,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type IncludeInitParameters struct { + + // (Boolean) + AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + + // (String) + AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + + // (Block List) (see below for nested schema) + Azure []IncludeAzureInitParameters `json:"azure,omitempty" tf:"azure,omitempty"` + + // (Boolean) + Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) + CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + + // (List of String) + DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (List of String) + EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + + // (Boolean) + Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + ExternalEvaluation []IncludeExternalEvaluationInitParameters `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + + // (List of String) + Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Block List) (see below for nested schema) + Github []IncludeGithubInitParameters `json:"github,omitempty" tf:"github,omitempty"` + + // (List of String) + Group []*string `json:"group,omitempty" tf:"group,omitempty"` + + // (Block List) (see below for nested schema) + Gsuite []IncludeGsuiteInitParameters `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + + // (List of String) + IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (List of String) + LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + + // (Block List) (see below for nested schema) + Okta []IncludeOktaInitParameters `json:"okta,omitempty" tf:"okta,omitempty"` + + // (Block List) (see below for nested schema) + SAML []IncludeSAMLInitParameters `json:"saml,omitempty" tf:"saml,omitempty"` + + // (List of String) + ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` +} + type IncludeObservation struct { + + // (Boolean) + AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + + // (String) + AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + + // (Block List) (see below for nested schema) + Azure []IncludeAzureObservation `json:"azure,omitempty" tf:"azure,omitempty"` + + // (Boolean) + Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) + CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + + // (List of String) + DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (List of String) + EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + + // (Boolean) + Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + ExternalEvaluation []IncludeExternalEvaluationObservation `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + + // (List of String) + Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Block List) (see below for nested schema) + Github []IncludeGithubObservation `json:"github,omitempty" tf:"github,omitempty"` + + // (List of String) + Group []*string `json:"group,omitempty" tf:"group,omitempty"` + + // (Block List) (see below for nested schema) + Gsuite []IncludeGsuiteObservation `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + + // (List of String) + IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (List of String) + LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + + // (Block List) (see below for nested schema) + Okta []IncludeOktaObservation `json:"okta,omitempty" tf:"okta,omitempty"` + + // (Block List) (see below for nested schema) + SAML []IncludeSAMLObservation `json:"saml,omitempty" tf:"saml,omitempty"` + + // (List of String) + ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` +} + +type IncludeOktaInitParameters struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) + Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type IncludeOktaObservation struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) + Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type IncludeOktaParameters struct { + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + // (String) // +kubebuilder:validation:Optional Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type IncludeParameters struct { + // (Boolean) // +kubebuilder:validation:Optional AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + // (String) // +kubebuilder:validation:Optional AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Azure []IncludeAzureParameters `json:"azure,omitempty" tf:"azure,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + // (String) // +kubebuilder:validation:Optional CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + // (List of String) // +kubebuilder:validation:Optional DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Email []*string `json:"email,omitempty" tf:"email,omitempty"` + // (List of String) // +kubebuilder:validation:Optional EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + // (Block List, Max: 1) (see below for nested schema) // +kubebuilder:validation:Optional ExternalEvaluation []IncludeExternalEvaluationParameters `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Github []IncludeGithubParameters `json:"github,omitempty" tf:"github,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Group []*string `json:"group,omitempty" tf:"group,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Gsuite []IncludeGsuiteParameters `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + // (List of String) // +kubebuilder:validation:Optional IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + // (List of String) // +kubebuilder:validation:Optional LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Okta []IncludeOktaParameters `json:"okta,omitempty" tf:"okta,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional SAML []IncludeSAMLParameters `json:"saml,omitempty" tf:"saml,omitempty"` + // (List of String) // +kubebuilder:validation:Optional ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` } +type IncludeSAMLInitParameters struct { + + // (String) + AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + + // (String) + AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type IncludeSAMLObservation struct { + + // (String) + AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + + // (String) + AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type IncludeSAMLParameters struct { + // (String) // +kubebuilder:validation:Optional AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + // (String) // +kubebuilder:validation:Optional AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type OktaInitParameters struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) + Name []*string `json:"name,omitempty" tf:"name,omitempty"` +} + type OktaObservation struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) + Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type OktaParameters struct { + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + // (String) // +kubebuilder:validation:Optional Name []*string `json:"name,omitempty" tf:"name,omitempty"` } +type RequireAzureInitParameters struct { + + // (String) The ID of this resource. + ID []*string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type RequireAzureObservation struct { + + // (String) The ID of this resource. + ID []*string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type RequireAzureParameters struct { + // (String) The ID of this resource. // +kubebuilder:validation:Optional ID []*string `json:"id,omitempty" tf:"id,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type RequireExternalEvaluationInitParameters struct { + + // (String) + EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + + // (String) + KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` +} + type RequireExternalEvaluationObservation struct { + + // (String) + EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + + // (String) + KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` } type RequireExternalEvaluationParameters struct { + // (String) // +kubebuilder:validation:Optional EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + // (String) // +kubebuilder:validation:Optional KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` } +type RequireGithubInitParameters struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (List of String) + Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` +} + type RequireGithubObservation struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (List of String) + Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` } type RequireGithubParameters struct { + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + // (String) // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` } +type RequireGsuiteInitParameters struct { + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type RequireGsuiteObservation struct { + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type RequireGsuiteParameters struct { + // (List of String) // +kubebuilder:validation:Optional Email []*string `json:"email,omitempty" tf:"email,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type RequireInitParameters struct { + + // (Boolean) + AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + + // (String) + AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + + // (Block List) (see below for nested schema) + Azure []RequireAzureInitParameters `json:"azure,omitempty" tf:"azure,omitempty"` + + // (Boolean) + Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) + CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + + // (List of String) + DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (List of String) + EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + + // (Boolean) + Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + ExternalEvaluation []RequireExternalEvaluationInitParameters `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + + // (List of String) + Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Block List) (see below for nested schema) + Github []RequireGithubInitParameters `json:"github,omitempty" tf:"github,omitempty"` + + // (List of String) + Group []*string `json:"group,omitempty" tf:"group,omitempty"` + + // (Block List) (see below for nested schema) + Gsuite []RequireGsuiteInitParameters `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + + // (List of String) + IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (List of String) + LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + + // (Block List) (see below for nested schema) + Okta []RequireOktaInitParameters `json:"okta,omitempty" tf:"okta,omitempty"` + + // (Block List) (see below for nested schema) + SAML []RequireSAMLInitParameters `json:"saml,omitempty" tf:"saml,omitempty"` + + // (List of String) + ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` +} + type RequireObservation struct { + + // (Boolean) + AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + + // (String) + AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + + // (Block List) (see below for nested schema) + Azure []RequireAzureObservation `json:"azure,omitempty" tf:"azure,omitempty"` + + // (Boolean) + Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) + CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + + // (List of String) + DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (List of String) + EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + + // (Boolean) + Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + ExternalEvaluation []RequireExternalEvaluationObservation `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + + // (List of String) + Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Block List) (see below for nested schema) + Github []RequireGithubObservation `json:"github,omitempty" tf:"github,omitempty"` + + // (List of String) + Group []*string `json:"group,omitempty" tf:"group,omitempty"` + + // (Block List) (see below for nested schema) + Gsuite []RequireGsuiteObservation `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + + // (List of String) + IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (List of String) + LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + + // (Block List) (see below for nested schema) + Okta []RequireOktaObservation `json:"okta,omitempty" tf:"okta,omitempty"` + + // (Block List) (see below for nested schema) + SAML []RequireSAMLObservation `json:"saml,omitempty" tf:"saml,omitempty"` + + // (List of String) + ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` +} + +type RequireOktaInitParameters struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) + Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type RequireOktaObservation struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) + Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type RequireOktaParameters struct { + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + // (String) // +kubebuilder:validation:Optional Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type RequireParameters struct { + // (Boolean) // +kubebuilder:validation:Optional AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + // (String) // +kubebuilder:validation:Optional AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Azure []RequireAzureParameters `json:"azure,omitempty" tf:"azure,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + // (String) // +kubebuilder:validation:Optional CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + // (List of String) // +kubebuilder:validation:Optional DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Email []*string `json:"email,omitempty" tf:"email,omitempty"` + // (List of String) // +kubebuilder:validation:Optional EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + // (Block List, Max: 1) (see below for nested schema) // +kubebuilder:validation:Optional ExternalEvaluation []RequireExternalEvaluationParameters `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Github []RequireGithubParameters `json:"github,omitempty" tf:"github,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Group []*string `json:"group,omitempty" tf:"group,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Gsuite []RequireGsuiteParameters `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + // (List of String) // +kubebuilder:validation:Optional IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + // (List of String) // +kubebuilder:validation:Optional LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Okta []RequireOktaParameters `json:"okta,omitempty" tf:"okta,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional SAML []RequireSAMLParameters `json:"saml,omitempty" tf:"saml,omitempty"` + // (List of String) // +kubebuilder:validation:Optional ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` } +type RequireSAMLInitParameters struct { + + // (String) + AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + + // (String) + AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type RequireSAMLObservation struct { + + // (String) + AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + + // (String) + AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type RequireSAMLParameters struct { + // (String) // +kubebuilder:validation:Optional AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + // (String) // +kubebuilder:validation:Optional AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type SAMLInitParameters struct { + + // (String) + AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + + // (String) + AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type SAMLObservation struct { + + // (String) + AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + + // (String) + AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type SAMLParameters struct { + // (String) // +kubebuilder:validation:Optional AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + // (String) // +kubebuilder:validation:Optional AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } @@ -485,6 +1314,17 @@ type SAMLParameters struct { type GroupSpec struct { v1.ResourceSpec `json:",inline"` ForProvider GroupParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider GroupInitParameters `json:"initProvider,omitempty"` } // GroupStatus defines the observed state of Group. @@ -494,19 +1334,22 @@ type GroupStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Group is the Schema for the Groups API. +// Group is the Schema for the Groups API. Provides a Cloudflare Access Group resource. Access Groups are used in conjunction with Access Policies to restrict access to a particular resource based on group membership. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Group struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec GroupSpec `json:"spec"` - Status GroupStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.include) || (has(self.initProvider) && has(self.initProvider.include))",message="spec.forProvider.include is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec GroupSpec `json:"spec"` + Status GroupStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/access/v1alpha1/zz_groupversion_info.go b/apis/access/v1alpha1/zz_groupversion_info.go index cb1c74a..a3b2155 100755 --- a/apis/access/v1alpha1/zz_groupversion_info.go +++ b/apis/access/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/access/v1alpha1/zz_identityprovider_terraformed.go b/apis/access/v1alpha1/zz_identityprovider_terraformed.go new file mode 100755 index 0000000..4dd4564 --- /dev/null +++ b/apis/access/v1alpha1/zz_identityprovider_terraformed.go @@ -0,0 +1,135 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this IdentityProvider +func (mg *IdentityProvider) GetTerraformResourceType() string { + return "cloudflare_access_identity_provider" +} + +// GetConnectionDetailsMapping for this IdentityProvider +func (tr *IdentityProvider) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this IdentityProvider +func (tr *IdentityProvider) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this IdentityProvider +func (tr *IdentityProvider) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this IdentityProvider +func (tr *IdentityProvider) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this IdentityProvider +func (tr *IdentityProvider) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this IdentityProvider +func (tr *IdentityProvider) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this IdentityProvider +func (tr *IdentityProvider) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this IdentityProvider +func (tr *IdentityProvider) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this IdentityProvider using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *IdentityProvider) LateInitialize(attrs []byte) (bool, error) { + params := &IdentityProviderParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("AccountID")) + opts = append(opts, resource.WithNameFilter("ZoneID")) + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *IdentityProvider) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/access/v1alpha1/zz_identityprovider_types.go b/apis/access/v1alpha1/zz_identityprovider_types.go index 755a13c..74d6f0a 100755 --- a/apis/access/v1alpha1/zz_identityprovider_types.go +++ b/apis/access/v1alpha1/zz_identityprovider_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,81 +17,295 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ConfigInitParameters struct { + + // (String) + APIToken *string `json:"apiToken,omitempty" tf:"api_token,omitempty"` + + // (String) + AppsDomain *string `json:"appsDomain,omitempty" tf:"apps_domain,omitempty"` + + // (List of String) + Attributes []*string `json:"attributes,omitempty" tf:"attributes,omitempty"` + + // (String) + AuthURL *string `json:"authUrl,omitempty" tf:"auth_url,omitempty"` + + // (String) + CentrifyAccount *string `json:"centrifyAccount,omitempty" tf:"centrify_account,omitempty"` + + // (String) + CentrifyAppID *string `json:"centrifyAppId,omitempty" tf:"centrify_app_id,omitempty"` + + // (String) + CertsURL *string `json:"certsUrl,omitempty" tf:"certs_url,omitempty"` + + // (String) + ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` + + // (String) + ClientSecret *string `json:"clientSecret,omitempty" tf:"client_secret,omitempty"` + + // (String) + DirectoryID *string `json:"directoryId,omitempty" tf:"directory_id,omitempty"` + + // (String) + EmailAttributeName *string `json:"emailAttributeName,omitempty" tf:"email_attribute_name,omitempty"` + + // (String) + IdpPublicCert *string `json:"idpPublicCert,omitempty" tf:"idp_public_cert,omitempty"` + + // (String) + IssuerURL *string `json:"issuerUrl,omitempty" tf:"issuer_url,omitempty"` + + // (String) + OktaAccount *string `json:"oktaAccount,omitempty" tf:"okta_account,omitempty"` + + // (String) + OneloginAccount *string `json:"oneloginAccount,omitempty" tf:"onelogin_account,omitempty"` + + // (Boolean) + PkceEnabled *bool `json:"pkceEnabled,omitempty" tf:"pkce_enabled,omitempty"` + + // (String) + RedirectURL *string `json:"redirectUrl,omitempty" tf:"redirect_url,omitempty"` + + // (Boolean) + SignRequest *bool `json:"signRequest,omitempty" tf:"sign_request,omitempty"` + + // (String) + SsoTargetURL *string `json:"ssoTargetUrl,omitempty" tf:"sso_target_url,omitempty"` + + // (Boolean) + SupportGroups *bool `json:"supportGroups,omitempty" tf:"support_groups,omitempty"` + + // (String) + TokenURL *string `json:"tokenUrl,omitempty" tf:"token_url,omitempty"` +} + type ConfigObservation struct { + + // (String) + APIToken *string `json:"apiToken,omitempty" tf:"api_token,omitempty"` + + // (String) + AppsDomain *string `json:"appsDomain,omitempty" tf:"apps_domain,omitempty"` + + // (List of String) + Attributes []*string `json:"attributes,omitempty" tf:"attributes,omitempty"` + + // (String) + AuthURL *string `json:"authUrl,omitempty" tf:"auth_url,omitempty"` + + // (String) + CentrifyAccount *string `json:"centrifyAccount,omitempty" tf:"centrify_account,omitempty"` + + // (String) + CentrifyAppID *string `json:"centrifyAppId,omitempty" tf:"centrify_app_id,omitempty"` + + // (String) + CertsURL *string `json:"certsUrl,omitempty" tf:"certs_url,omitempty"` + + // (String) + ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` + + // (String) + ClientSecret *string `json:"clientSecret,omitempty" tf:"client_secret,omitempty"` + + // (String) + DirectoryID *string `json:"directoryId,omitempty" tf:"directory_id,omitempty"` + + // (String) + EmailAttributeName *string `json:"emailAttributeName,omitempty" tf:"email_attribute_name,omitempty"` + + // (String) + IdpPublicCert *string `json:"idpPublicCert,omitempty" tf:"idp_public_cert,omitempty"` + + // (String) + IssuerURL *string `json:"issuerUrl,omitempty" tf:"issuer_url,omitempty"` + + // (String) + OktaAccount *string `json:"oktaAccount,omitempty" tf:"okta_account,omitempty"` + + // (String) + OneloginAccount *string `json:"oneloginAccount,omitempty" tf:"onelogin_account,omitempty"` + + // (Boolean) + PkceEnabled *bool `json:"pkceEnabled,omitempty" tf:"pkce_enabled,omitempty"` + + // (String) + RedirectURL *string `json:"redirectUrl,omitempty" tf:"redirect_url,omitempty"` + + // (Boolean) + SignRequest *bool `json:"signRequest,omitempty" tf:"sign_request,omitempty"` + + // (String) + SsoTargetURL *string `json:"ssoTargetUrl,omitempty" tf:"sso_target_url,omitempty"` + + // (Boolean) + SupportGroups *bool `json:"supportGroups,omitempty" tf:"support_groups,omitempty"` + + // (String) + TokenURL *string `json:"tokenUrl,omitempty" tf:"token_url,omitempty"` } type ConfigParameters struct { + // (String) // +kubebuilder:validation:Optional APIToken *string `json:"apiToken,omitempty" tf:"api_token,omitempty"` + // (String) // +kubebuilder:validation:Optional AppsDomain *string `json:"appsDomain,omitempty" tf:"apps_domain,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Attributes []*string `json:"attributes,omitempty" tf:"attributes,omitempty"` + // (String) // +kubebuilder:validation:Optional AuthURL *string `json:"authUrl,omitempty" tf:"auth_url,omitempty"` + // (String) // +kubebuilder:validation:Optional CentrifyAccount *string `json:"centrifyAccount,omitempty" tf:"centrify_account,omitempty"` + // (String) // +kubebuilder:validation:Optional CentrifyAppID *string `json:"centrifyAppId,omitempty" tf:"centrify_app_id,omitempty"` + // (String) // +kubebuilder:validation:Optional CertsURL *string `json:"certsUrl,omitempty" tf:"certs_url,omitempty"` + // (String) // +kubebuilder:validation:Optional ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` + // (String) // +kubebuilder:validation:Optional ClientSecret *string `json:"clientSecret,omitempty" tf:"client_secret,omitempty"` + // (String) // +kubebuilder:validation:Optional DirectoryID *string `json:"directoryId,omitempty" tf:"directory_id,omitempty"` + // (String) // +kubebuilder:validation:Optional EmailAttributeName *string `json:"emailAttributeName,omitempty" tf:"email_attribute_name,omitempty"` + // (String) // +kubebuilder:validation:Optional IdpPublicCert *string `json:"idpPublicCert,omitempty" tf:"idp_public_cert,omitempty"` + // (String) // +kubebuilder:validation:Optional IssuerURL *string `json:"issuerUrl,omitempty" tf:"issuer_url,omitempty"` + // (String) // +kubebuilder:validation:Optional OktaAccount *string `json:"oktaAccount,omitempty" tf:"okta_account,omitempty"` + // (String) // +kubebuilder:validation:Optional OneloginAccount *string `json:"oneloginAccount,omitempty" tf:"onelogin_account,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional PkceEnabled *bool `json:"pkceEnabled,omitempty" tf:"pkce_enabled,omitempty"` + // (String) // +kubebuilder:validation:Optional RedirectURL *string `json:"redirectUrl,omitempty" tf:"redirect_url,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional SignRequest *bool `json:"signRequest,omitempty" tf:"sign_request,omitempty"` + // (String) // +kubebuilder:validation:Optional SsoTargetURL *string `json:"ssoTargetUrl,omitempty" tf:"sso_target_url,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional SupportGroups *bool `json:"supportGroups,omitempty" tf:"support_groups,omitempty"` + // (String) // +kubebuilder:validation:Optional TokenURL *string `json:"tokenUrl,omitempty" tf:"token_url,omitempty"` } +type IdentityProviderInitParameters struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (Block List) Provider configuration from the developer documentation. (see below for nested schema) + // Provider configuration from the [developer documentation](https://developers.cloudflare.com/access/configuring-identity-providers/). + Config []ConfigInitParameters `json:"config,omitempty" tf:"config,omitempty"` + + // (String) Friendly name of the Access Identity Provider configuration. + // Friendly name of the Access Identity Provider configuration. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // apps, oidc, github, google, saml, linkedin, azureAD, okta, onetimepin, onelogin, yandex. + // The provider type to use. Available values: `centrify`, `facebook`, `google-apps`, `oidc`, `github`, `google`, `saml`, `linkedin`, `azureAD`, `okta`, `onetimepin`, `onelogin`, `yandex`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type IdentityProviderObservation struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (Block List) Provider configuration from the developer documentation. (see below for nested schema) + // Provider configuration from the [developer documentation](https://developers.cloudflare.com/access/configuring-identity-providers/). + Config []ConfigObservation `json:"config,omitempty" tf:"config,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) Friendly name of the Access Identity Provider configuration. + // Friendly name of the Access Identity Provider configuration. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // apps, oidc, github, google, saml, linkedin, azureAD, okta, onetimepin, onelogin, yandex. + // The provider type to use. Available values: `centrify`, `facebook`, `google-apps`, `oidc`, `github`, `google`, `saml`, `linkedin`, `azureAD`, `okta`, `onetimepin`, `onelogin`, `yandex`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type IdentityProviderParameters struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. // The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -101,18 +319,22 @@ type IdentityProviderParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (Block List) Provider configuration from the developer documentation. (see below for nested schema) // Provider configuration from the [developer documentation](https://developers.cloudflare.com/access/configuring-identity-providers/). // +kubebuilder:validation:Optional Config []ConfigParameters `json:"config,omitempty" tf:"config,omitempty"` + // (String) Friendly name of the Access Identity Provider configuration. // Friendly name of the Access Identity Provider configuration. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // apps, oidc, github, google, saml, linkedin, azureAD, okta, onetimepin, onelogin, yandex. // The provider type to use. Available values: `centrify`, `facebook`, `google-apps`, `oidc`, `github`, `google`, `saml`, `linkedin`, `azureAD`, `okta`, `onetimepin`, `onelogin`, `yandex`. - // +kubebuilder:validation:Required - Type *string `json:"type" tf:"type,omitempty"` + // +kubebuilder:validation:Optional + Type *string `json:"type,omitempty" tf:"type,omitempty"` + // (String) The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -131,6 +353,17 @@ type IdentityProviderParameters struct { type IdentityProviderSpec struct { v1.ResourceSpec `json:",inline"` ForProvider IdentityProviderParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider IdentityProviderInitParameters `json:"initProvider,omitempty"` } // IdentityProviderStatus defines the observed state of IdentityProvider. @@ -140,19 +373,22 @@ type IdentityProviderStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// IdentityProvider is the Schema for the IdentityProviders API. +// IdentityProvider is the Schema for the IdentityProviders API. Provides a Cloudflare Access Identity Provider resource. Identity Providers are used as an authentication or authorisation source within Access. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type IdentityProvider struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec IdentityProviderSpec `json:"spec"` - Status IdentityProviderStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.type) || (has(self.initProvider) && has(self.initProvider.type))",message="spec.forProvider.type is a required parameter" + Spec IdentityProviderSpec `json:"spec"` + Status IdentityProviderStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/access/v1alpha1/zz_keysconfiguration_terraformed.go b/apis/access/v1alpha1/zz_keysconfiguration_terraformed.go new file mode 100755 index 0000000..7b76fab --- /dev/null +++ b/apis/access/v1alpha1/zz_keysconfiguration_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this KeysConfiguration +func (mg *KeysConfiguration) GetTerraformResourceType() string { + return "cloudflare_access_keys_configuration" +} + +// GetConnectionDetailsMapping for this KeysConfiguration +func (tr *KeysConfiguration) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this KeysConfiguration +func (tr *KeysConfiguration) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this KeysConfiguration +func (tr *KeysConfiguration) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this KeysConfiguration +func (tr *KeysConfiguration) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this KeysConfiguration +func (tr *KeysConfiguration) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this KeysConfiguration +func (tr *KeysConfiguration) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this KeysConfiguration +func (tr *KeysConfiguration) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this KeysConfiguration +func (tr *KeysConfiguration) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this KeysConfiguration using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *KeysConfiguration) LateInitialize(attrs []byte) (bool, error) { + params := &KeysConfigurationParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *KeysConfiguration) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/access/v1alpha1/zz_keysconfiguration_types.go b/apis/access/v1alpha1/zz_keysconfiguration_types.go index 960b805..21d0a70 100755 --- a/apis/access/v1alpha1/zz_keysconfiguration_types.go +++ b/apis/access/v1alpha1/zz_keysconfiguration_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,8 +17,33 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type KeysConfigurationInitParameters struct { + + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // Number of days to trigger a rotation of the keys. + KeyRotationIntervalDays *float64 `json:"keyRotationIntervalDays,omitempty" tf:"key_rotation_interval_days,omitempty"` +} + type KeysConfigurationObservation struct { + + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // Number of days to trigger a rotation of the keys. + KeyRotationIntervalDays *float64 `json:"keyRotationIntervalDays,omitempty" tf:"key_rotation_interval_days,omitempty"` } type KeysConfigurationParameters struct { @@ -41,6 +70,17 @@ type KeysConfigurationParameters struct { type KeysConfigurationSpec struct { v1.ResourceSpec `json:",inline"` ForProvider KeysConfigurationParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider KeysConfigurationInitParameters `json:"initProvider,omitempty"` } // KeysConfigurationStatus defines the observed state of KeysConfiguration. @@ -50,13 +90,14 @@ type KeysConfigurationStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion // KeysConfiguration is the Schema for the KeysConfigurations API. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type KeysConfiguration struct { metav1.TypeMeta `json:",inline"` diff --git a/apis/access/v1alpha1/zz_mutualtlscertificate_terraformed.go b/apis/access/v1alpha1/zz_mutualtlscertificate_terraformed.go new file mode 100755 index 0000000..24693bd --- /dev/null +++ b/apis/access/v1alpha1/zz_mutualtlscertificate_terraformed.go @@ -0,0 +1,135 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this MutualTLSCertificate +func (mg *MutualTLSCertificate) GetTerraformResourceType() string { + return "cloudflare_access_mutual_tls_certificate" +} + +// GetConnectionDetailsMapping for this MutualTLSCertificate +func (tr *MutualTLSCertificate) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this MutualTLSCertificate +func (tr *MutualTLSCertificate) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this MutualTLSCertificate +func (tr *MutualTLSCertificate) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this MutualTLSCertificate +func (tr *MutualTLSCertificate) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this MutualTLSCertificate +func (tr *MutualTLSCertificate) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this MutualTLSCertificate +func (tr *MutualTLSCertificate) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this MutualTLSCertificate +func (tr *MutualTLSCertificate) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this MutualTLSCertificate +func (tr *MutualTLSCertificate) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this MutualTLSCertificate using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *MutualTLSCertificate) LateInitialize(attrs []byte) (bool, error) { + params := &MutualTLSCertificateParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("AccountID")) + opts = append(opts, resource.WithNameFilter("ZoneID")) + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *MutualTLSCertificate) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/access/v1alpha1/zz_mutualtlscertificate_types.go b/apis/access/v1alpha1/zz_mutualtlscertificate_types.go index a6edcc7..1f14235 100755 --- a/apis/access/v1alpha1/zz_mutualtlscertificate_types.go +++ b/apis/access/v1alpha1/zz_mutualtlscertificate_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,14 +17,79 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type MutualTLSCertificateInitParameters struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (List of String) The hostnames that will be prompted for this certificate. + // The hostnames that will be prompted for this certificate. + AssociatedHostnames []*string `json:"associatedHostnames,omitempty" tf:"associated_hostnames,omitempty"` + + // (String) The Root CA for your certificates. + // The Root CA for your certificates. + Certificate *string `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) The name of the certificate. + // The name of the certificate. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type MutualTLSCertificateObservation struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (List of String) The hostnames that will be prompted for this certificate. + // The hostnames that will be prompted for this certificate. + AssociatedHostnames []*string `json:"associatedHostnames,omitempty" tf:"associated_hostnames,omitempty"` + + // (String) The Root CA for your certificates. + // The Root CA for your certificates. + Certificate *string `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) Fingerprint *string `json:"fingerprint,omitempty" tf:"fingerprint,omitempty"` + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The name of the certificate. + // The name of the certificate. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type MutualTLSCertificateParameters struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. // The account identifier to target for the resource. Conflicts with `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -34,18 +103,22 @@ type MutualTLSCertificateParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (List of String) The hostnames that will be prompted for this certificate. // The hostnames that will be prompted for this certificate. // +kubebuilder:validation:Optional AssociatedHostnames []*string `json:"associatedHostnames,omitempty" tf:"associated_hostnames,omitempty"` + // (String) The Root CA for your certificates. // The Root CA for your certificates. // +kubebuilder:validation:Optional Certificate *string `json:"certificate,omitempty" tf:"certificate,omitempty"` + // (String) The name of the certificate. // The name of the certificate. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) The zone identifier to target for the resource. Conflicts with account_id. // The zone identifier to target for the resource. Conflicts with `account_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -64,6 +137,17 @@ type MutualTLSCertificateParameters struct { type MutualTLSCertificateSpec struct { v1.ResourceSpec `json:",inline"` ForProvider MutualTLSCertificateParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider MutualTLSCertificateInitParameters `json:"initProvider,omitempty"` } // MutualTLSCertificateStatus defines the observed state of MutualTLSCertificate. @@ -73,19 +157,21 @@ type MutualTLSCertificateStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// MutualTLSCertificate is the Schema for the MutualTLSCertificates API. +// MutualTLSCertificate is the Schema for the MutualTLSCertificates API. Provides a Cloudflare Access Mutual TLS Certificate resource. Mutual TLS authentication ensures that the traffic is secure and trusted in both directions between a client and server and can be used with Access to only allows requests from devices with a corresponding client certificate. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type MutualTLSCertificate struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec MutualTLSCertificateSpec `json:"spec"` - Status MutualTLSCertificateStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec MutualTLSCertificateSpec `json:"spec"` + Status MutualTLSCertificateStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/access/v1alpha1/zz_organization_terraformed.go b/apis/access/v1alpha1/zz_organization_terraformed.go new file mode 100755 index 0000000..f7a7213 --- /dev/null +++ b/apis/access/v1alpha1/zz_organization_terraformed.go @@ -0,0 +1,135 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Organization +func (mg *Organization) GetTerraformResourceType() string { + return "cloudflare_access_organization" +} + +// GetConnectionDetailsMapping for this Organization +func (tr *Organization) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Organization +func (tr *Organization) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Organization +func (tr *Organization) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Organization +func (tr *Organization) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Organization +func (tr *Organization) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Organization +func (tr *Organization) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Organization +func (tr *Organization) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Organization +func (tr *Organization) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Organization using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Organization) LateInitialize(attrs []byte) (bool, error) { + params := &OrganizationParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("AccountID")) + opts = append(opts, resource.WithNameFilter("ZoneID")) + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Organization) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/access/v1alpha1/zz_organization_types.go b/apis/access/v1alpha1/zz_organization_types.go index ca96a96..aae3e4a 100755 --- a/apis/access/v1alpha1/zz_organization_types.go +++ b/apis/access/v1alpha1/zz_organization_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,38 +17,156 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type LoginDesignInitParameters struct { + + // (String) The background color on the login page. + // The background color on the login page. + BackgroundColor *string `json:"backgroundColor,omitempty" tf:"background_color,omitempty"` + + // (String) The text at the bottom of the login page. + // The text at the bottom of the login page. + FooterText *string `json:"footerText,omitempty" tf:"footer_text,omitempty"` + + // (String) The text at the top of the login page. + // The text at the top of the login page. + HeaderText *string `json:"headerText,omitempty" tf:"header_text,omitempty"` + + // (String) The URL of the logo on the login page. + // The URL of the logo on the login page. + LogoPath *string `json:"logoPath,omitempty" tf:"logo_path,omitempty"` + + // (String) The text color on the login page. + // The text color on the login page. + TextColor *string `json:"textColor,omitempty" tf:"text_color,omitempty"` +} + type LoginDesignObservation struct { + + // (String) The background color on the login page. + // The background color on the login page. + BackgroundColor *string `json:"backgroundColor,omitempty" tf:"background_color,omitempty"` + + // (String) The text at the bottom of the login page. + // The text at the bottom of the login page. + FooterText *string `json:"footerText,omitempty" tf:"footer_text,omitempty"` + + // (String) The text at the top of the login page. + // The text at the top of the login page. + HeaderText *string `json:"headerText,omitempty" tf:"header_text,omitempty"` + + // (String) The URL of the logo on the login page. + // The URL of the logo on the login page. + LogoPath *string `json:"logoPath,omitempty" tf:"logo_path,omitempty"` + + // (String) The text color on the login page. + // The text color on the login page. + TextColor *string `json:"textColor,omitempty" tf:"text_color,omitempty"` } type LoginDesignParameters struct { + // (String) The background color on the login page. // The background color on the login page. // +kubebuilder:validation:Optional BackgroundColor *string `json:"backgroundColor,omitempty" tf:"background_color,omitempty"` + // (String) The text at the bottom of the login page. // The text at the bottom of the login page. // +kubebuilder:validation:Optional FooterText *string `json:"footerText,omitempty" tf:"footer_text,omitempty"` + // (String) The text at the top of the login page. // The text at the top of the login page. // +kubebuilder:validation:Optional HeaderText *string `json:"headerText,omitempty" tf:"header_text,omitempty"` + // (String) The URL of the logo on the login page. // The URL of the logo on the login page. // +kubebuilder:validation:Optional LogoPath *string `json:"logoPath,omitempty" tf:"logo_path,omitempty"` + // (String) The text color on the login page. // The text color on the login page. // +kubebuilder:validation:Optional TextColor *string `json:"textColor,omitempty" tf:"text_color,omitempty"` } +type OrganizationInitParameters struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) The unique subdomain assigned to your Zero Trust organization. + // The unique subdomain assigned to your Zero Trust organization. + AuthDomain *string `json:"authDomain,omitempty" tf:"auth_domain,omitempty"` + + // (Boolean) When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. + // When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. + IsUIReadOnly *bool `json:"isUiReadOnly,omitempty" tf:"is_ui_read_only,omitempty"` + + // (Block List) (see below for nested schema) + LoginDesign []LoginDesignInitParameters `json:"loginDesign,omitempty" tf:"login_design,omitempty"` + + // (String) The name of your Zero Trust organization. + // The name of your Zero Trust organization. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type OrganizationObservation struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) The unique subdomain assigned to your Zero Trust organization. + // The unique subdomain assigned to your Zero Trust organization. + AuthDomain *string `json:"authDomain,omitempty" tf:"auth_domain,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Boolean) When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. + // When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. + IsUIReadOnly *bool `json:"isUiReadOnly,omitempty" tf:"is_ui_read_only,omitempty"` + + // (Block List) (see below for nested schema) + LoginDesign []LoginDesignObservation `json:"loginDesign,omitempty" tf:"login_design,omitempty"` + + // (String) The name of your Zero Trust organization. + // The name of your Zero Trust organization. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type OrganizationParameters struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. // The account identifier to target for the resource. Conflicts with `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -58,21 +180,26 @@ type OrganizationParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) The unique subdomain assigned to your Zero Trust organization. // The unique subdomain assigned to your Zero Trust organization. - // +kubebuilder:validation:Required - AuthDomain *string `json:"authDomain" tf:"auth_domain,omitempty"` + // +kubebuilder:validation:Optional + AuthDomain *string `json:"authDomain,omitempty" tf:"auth_domain,omitempty"` + // (Boolean) When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. // When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. // +kubebuilder:validation:Optional IsUIReadOnly *bool `json:"isUiReadOnly,omitempty" tf:"is_ui_read_only,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional LoginDesign []LoginDesignParameters `json:"loginDesign,omitempty" tf:"login_design,omitempty"` + // (String) The name of your Zero Trust organization. // The name of your Zero Trust organization. // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) The zone identifier to target for the resource. Conflicts with account_id. // The zone identifier to target for the resource. Conflicts with `account_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -91,6 +218,17 @@ type OrganizationParameters struct { type OrganizationSpec struct { v1.ResourceSpec `json:",inline"` ForProvider OrganizationParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider OrganizationInitParameters `json:"initProvider,omitempty"` } // OrganizationStatus defines the observed state of Organization. @@ -100,19 +238,21 @@ type OrganizationStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Organization is the Schema for the Organizations API. +// Organization is the Schema for the Organizations API. A Zero Trust organization defines the user login experience. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Organization struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec OrganizationSpec `json:"spec"` - Status OrganizationStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.authDomain) || (has(self.initProvider) && has(self.initProvider.authDomain))",message="spec.forProvider.authDomain is a required parameter" + Spec OrganizationSpec `json:"spec"` + Status OrganizationStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/access/v1alpha1/zz_policy_terraformed.go b/apis/access/v1alpha1/zz_policy_terraformed.go new file mode 100755 index 0000000..2702217 --- /dev/null +++ b/apis/access/v1alpha1/zz_policy_terraformed.go @@ -0,0 +1,135 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Policy +func (mg *Policy) GetTerraformResourceType() string { + return "cloudflare_access_policy" +} + +// GetConnectionDetailsMapping for this Policy +func (tr *Policy) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Policy +func (tr *Policy) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Policy +func (tr *Policy) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Policy +func (tr *Policy) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Policy +func (tr *Policy) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Policy +func (tr *Policy) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Policy +func (tr *Policy) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Policy +func (tr *Policy) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Policy using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Policy) LateInitialize(attrs []byte) (bool, error) { + params := &PolicyParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("AccountID")) + opts = append(opts, resource.WithNameFilter("ZoneID")) + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Policy) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/access/v1alpha1/zz_policy_types.go b/apis/access/v1alpha1/zz_policy_types.go index e70ac76..077c7d86 100755 --- a/apis/access/v1alpha1/zz_policy_types.go +++ b/apis/access/v1alpha1/zz_policy_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,311 +17,976 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ApprovalGroupInitParameters struct { + + // (Number) Number of approvals needed. + // Number of approvals needed. + ApprovalsNeeded *float64 `json:"approvalsNeeded,omitempty" tf:"approvals_needed,omitempty"` + + // (List of String) List of emails to request approval from. + // List of emails to request approval from. + EmailAddresses []*string `json:"emailAddresses,omitempty" tf:"email_addresses,omitempty"` + + // (String) + EmailListUUID *string `json:"emailListUuid,omitempty" tf:"email_list_uuid,omitempty"` +} + type ApprovalGroupObservation struct { + + // (Number) Number of approvals needed. + // Number of approvals needed. + ApprovalsNeeded *float64 `json:"approvalsNeeded,omitempty" tf:"approvals_needed,omitempty"` + + // (List of String) List of emails to request approval from. + // List of emails to request approval from. + EmailAddresses []*string `json:"emailAddresses,omitempty" tf:"email_addresses,omitempty"` + + // (String) + EmailListUUID *string `json:"emailListUuid,omitempty" tf:"email_list_uuid,omitempty"` } type ApprovalGroupParameters struct { + // (Number) Number of approvals needed. // Number of approvals needed. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional ApprovalsNeeded *float64 `json:"approvalsNeeded" tf:"approvals_needed,omitempty"` + // (List of String) List of emails to request approval from. // List of emails to request approval from. // +kubebuilder:validation:Optional EmailAddresses []*string `json:"emailAddresses,omitempty" tf:"email_addresses,omitempty"` + // (String) // +kubebuilder:validation:Optional EmailListUUID *string `json:"emailListUuid,omitempty" tf:"email_list_uuid,omitempty"` } +type ExcludeAzureInitParameters struct { + + // (String) The ID of this resource. + ID []*string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type ExcludeAzureObservation struct { + + // (String) The ID of this resource. + ID []*string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type ExcludeAzureParameters struct { + // (String) The ID of this resource. // +kubebuilder:validation:Optional ID []*string `json:"id,omitempty" tf:"id,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type ExcludeExternalEvaluationInitParameters struct { + + // (String) + EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + + // (String) + KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` +} + type ExcludeExternalEvaluationObservation struct { + + // (String) + EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + + // (String) + KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` } type ExcludeExternalEvaluationParameters struct { + // (String) // +kubebuilder:validation:Optional EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + // (String) // +kubebuilder:validation:Optional KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` } +type ExcludeGithubInitParameters struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) Friendly name of the Access Policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (List of String) + Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` +} + type ExcludeGithubObservation struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) Friendly name of the Access Policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (List of String) + Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` } type ExcludeGithubParameters struct { + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + // (String) Friendly name of the Access Policy. // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` } +type ExcludeGsuiteInitParameters struct { + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type ExcludeGsuiteObservation struct { + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type ExcludeGsuiteParameters struct { + // (List of String) // +kubebuilder:validation:Optional Email []*string `json:"email,omitempty" tf:"email,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type ExcludeOktaInitParameters struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) Friendly name of the Access Policy. + Name []*string `json:"name,omitempty" tf:"name,omitempty"` +} + type ExcludeOktaObservation struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) Friendly name of the Access Policy. + Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type ExcludeOktaParameters struct { + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + // (String) Friendly name of the Access Policy. // +kubebuilder:validation:Optional Name []*string `json:"name,omitempty" tf:"name,omitempty"` } +type ExcludeSAMLInitParameters struct { + + // (String) + AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + + // (String) + AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type ExcludeSAMLObservation struct { + + // (String) + AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + + // (String) + AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type ExcludeSAMLParameters struct { + // (String) // +kubebuilder:validation:Optional AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + // (String) // +kubebuilder:validation:Optional AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type PolicyExcludeInitParameters struct { + + // (Boolean) + AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + + // (String) + AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + + // (Block List) (see below for nested schema) + Azure []ExcludeAzureInitParameters `json:"azure,omitempty" tf:"azure,omitempty"` + + // (Boolean) + Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) + CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + + // (List of String) + DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (List of String) + EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + + // (Boolean) + Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + ExternalEvaluation []ExcludeExternalEvaluationInitParameters `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + + // (List of String) + Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Block List) (see below for nested schema) + Github []ExcludeGithubInitParameters `json:"github,omitempty" tf:"github,omitempty"` + + // (List of String) + Group []*string `json:"group,omitempty" tf:"group,omitempty"` + + // (Block List) (see below for nested schema) + Gsuite []ExcludeGsuiteInitParameters `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + + // (List of String) + IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (List of String) + LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + + // (Block List) (see below for nested schema) + Okta []ExcludeOktaInitParameters `json:"okta,omitempty" tf:"okta,omitempty"` + + // (Block List) (see below for nested schema) + SAML []ExcludeSAMLInitParameters `json:"saml,omitempty" tf:"saml,omitempty"` + + // (List of String) + ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` +} + type PolicyExcludeObservation struct { + + // (Boolean) + AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + + // (String) + AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + + // (Block List) (see below for nested schema) + Azure []ExcludeAzureObservation `json:"azure,omitempty" tf:"azure,omitempty"` + + // (Boolean) + Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) + CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + + // (List of String) + DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (List of String) + EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + + // (Boolean) + Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + ExternalEvaluation []ExcludeExternalEvaluationObservation `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + + // (List of String) + Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Block List) (see below for nested schema) + Github []ExcludeGithubObservation `json:"github,omitempty" tf:"github,omitempty"` + + // (List of String) + Group []*string `json:"group,omitempty" tf:"group,omitempty"` + + // (Block List) (see below for nested schema) + Gsuite []ExcludeGsuiteObservation `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + + // (List of String) + IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (List of String) + LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + + // (Block List) (see below for nested schema) + Okta []ExcludeOktaObservation `json:"okta,omitempty" tf:"okta,omitempty"` + + // (Block List) (see below for nested schema) + SAML []ExcludeSAMLObservation `json:"saml,omitempty" tf:"saml,omitempty"` + + // (List of String) + ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` } type PolicyExcludeParameters struct { + // (Boolean) // +kubebuilder:validation:Optional AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + // (String) // +kubebuilder:validation:Optional AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Azure []ExcludeAzureParameters `json:"azure,omitempty" tf:"azure,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + // (String) // +kubebuilder:validation:Optional CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + // (List of String) // +kubebuilder:validation:Optional DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Email []*string `json:"email,omitempty" tf:"email,omitempty"` + // (List of String) // +kubebuilder:validation:Optional EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + // (Block List, Max: 1) (see below for nested schema) // +kubebuilder:validation:Optional ExternalEvaluation []ExcludeExternalEvaluationParameters `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Github []ExcludeGithubParameters `json:"github,omitempty" tf:"github,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Group []*string `json:"group,omitempty" tf:"group,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Gsuite []ExcludeGsuiteParameters `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + // (List of String) // +kubebuilder:validation:Optional IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + // (List of String) // +kubebuilder:validation:Optional LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Okta []ExcludeOktaParameters `json:"okta,omitempty" tf:"okta,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional SAML []ExcludeSAMLParameters `json:"saml,omitempty" tf:"saml,omitempty"` + // (List of String) // +kubebuilder:validation:Optional ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` } +type PolicyIncludeAzureInitParameters struct { + + // (String) The ID of this resource. + ID []*string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type PolicyIncludeAzureObservation struct { + + // (String) The ID of this resource. + ID []*string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type PolicyIncludeAzureParameters struct { + // (String) The ID of this resource. // +kubebuilder:validation:Optional ID []*string `json:"id,omitempty" tf:"id,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type PolicyIncludeExternalEvaluationInitParameters struct { + + // (String) + EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + + // (String) + KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` +} + type PolicyIncludeExternalEvaluationObservation struct { + + // (String) + EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + + // (String) + KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` } type PolicyIncludeExternalEvaluationParameters struct { + // (String) // +kubebuilder:validation:Optional EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + // (String) // +kubebuilder:validation:Optional KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` } +type PolicyIncludeGithubInitParameters struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) Friendly name of the Access Policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (List of String) + Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` +} + type PolicyIncludeGithubObservation struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) Friendly name of the Access Policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (List of String) + Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` } type PolicyIncludeGithubParameters struct { + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + // (String) Friendly name of the Access Policy. // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` } +type PolicyIncludeGsuiteInitParameters struct { + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type PolicyIncludeGsuiteObservation struct { + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type PolicyIncludeGsuiteParameters struct { + // (List of String) + // +kubebuilder:validation:Optional + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) // +kubebuilder:validation:Optional + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + +type PolicyIncludeInitParameters struct { + + // (Boolean) + AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + + // (String) + AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + + // (Block List) (see below for nested schema) + Azure []PolicyIncludeAzureInitParameters `json:"azure,omitempty" tf:"azure,omitempty"` + + // (Boolean) + Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) + CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + + // (List of String) + DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // (List of String) Email []*string `json:"email,omitempty" tf:"email,omitempty"` - // +kubebuilder:validation:Optional + // (List of String) + EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + + // (Boolean) + Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + ExternalEvaluation []PolicyIncludeExternalEvaluationInitParameters `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + + // (List of String) + Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Block List) (see below for nested schema) + Github []PolicyIncludeGithubInitParameters `json:"github,omitempty" tf:"github,omitempty"` + + // (List of String) + Group []*string `json:"group,omitempty" tf:"group,omitempty"` + + // (Block List) (see below for nested schema) + Gsuite []PolicyIncludeGsuiteInitParameters `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + + // (List of String) + IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (List of String) + LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + + // (Block List) (see below for nested schema) + Okta []PolicyIncludeOktaInitParameters `json:"okta,omitempty" tf:"okta,omitempty"` + + // (Block List) (see below for nested schema) + SAML []PolicyIncludeSAMLInitParameters `json:"saml,omitempty" tf:"saml,omitempty"` + + // (List of String) + ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` +} + +type PolicyIncludeObservation struct { + + // (Boolean) + AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + + // (String) + AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + + // (Block List) (see below for nested schema) + Azure []PolicyIncludeAzureObservation `json:"azure,omitempty" tf:"azure,omitempty"` + + // (Boolean) + Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) + CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + + // (List of String) + DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (List of String) + EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + + // (Boolean) + Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + ExternalEvaluation []PolicyIncludeExternalEvaluationObservation `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + + // (List of String) + Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Block List) (see below for nested schema) + Github []PolicyIncludeGithubObservation `json:"github,omitempty" tf:"github,omitempty"` + + // (List of String) + Group []*string `json:"group,omitempty" tf:"group,omitempty"` + + // (Block List) (see below for nested schema) + Gsuite []PolicyIncludeGsuiteObservation `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + + // (List of String) + IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (List of String) + LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + + // (Block List) (see below for nested schema) + Okta []PolicyIncludeOktaObservation `json:"okta,omitempty" tf:"okta,omitempty"` + + // (Block List) (see below for nested schema) + SAML []PolicyIncludeSAMLObservation `json:"saml,omitempty" tf:"saml,omitempty"` + + // (List of String) + ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` +} + +type PolicyIncludeOktaInitParameters struct { + + // (String) IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` -} -type PolicyIncludeObservation struct { + // (String) Friendly name of the Access Policy. + Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type PolicyIncludeOktaObservation struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) Friendly name of the Access Policy. + Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type PolicyIncludeOktaParameters struct { + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + // (String) Friendly name of the Access Policy. // +kubebuilder:validation:Optional Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type PolicyIncludeParameters struct { + // (Boolean) // +kubebuilder:validation:Optional AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + // (String) // +kubebuilder:validation:Optional AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Azure []PolicyIncludeAzureParameters `json:"azure,omitempty" tf:"azure,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + // (String) // +kubebuilder:validation:Optional CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + // (List of String) // +kubebuilder:validation:Optional DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Email []*string `json:"email,omitempty" tf:"email,omitempty"` + // (List of String) // +kubebuilder:validation:Optional EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + // (Block List, Max: 1) (see below for nested schema) // +kubebuilder:validation:Optional ExternalEvaluation []PolicyIncludeExternalEvaluationParameters `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Github []PolicyIncludeGithubParameters `json:"github,omitempty" tf:"github,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Group []*string `json:"group,omitempty" tf:"group,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Gsuite []PolicyIncludeGsuiteParameters `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + // (List of String) // +kubebuilder:validation:Optional IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + // (List of String) // +kubebuilder:validation:Optional LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Okta []PolicyIncludeOktaParameters `json:"okta,omitempty" tf:"okta,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional SAML []PolicyIncludeSAMLParameters `json:"saml,omitempty" tf:"saml,omitempty"` + // (List of String) // +kubebuilder:validation:Optional ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` } +type PolicyIncludeSAMLInitParameters struct { + + // (String) + AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + + // (String) + AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type PolicyIncludeSAMLObservation struct { + + // (String) + AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + + // (String) + AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type PolicyIncludeSAMLParameters struct { + // (String) // +kubebuilder:validation:Optional AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + // (String) // +kubebuilder:validation:Optional AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type PolicyInitParameters struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) The ID of the application the policy is associated with. + // The ID of the application the policy is associated with. + // +crossplane:generate:reference:type=Application + ApplicationID *string `json:"applicationId,omitempty" tf:"application_id,omitempty"` + + // Reference to a Application to populate applicationId. + // +kubebuilder:validation:Optional + ApplicationIDRef *v1.Reference `json:"applicationIdRef,omitempty" tf:"-"` + + // Selector for a Application to populate applicationId. + // +kubebuilder:validation:Optional + ApplicationIDSelector *v1.Selector `json:"applicationIdSelector,omitempty" tf:"-"` + + // (Block List) (see below for nested schema) + ApprovalGroup []ApprovalGroupInitParameters `json:"approvalGroup,omitempty" tf:"approval_group,omitempty"` + + // (Boolean) + ApprovalRequired *bool `json:"approvalRequired,omitempty" tf:"approval_required,omitempty"` + + // (String) Defines the action Access will take if the policy matches the user. Available values: allow, deny, non_identity, bypass. + // Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. + Decision *string `json:"decision,omitempty" tf:"decision,omitempty"` + + // (Block List) A series of access conditions, see Access Groups. (see below for nested schema) + // A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + Exclude []PolicyExcludeInitParameters `json:"exclude,omitempty" tf:"exclude,omitempty"` + + // (Block List, Min: 1) A series of access conditions, see Access Groups. (see below for nested schema) + // A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + Include []PolicyIncludeInitParameters `json:"include,omitempty" tf:"include,omitempty"` + + // (String) Friendly name of the Access Policy. + // Friendly name of the Access Policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Number) The unique precedence for policies on a single application. + // The unique precedence for policies on a single application. + Precedence *float64 `json:"precedence,omitempty" tf:"precedence,omitempty"` + + // (String) The prompt to display to the user for a justification for accessing the resource. Required when using purpose_justification_required. + // The prompt to display to the user for a justification for accessing the resource. Required when using `purpose_justification_required`. + PurposeJustificationPrompt *string `json:"purposeJustificationPrompt,omitempty" tf:"purpose_justification_prompt,omitempty"` + + // (Boolean) Whether to prompt the user for a justification for accessing the resource. + // Whether to prompt the user for a justification for accessing the resource. + PurposeJustificationRequired *bool `json:"purposeJustificationRequired,omitempty" tf:"purpose_justification_required,omitempty"` + + // (Block List) A series of access conditions, see Access Groups. (see below for nested schema) + // A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + Require []PolicyRequireInitParameters `json:"require,omitempty" tf:"require,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type PolicyObservation struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) The ID of the application the policy is associated with. + // The ID of the application the policy is associated with. + ApplicationID *string `json:"applicationId,omitempty" tf:"application_id,omitempty"` + + // (Block List) (see below for nested schema) + ApprovalGroup []ApprovalGroupObservation `json:"approvalGroup,omitempty" tf:"approval_group,omitempty"` + + // (Boolean) + ApprovalRequired *bool `json:"approvalRequired,omitempty" tf:"approval_required,omitempty"` + + // (String) Defines the action Access will take if the policy matches the user. Available values: allow, deny, non_identity, bypass. + // Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. + Decision *string `json:"decision,omitempty" tf:"decision,omitempty"` + + // (Block List) A series of access conditions, see Access Groups. (see below for nested schema) + // A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + Exclude []PolicyExcludeObservation `json:"exclude,omitempty" tf:"exclude,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Block List, Min: 1) A series of access conditions, see Access Groups. (see below for nested schema) + // A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + Include []PolicyIncludeObservation `json:"include,omitempty" tf:"include,omitempty"` + + // (String) Friendly name of the Access Policy. + // Friendly name of the Access Policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Number) The unique precedence for policies on a single application. + // The unique precedence for policies on a single application. + Precedence *float64 `json:"precedence,omitempty" tf:"precedence,omitempty"` + + // (String) The prompt to display to the user for a justification for accessing the resource. Required when using purpose_justification_required. + // The prompt to display to the user for a justification for accessing the resource. Required when using `purpose_justification_required`. + PurposeJustificationPrompt *string `json:"purposeJustificationPrompt,omitempty" tf:"purpose_justification_prompt,omitempty"` + + // (Boolean) Whether to prompt the user for a justification for accessing the resource. + // Whether to prompt the user for a justification for accessing the resource. + PurposeJustificationRequired *bool `json:"purposeJustificationRequired,omitempty" tf:"purpose_justification_required,omitempty"` + + // (Block List) A series of access conditions, see Access Groups. (see below for nested schema) + // A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + Require []PolicyRequireObservation `json:"require,omitempty" tf:"require,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type PolicyParameters struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. // The account identifier to target for the resource. Conflicts with `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -331,6 +1000,7 @@ type PolicyParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) The ID of the application the policy is associated with. // The ID of the application the policy is associated with. // +crossplane:generate:reference:type=Application // +kubebuilder:validation:Optional @@ -344,44 +1014,55 @@ type PolicyParameters struct { // +kubebuilder:validation:Optional ApplicationIDSelector *v1.Selector `json:"applicationIdSelector,omitempty" tf:"-"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional ApprovalGroup []ApprovalGroupParameters `json:"approvalGroup,omitempty" tf:"approval_group,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional ApprovalRequired *bool `json:"approvalRequired,omitempty" tf:"approval_required,omitempty"` + // (String) Defines the action Access will take if the policy matches the user. Available values: allow, deny, non_identity, bypass. // Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. - // +kubebuilder:validation:Required - Decision *string `json:"decision" tf:"decision,omitempty"` + // +kubebuilder:validation:Optional + Decision *string `json:"decision,omitempty" tf:"decision,omitempty"` + // (Block List) A series of access conditions, see Access Groups. (see below for nested schema) // A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). // +kubebuilder:validation:Optional Exclude []PolicyExcludeParameters `json:"exclude,omitempty" tf:"exclude,omitempty"` + // (Block List, Min: 1) A series of access conditions, see Access Groups. (see below for nested schema) // A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). - // +kubebuilder:validation:Required - Include []PolicyIncludeParameters `json:"include" tf:"include,omitempty"` + // +kubebuilder:validation:Optional + Include []PolicyIncludeParameters `json:"include,omitempty" tf:"include,omitempty"` + // (String) Friendly name of the Access Policy. // Friendly name of the Access Policy. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (Number) The unique precedence for policies on a single application. // The unique precedence for policies on a single application. - // +kubebuilder:validation:Required - Precedence *float64 `json:"precedence" tf:"precedence,omitempty"` + // +kubebuilder:validation:Optional + Precedence *float64 `json:"precedence,omitempty" tf:"precedence,omitempty"` + // (String) The prompt to display to the user for a justification for accessing the resource. Required when using purpose_justification_required. // The prompt to display to the user for a justification for accessing the resource. Required when using `purpose_justification_required`. // +kubebuilder:validation:Optional PurposeJustificationPrompt *string `json:"purposeJustificationPrompt,omitempty" tf:"purpose_justification_prompt,omitempty"` + // (Boolean) Whether to prompt the user for a justification for accessing the resource. // Whether to prompt the user for a justification for accessing the resource. // +kubebuilder:validation:Optional PurposeJustificationRequired *bool `json:"purposeJustificationRequired,omitempty" tf:"purpose_justification_required,omitempty"` + // (Block List) A series of access conditions, see Access Groups. (see below for nested schema) // A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). // +kubebuilder:validation:Optional Require []PolicyRequireParameters `json:"require,omitempty" tf:"require,omitempty"` + // (String) The zone identifier to target for the resource. Conflicts with account_id. // The zone identifier to target for the resource. Conflicts with `account_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -396,143 +1077,395 @@ type PolicyParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type PolicyRequireAzureInitParameters struct { + + // (String) The ID of this resource. + ID []*string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type PolicyRequireAzureObservation struct { + + // (String) The ID of this resource. + ID []*string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type PolicyRequireAzureParameters struct { + // (String) The ID of this resource. // +kubebuilder:validation:Optional ID []*string `json:"id,omitempty" tf:"id,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type PolicyRequireExternalEvaluationInitParameters struct { + + // (String) + EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + + // (String) + KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` +} + type PolicyRequireExternalEvaluationObservation struct { + + // (String) + EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + + // (String) + KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` } type PolicyRequireExternalEvaluationParameters struct { + // (String) // +kubebuilder:validation:Optional EvaluateURL *string `json:"evaluateUrl,omitempty" tf:"evaluate_url,omitempty"` + // (String) // +kubebuilder:validation:Optional KeysURL *string `json:"keysUrl,omitempty" tf:"keys_url,omitempty"` } +type PolicyRequireGithubInitParameters struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) Friendly name of the Access Policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (List of String) + Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` +} + type PolicyRequireGithubObservation struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) Friendly name of the Access Policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (List of String) + Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` } type PolicyRequireGithubParameters struct { + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + // (String) Friendly name of the Access Policy. // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Teams []*string `json:"teams,omitempty" tf:"teams,omitempty"` } +type PolicyRequireGsuiteInitParameters struct { + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type PolicyRequireGsuiteObservation struct { + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type PolicyRequireGsuiteParameters struct { + // (List of String) // +kubebuilder:validation:Optional Email []*string `json:"email,omitempty" tf:"email,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } +type PolicyRequireInitParameters struct { + + // (Boolean) + AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + + // (String) + AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + + // (Block List) (see below for nested schema) + Azure []PolicyRequireAzureInitParameters `json:"azure,omitempty" tf:"azure,omitempty"` + + // (Boolean) + Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) + CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + + // (List of String) + DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (List of String) + EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + + // (Boolean) + Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + ExternalEvaluation []PolicyRequireExternalEvaluationInitParameters `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + + // (List of String) + Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Block List) (see below for nested schema) + Github []PolicyRequireGithubInitParameters `json:"github,omitempty" tf:"github,omitempty"` + + // (List of String) + Group []*string `json:"group,omitempty" tf:"group,omitempty"` + + // (Block List) (see below for nested schema) + Gsuite []PolicyRequireGsuiteInitParameters `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + + // (List of String) + IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (List of String) + LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + + // (Block List) (see below for nested schema) + Okta []PolicyRequireOktaInitParameters `json:"okta,omitempty" tf:"okta,omitempty"` + + // (Block List) (see below for nested schema) + SAML []PolicyRequireSAMLInitParameters `json:"saml,omitempty" tf:"saml,omitempty"` + + // (List of String) + ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` +} + type PolicyRequireObservation struct { + + // (Boolean) + AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + + // (String) + AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + + // (Block List) (see below for nested schema) + Azure []PolicyRequireAzureObservation `json:"azure,omitempty" tf:"azure,omitempty"` + + // (Boolean) + Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // (String) + CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + + // (List of String) + DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // (List of String) + Email []*string `json:"email,omitempty" tf:"email,omitempty"` + + // (List of String) + EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + + // (Boolean) + Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + ExternalEvaluation []PolicyRequireExternalEvaluationObservation `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + + // (List of String) + Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Block List) (see below for nested schema) + Github []PolicyRequireGithubObservation `json:"github,omitempty" tf:"github,omitempty"` + + // (List of String) + Group []*string `json:"group,omitempty" tf:"group,omitempty"` + + // (Block List) (see below for nested schema) + Gsuite []PolicyRequireGsuiteObservation `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + + // (List of String) + IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (List of String) + LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + + // (Block List) (see below for nested schema) + Okta []PolicyRequireOktaObservation `json:"okta,omitempty" tf:"okta,omitempty"` + + // (Block List) (see below for nested schema) + SAML []PolicyRequireSAMLObservation `json:"saml,omitempty" tf:"saml,omitempty"` + + // (List of String) + ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` +} + +type PolicyRequireOktaInitParameters struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) Friendly name of the Access Policy. + Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type PolicyRequireOktaObservation struct { + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + + // (String) Friendly name of the Access Policy. + Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type PolicyRequireOktaParameters struct { + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` + // (String) Friendly name of the Access Policy. // +kubebuilder:validation:Optional Name []*string `json:"name,omitempty" tf:"name,omitempty"` } type PolicyRequireParameters struct { + // (Boolean) // +kubebuilder:validation:Optional AnyValidServiceToken *bool `json:"anyValidServiceToken,omitempty" tf:"any_valid_service_token,omitempty"` + // (String) // +kubebuilder:validation:Optional AuthMethod *string `json:"authMethod,omitempty" tf:"auth_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Azure []PolicyRequireAzureParameters `json:"azure,omitempty" tf:"azure,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional Certificate *bool `json:"certificate,omitempty" tf:"certificate,omitempty"` + // (String) // +kubebuilder:validation:Optional CommonName *string `json:"commonName,omitempty" tf:"common_name,omitempty"` + // (List of String) // +kubebuilder:validation:Optional DevicePosture []*string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Email []*string `json:"email,omitempty" tf:"email,omitempty"` + // (List of String) // +kubebuilder:validation:Optional EmailDomain []*string `json:"emailDomain,omitempty" tf:"email_domain,omitempty"` + // (Boolean) // +kubebuilder:validation:Optional Everyone *bool `json:"everyone,omitempty" tf:"everyone,omitempty"` + // (Block List, Max: 1) (see below for nested schema) // +kubebuilder:validation:Optional ExternalEvaluation []PolicyRequireExternalEvaluationParameters `json:"externalEvaluation,omitempty" tf:"external_evaluation,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Geo []*string `json:"geo,omitempty" tf:"geo,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Github []PolicyRequireGithubParameters `json:"github,omitempty" tf:"github,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Group []*string `json:"group,omitempty" tf:"group,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Gsuite []PolicyRequireGsuiteParameters `json:"gsuite,omitempty" tf:"gsuite,omitempty"` + // (List of String) // +kubebuilder:validation:Optional IP []*string `json:"ip,omitempty" tf:"ip,omitempty"` + // (List of String) // +kubebuilder:validation:Optional LoginMethod []*string `json:"loginMethod,omitempty" tf:"login_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Okta []PolicyRequireOktaParameters `json:"okta,omitempty" tf:"okta,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional SAML []PolicyRequireSAMLParameters `json:"saml,omitempty" tf:"saml,omitempty"` + // (List of String) // +kubebuilder:validation:Optional ServiceToken []*string `json:"serviceToken,omitempty" tf:"service_token,omitempty"` } +type PolicyRequireSAMLInitParameters struct { + + // (String) + AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + + // (String) + AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` +} + type PolicyRequireSAMLObservation struct { + + // (String) + AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + + // (String) + AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + + // (String) + IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } type PolicyRequireSAMLParameters struct { + // (String) // +kubebuilder:validation:Optional AttributeName *string `json:"attributeName,omitempty" tf:"attribute_name,omitempty"` + // (String) // +kubebuilder:validation:Optional AttributeValue *string `json:"attributeValue,omitempty" tf:"attribute_value,omitempty"` + // (String) // +kubebuilder:validation:Optional IdentityProviderID *string `json:"identityProviderId,omitempty" tf:"identity_provider_id,omitempty"` } @@ -541,6 +1474,17 @@ type PolicyRequireSAMLParameters struct { type PolicySpec struct { v1.ResourceSpec `json:",inline"` ForProvider PolicyParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider PolicyInitParameters `json:"initProvider,omitempty"` } // PolicyStatus defines the observed state of Policy. @@ -550,19 +1494,24 @@ type PolicyStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Policy is the Schema for the Policys API. +// Policy is the Schema for the Policys API. Provides a Cloudflare Access Policy resource. Access Policies are used in conjunction with Access Applications to restrict access to a particular resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Policy struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec PolicySpec `json:"spec"` - Status PolicyStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.decision) || (has(self.initProvider) && has(self.initProvider.decision))",message="spec.forProvider.decision is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.include) || (has(self.initProvider) && has(self.initProvider.include))",message="spec.forProvider.include is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.precedence) || (has(self.initProvider) && has(self.initProvider.precedence))",message="spec.forProvider.precedence is a required parameter" + Spec PolicySpec `json:"spec"` + Status PolicyStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/access/v1alpha1/zz_rule_terraformed.go b/apis/access/v1alpha1/zz_rule_terraformed.go new file mode 100755 index 0000000..f14de77 --- /dev/null +++ b/apis/access/v1alpha1/zz_rule_terraformed.go @@ -0,0 +1,135 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Rule +func (mg *Rule) GetTerraformResourceType() string { + return "cloudflare_access_rule" +} + +// GetConnectionDetailsMapping for this Rule +func (tr *Rule) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Rule +func (tr *Rule) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Rule +func (tr *Rule) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Rule +func (tr *Rule) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Rule +func (tr *Rule) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Rule +func (tr *Rule) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Rule +func (tr *Rule) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Rule +func (tr *Rule) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Rule using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Rule) LateInitialize(attrs []byte) (bool, error) { + params := &RuleParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("AccountID")) + opts = append(opts, resource.WithNameFilter("ZoneID")) + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Rule) GetTerraformSchemaVersion() int { + return 1 +} diff --git a/apis/access/v1alpha1/zz_rule_types.go b/apis/access/v1alpha1/zz_rule_types.go index ddce53b..0fbd672 100755 --- a/apis/access/v1alpha1/zz_rule_types.go +++ b/apis/access/v1alpha1/zz_rule_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,26 +17,111 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ConfigurationInitParameters struct { + + // (String) The request property to target. Available values: ip, ip6, ip_range, asn, country. Modifying this attribute will force creation of a new resource. + // The request property to target. Available values: `ip`, `ip6`, `ip_range`, `asn`, `country`. **Modifying this attribute will force creation of a new resource.** + Target *string `json:"target,omitempty" tf:"target,omitempty"` + + // (String) The value to target. Depends on target's type. Modifying this attribute will force creation of a new resource. + // The value to target. Depends on target's type. **Modifying this attribute will force creation of a new resource.** + Value *string `json:"value,omitempty" tf:"value,omitempty"` +} + type ConfigurationObservation struct { + + // (String) The request property to target. Available values: ip, ip6, ip_range, asn, country. Modifying this attribute will force creation of a new resource. + // The request property to target. Available values: `ip`, `ip6`, `ip_range`, `asn`, `country`. **Modifying this attribute will force creation of a new resource.** + Target *string `json:"target,omitempty" tf:"target,omitempty"` + + // (String) The value to target. Depends on target's type. Modifying this attribute will force creation of a new resource. + // The value to target. Depends on target's type. **Modifying this attribute will force creation of a new resource.** + Value *string `json:"value,omitempty" tf:"value,omitempty"` } type ConfigurationParameters struct { + // (String) The request property to target. Available values: ip, ip6, ip_range, asn, country. Modifying this attribute will force creation of a new resource. // The request property to target. Available values: `ip`, `ip6`, `ip_range`, `asn`, `country`. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Target *string `json:"target" tf:"target,omitempty"` + // (String) The value to target. Depends on target's type. Modifying this attribute will force creation of a new resource. // The value to target. Depends on target's type. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Value *string `json:"value" tf:"value,omitempty"` } +type RuleInitParameters struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (Block List, Min: 1, Max: 1) Rule configuration to apply to a matched request. Modifying this attribute will force creation of a new resource. (see below for nested schema) + // Rule configuration to apply to a matched request. **Modifying this attribute will force creation of a new resource.** + Configuration []ConfigurationInitParameters `json:"configuration,omitempty" tf:"configuration,omitempty"` + + // (String) The action to apply to a matched request. Available values: block, challenge, whitelist, js_challenge, managed_challenge. + // The action to apply to a matched request. Available values: `block`, `challenge`, `whitelist`, `js_challenge`, `managed_challenge`. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // (String) A personal note about the rule. Typically used as a reminder or explanation for the rule. + // A personal note about the rule. Typically used as a reminder or explanation for the rule. + Notes *string `json:"notes,omitempty" tf:"notes,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type RuleObservation struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (Block List, Min: 1, Max: 1) Rule configuration to apply to a matched request. Modifying this attribute will force creation of a new resource. (see below for nested schema) + // Rule configuration to apply to a matched request. **Modifying this attribute will force creation of a new resource.** + Configuration []ConfigurationObservation `json:"configuration,omitempty" tf:"configuration,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The action to apply to a matched request. Available values: block, challenge, whitelist, js_challenge, managed_challenge. + // The action to apply to a matched request. Available values: `block`, `challenge`, `whitelist`, `js_challenge`, `managed_challenge`. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // (String) A personal note about the rule. Typically used as a reminder or explanation for the rule. + // A personal note about the rule. Typically used as a reminder or explanation for the rule. + Notes *string `json:"notes,omitempty" tf:"notes,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type RuleParameters struct { + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -46,18 +135,22 @@ type RuleParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (Block List, Min: 1, Max: 1) Rule configuration to apply to a matched request. Modifying this attribute will force creation of a new resource. (see below for nested schema) // Rule configuration to apply to a matched request. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Configuration []ConfigurationParameters `json:"configuration" tf:"configuration,omitempty"` + // +kubebuilder:validation:Optional + Configuration []ConfigurationParameters `json:"configuration,omitempty" tf:"configuration,omitempty"` + // (String) The action to apply to a matched request. Available values: block, challenge, whitelist, js_challenge, managed_challenge. // The action to apply to a matched request. Available values: `block`, `challenge`, `whitelist`, `js_challenge`, `managed_challenge`. - // +kubebuilder:validation:Required - Mode *string `json:"mode" tf:"mode,omitempty"` + // +kubebuilder:validation:Optional + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + // (String) A personal note about the rule. Typically used as a reminder or explanation for the rule. // A personal note about the rule. Typically used as a reminder or explanation for the rule. // +kubebuilder:validation:Optional Notes *string `json:"notes,omitempty" tf:"notes,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -76,6 +169,17 @@ type RuleParameters struct { type RuleSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RuleParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RuleInitParameters `json:"initProvider,omitempty"` } // RuleStatus defines the observed state of Rule. @@ -85,19 +189,22 @@ type RuleStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Rule is the Schema for the Rules API. +// Rule is the Schema for the Rules API. Provides a Cloudflare IP Firewall Access Rule resource. Access control can be applied on basis of IP addresses, IP ranges, AS numbers or countries. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Rule struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RuleSpec `json:"spec"` - Status RuleStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.configuration) || (has(self.initProvider) && has(self.initProvider.configuration))",message="spec.forProvider.configuration is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.mode) || (has(self.initProvider) && has(self.initProvider.mode))",message="spec.forProvider.mode is a required parameter" + Spec RuleSpec `json:"spec"` + Status RuleStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/access/v1alpha1/zz_servicetoken_terraformed.go b/apis/access/v1alpha1/zz_servicetoken_terraformed.go new file mode 100755 index 0000000..0655221 --- /dev/null +++ b/apis/access/v1alpha1/zz_servicetoken_terraformed.go @@ -0,0 +1,135 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this ServiceToken +func (mg *ServiceToken) GetTerraformResourceType() string { + return "cloudflare_access_service_token" +} + +// GetConnectionDetailsMapping for this ServiceToken +func (tr *ServiceToken) GetConnectionDetailsMapping() map[string]string { + return map[string]string{"client_secret": "status.atProvider.clientSecret"} +} + +// GetObservation of this ServiceToken +func (tr *ServiceToken) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this ServiceToken +func (tr *ServiceToken) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this ServiceToken +func (tr *ServiceToken) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this ServiceToken +func (tr *ServiceToken) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this ServiceToken +func (tr *ServiceToken) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this ServiceToken +func (tr *ServiceToken) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this ServiceToken +func (tr *ServiceToken) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this ServiceToken using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *ServiceToken) LateInitialize(attrs []byte) (bool, error) { + params := &ServiceTokenParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("AccountID")) + opts = append(opts, resource.WithNameFilter("ZoneID")) + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *ServiceToken) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/access/v1alpha1/zz_servicetoken_types.go b/apis/access/v1alpha1/zz_servicetoken_types.go index 9ae6be6..4f9023b 100755 --- a/apis/access/v1alpha1/zz_servicetoken_types.go +++ b/apis/access/v1alpha1/zz_servicetoken_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,19 +17,74 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ServiceTokenInitParameters struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // Defaults to 0. Defaults to `0`. + MinDaysForRenewal *float64 `json:"minDaysForRenewal,omitempty" tf:"min_days_for_renewal,omitempty"` + + // (String) Friendly name of the token's intent. + // Friendly name of the token's intent. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type ServiceTokenObservation struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) UUID client ID associated with the Service Token. Modifying this attribute will force creation of a new resource. // UUID client ID associated with the Service Token. **Modifying this attribute will force creation of a new resource.** ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` + // (String) Date when the token expires. // Date when the token expires. ExpiresAt *string `json:"expiresAt,omitempty" tf:"expires_at,omitempty"` + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // Defaults to 0. Defaults to `0`. + MinDaysForRenewal *float64 `json:"minDaysForRenewal,omitempty" tf:"min_days_for_renewal,omitempty"` + + // (String) Friendly name of the token's intent. + // Friendly name of the token's intent. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type ServiceTokenParameters struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. // The account identifier to target for the resource. Conflicts with `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -39,14 +98,16 @@ type ServiceTokenParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` - // Defaults to `0`. + // Defaults to 0. Defaults to `0`. // +kubebuilder:validation:Optional MinDaysForRenewal *float64 `json:"minDaysForRenewal,omitempty" tf:"min_days_for_renewal,omitempty"` + // (String) Friendly name of the token's intent. // Friendly name of the token's intent. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) The zone identifier to target for the resource. Conflicts with account_id. // The zone identifier to target for the resource. Conflicts with `account_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -65,6 +126,17 @@ type ServiceTokenParameters struct { type ServiceTokenSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ServiceTokenParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ServiceTokenInitParameters `json:"initProvider,omitempty"` } // ServiceTokenStatus defines the observed state of ServiceToken. @@ -74,19 +146,21 @@ type ServiceTokenStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// ServiceToken is the Schema for the ServiceTokens API. +// ServiceToken is the Schema for the ServiceTokens API. Access Service Tokens are used for service-to-service communication when an application is behind Cloudflare Access. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type ServiceToken struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec ServiceTokenSpec `json:"spec"` - Status ServiceTokenStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec ServiceTokenSpec `json:"spec"` + Status ServiceTokenStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/account/v1alpha1/zz_account_terraformed.go b/apis/account/v1alpha1/zz_account_terraformed.go new file mode 100755 index 0000000..fc4000b --- /dev/null +++ b/apis/account/v1alpha1/zz_account_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Account +func (mg *Account) GetTerraformResourceType() string { + return "cloudflare_account" +} + +// GetConnectionDetailsMapping for this Account +func (tr *Account) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Account +func (tr *Account) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Account +func (tr *Account) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Account +func (tr *Account) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Account +func (tr *Account) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Account +func (tr *Account) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Account +func (tr *Account) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Account +func (tr *Account) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Account using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Account) LateInitialize(attrs []byte) (bool, error) { + params := &AccountParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Account) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/account/v1alpha1/zz_account_types.go b/apis/account/v1alpha1/zz_account_types.go index 643380b..5398c9c 100755 --- a/apis/account/v1alpha1/zz_account_types.go +++ b/apis/account/v1alpha1/zz_account_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,20 +17,52 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type AccountInitParameters struct { + + // (Boolean) Whether 2FA is enforced on the account. Defaults to false. + // Whether 2FA is enforced on the account. Defaults to `false`. + EnforceTwofactor *bool `json:"enforceTwofactor,omitempty" tf:"enforce_twofactor,omitempty"` + + // (String) The name of the account that is displayed in the Cloudflare dashboard. + // The name of the account that is displayed in the Cloudflare dashboard. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) Account type. Available values: enterprise, standard. Defaults to standard. Modifying this attribute will force creation of a new resource. + // Account type. Available values: `enterprise`, `standard`. Defaults to `standard`. **Modifying this attribute will force creation of a new resource.** + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type AccountObservation struct { + + // (Boolean) Whether 2FA is enforced on the account. Defaults to false. + // Whether 2FA is enforced on the account. Defaults to `false`. + EnforceTwofactor *bool `json:"enforceTwofactor,omitempty" tf:"enforce_twofactor,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The name of the account that is displayed in the Cloudflare dashboard. + // The name of the account that is displayed in the Cloudflare dashboard. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) Account type. Available values: enterprise, standard. Defaults to standard. Modifying this attribute will force creation of a new resource. + // Account type. Available values: `enterprise`, `standard`. Defaults to `standard`. **Modifying this attribute will force creation of a new resource.** + Type *string `json:"type,omitempty" tf:"type,omitempty"` } type AccountParameters struct { + // (Boolean) Whether 2FA is enforced on the account. Defaults to false. // Whether 2FA is enforced on the account. Defaults to `false`. // +kubebuilder:validation:Optional EnforceTwofactor *bool `json:"enforceTwofactor,omitempty" tf:"enforce_twofactor,omitempty"` + // (String) The name of the account that is displayed in the Cloudflare dashboard. // The name of the account that is displayed in the Cloudflare dashboard. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) Account type. Available values: enterprise, standard. Defaults to standard. Modifying this attribute will force creation of a new resource. // Account type. Available values: `enterprise`, `standard`. Defaults to `standard`. **Modifying this attribute will force creation of a new resource.** // +kubebuilder:validation:Optional Type *string `json:"type,omitempty" tf:"type,omitempty"` @@ -36,6 +72,17 @@ type AccountParameters struct { type AccountSpec struct { v1.ResourceSpec `json:",inline"` ForProvider AccountParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider AccountInitParameters `json:"initProvider,omitempty"` } // AccountStatus defines the observed state of Account. @@ -45,19 +92,21 @@ type AccountStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Account is the Schema for the Accounts API. +// Account is the Schema for the Accounts API. Provides a Cloudflare Account resource. Account is the basic resource for working with Cloudflare zones, teams and users. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Account struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec AccountSpec `json:"spec"` - Status AccountStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec AccountSpec `json:"spec"` + Status AccountStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/account/v1alpha1/zz_apitoken_terraformed.go b/apis/account/v1alpha1/zz_apitoken_terraformed.go new file mode 100755 index 0000000..4418535 --- /dev/null +++ b/apis/account/v1alpha1/zz_apitoken_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this APIToken +func (mg *APIToken) GetTerraformResourceType() string { + return "cloudflare_api_token" +} + +// GetConnectionDetailsMapping for this APIToken +func (tr *APIToken) GetConnectionDetailsMapping() map[string]string { + return map[string]string{"value": "status.atProvider.value"} +} + +// GetObservation of this APIToken +func (tr *APIToken) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this APIToken +func (tr *APIToken) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this APIToken +func (tr *APIToken) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this APIToken +func (tr *APIToken) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this APIToken +func (tr *APIToken) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this APIToken +func (tr *APIToken) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this APIToken +func (tr *APIToken) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this APIToken using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *APIToken) LateInitialize(attrs []byte) (bool, error) { + params := &APITokenParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *APIToken) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/account/v1alpha1/zz_apitoken_types.go b/apis/account/v1alpha1/zz_apitoken_types.go index aaf8585..a56132e 100755 --- a/apis/account/v1alpha1/zz_apitoken_types.go +++ b/apis/account/v1alpha1/zz_apitoken_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,80 +17,208 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type APITokenInitParameters struct { + + // (Block List, Max: 1) Conditions under which the token should be considered valid. (see below for nested schema) + // Conditions under which the token should be considered valid. + Condition []ConditionInitParameters `json:"condition,omitempty" tf:"condition,omitempty"` + + // (String) The expiration time on or after which the token MUST NOT be accepted for processing. + // The expiration time on or after which the token MUST NOT be accepted for processing. + ExpiresOn *string `json:"expiresOn,omitempty" tf:"expires_on,omitempty"` + + // (String) Name of the API Token. + // Name of the API Token. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The time before which the token MUST NOT be accepted for processing. + // The time before which the token MUST NOT be accepted for processing. + NotBefore *string `json:"notBefore,omitempty" tf:"not_before,omitempty"` + + // (Block Set, Min: 1) Permissions policy. Multiple policy blocks can be defined. (see below for nested schema) + // Permissions policy. Multiple policy blocks can be defined. + Policy []PolicyInitParameters `json:"policy,omitempty" tf:"policy,omitempty"` +} + type APITokenObservation struct { + + // (Block List, Max: 1) Conditions under which the token should be considered valid. (see below for nested schema) + // Conditions under which the token should be considered valid. + Condition []ConditionObservation `json:"condition,omitempty" tf:"condition,omitempty"` + + // (String) The expiration time on or after which the token MUST NOT be accepted for processing. + // The expiration time on or after which the token MUST NOT be accepted for processing. + ExpiresOn *string `json:"expiresOn,omitempty" tf:"expires_on,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (String) Timestamp of when the token was issued. // Timestamp of when the token was issued. IssuedOn *string `json:"issuedOn,omitempty" tf:"issued_on,omitempty"` + // (String) Timestamp of when the token was last modified. // Timestamp of when the token was last modified. ModifiedOn *string `json:"modifiedOn,omitempty" tf:"modified_on,omitempty"` + // (String) Name of the API Token. + // Name of the API Token. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The time before which the token MUST NOT be accepted for processing. + // The time before which the token MUST NOT be accepted for processing. + NotBefore *string `json:"notBefore,omitempty" tf:"not_before,omitempty"` + + // (Block Set, Min: 1) Permissions policy. Multiple policy blocks can be defined. (see below for nested schema) + // Permissions policy. Multiple policy blocks can be defined. + Policy []PolicyObservation `json:"policy,omitempty" tf:"policy,omitempty"` + + // (String) Status *string `json:"status,omitempty" tf:"status,omitempty"` } type APITokenParameters struct { + // (Block List, Max: 1) Conditions under which the token should be considered valid. (see below for nested schema) // Conditions under which the token should be considered valid. // +kubebuilder:validation:Optional Condition []ConditionParameters `json:"condition,omitempty" tf:"condition,omitempty"` + // (String) The expiration time on or after which the token MUST NOT be accepted for processing. // The expiration time on or after which the token MUST NOT be accepted for processing. // +kubebuilder:validation:Optional ExpiresOn *string `json:"expiresOn,omitempty" tf:"expires_on,omitempty"` + // (String) Name of the API Token. // Name of the API Token. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) The time before which the token MUST NOT be accepted for processing. // The time before which the token MUST NOT be accepted for processing. // +kubebuilder:validation:Optional NotBefore *string `json:"notBefore,omitempty" tf:"not_before,omitempty"` + // (Block Set, Min: 1) Permissions policy. Multiple policy blocks can be defined. (see below for nested schema) // Permissions policy. Multiple policy blocks can be defined. - // +kubebuilder:validation:Required - Policy []PolicyParameters `json:"policy" tf:"policy,omitempty"` + // +kubebuilder:validation:Optional + Policy []PolicyParameters `json:"policy,omitempty" tf:"policy,omitempty"` +} + +type ConditionInitParameters struct { + + // (Block List, Max: 1) Request IP related conditions. (see below for nested schema) + // Request IP related conditions. + RequestIP []RequestIPInitParameters `json:"requestIp,omitempty" tf:"request_ip,omitempty"` } type ConditionObservation struct { + + // (Block List, Max: 1) Request IP related conditions. (see below for nested schema) + // Request IP related conditions. + RequestIP []RequestIPObservation `json:"requestIp,omitempty" tf:"request_ip,omitempty"` } type ConditionParameters struct { + // (Block List, Max: 1) Request IP related conditions. (see below for nested schema) // Request IP related conditions. // +kubebuilder:validation:Optional RequestIP []RequestIPParameters `json:"requestIp,omitempty" tf:"request_ip,omitempty"` } +type PolicyInitParameters struct { + + // (String) Effect of the policy. Available values: allow, deny. Defaults to allow. + // Effect of the policy. Available values: `allow`, `deny`. Defaults to `allow`. + Effect *string `json:"effect,omitempty" tf:"effect,omitempty"` + + // (Set of String) List of permissions groups IDs. See documentation for more information. + // List of permissions groups IDs. See [documentation](https://developers.cloudflare.com/api/tokens/create/permissions) for more information. + // +listType=set + PermissionGroups []*string `json:"permissionGroups,omitempty" tf:"permission_groups,omitempty"` + + // (Map of String) Describes what operations against which resources are allowed or denied. + // Describes what operations against which resources are allowed or denied. + // +mapType=granular + Resources map[string]*string `json:"resources,omitempty" tf:"resources,omitempty"` +} + type PolicyObservation struct { + + // (String) Effect of the policy. Available values: allow, deny. Defaults to allow. + // Effect of the policy. Available values: `allow`, `deny`. Defaults to `allow`. + Effect *string `json:"effect,omitempty" tf:"effect,omitempty"` + + // (Set of String) List of permissions groups IDs. See documentation for more information. + // List of permissions groups IDs. See [documentation](https://developers.cloudflare.com/api/tokens/create/permissions) for more information. + // +listType=set + PermissionGroups []*string `json:"permissionGroups,omitempty" tf:"permission_groups,omitempty"` + + // (Map of String) Describes what operations against which resources are allowed or denied. + // Describes what operations against which resources are allowed or denied. + // +mapType=granular + Resources map[string]*string `json:"resources,omitempty" tf:"resources,omitempty"` } type PolicyParameters struct { + // (String) Effect of the policy. Available values: allow, deny. Defaults to allow. // Effect of the policy. Available values: `allow`, `deny`. Defaults to `allow`. // +kubebuilder:validation:Optional Effect *string `json:"effect,omitempty" tf:"effect,omitempty"` + // (Set of String) List of permissions groups IDs. See documentation for more information. // List of permissions groups IDs. See [documentation](https://developers.cloudflare.com/api/tokens/create/permissions) for more information. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional + // +listType=set PermissionGroups []*string `json:"permissionGroups" tf:"permission_groups,omitempty"` + // (Map of String) Describes what operations against which resources are allowed or denied. // Describes what operations against which resources are allowed or denied. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional + // +mapType=granular Resources map[string]*string `json:"resources" tf:"resources,omitempty"` } +type RequestIPInitParameters struct { + + // (Set of String) List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. + // List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. + // +listType=set + In []*string `json:"in,omitempty" tf:"in,omitempty"` + + // (Set of String) List of IP addresses or CIDR notation where the token should not be used from. + // List of IP addresses or CIDR notation where the token should not be used from. + // +listType=set + NotIn []*string `json:"notIn,omitempty" tf:"not_in,omitempty"` +} + type RequestIPObservation struct { + + // (Set of String) List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. + // List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. + // +listType=set + In []*string `json:"in,omitempty" tf:"in,omitempty"` + + // (Set of String) List of IP addresses or CIDR notation where the token should not be used from. + // List of IP addresses or CIDR notation where the token should not be used from. + // +listType=set + NotIn []*string `json:"notIn,omitempty" tf:"not_in,omitempty"` } type RequestIPParameters struct { + // (Set of String) List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. // List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. // +kubebuilder:validation:Optional + // +listType=set In []*string `json:"in,omitempty" tf:"in,omitempty"` + // (Set of String) List of IP addresses or CIDR notation where the token should not be used from. // List of IP addresses or CIDR notation where the token should not be used from. // +kubebuilder:validation:Optional + // +listType=set NotIn []*string `json:"notIn,omitempty" tf:"not_in,omitempty"` } @@ -94,6 +226,17 @@ type RequestIPParameters struct { type APITokenSpec struct { v1.ResourceSpec `json:",inline"` ForProvider APITokenParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider APITokenInitParameters `json:"initProvider,omitempty"` } // APITokenStatus defines the observed state of APIToken. @@ -103,19 +246,22 @@ type APITokenStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// APIToken is the Schema for the APITokens API. +// APIToken is the Schema for the APITokens API. Provides a resource which manages Cloudflare API tokens. Read more about permission groups and their applicable scopes in the developer documentation https://developers.cloudflare.com/api/tokens/create/permissions. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type APIToken struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec APITokenSpec `json:"spec"` - Status APITokenStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.policy) || (has(self.initProvider) && has(self.initProvider.policy))",message="spec.forProvider.policy is a required parameter" + Spec APITokenSpec `json:"spec"` + Status APITokenStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/account/v1alpha1/zz_generated.conversion_hubs.go b/apis/account/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..4260017 --- /dev/null +++ b/apis/account/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,20 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Account) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Member) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *APIToken) Hub() {} diff --git a/apis/account/v1alpha1/zz_generated.deepcopy.go b/apis/account/v1alpha1/zz_generated.deepcopy.go index f317b50..9802734 100644 --- a/apis/account/v1alpha1/zz_generated.deepcopy.go +++ b/apis/account/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,50 @@ func (in *APIToken) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APITokenInitParameters) DeepCopyInto(out *APITokenInitParameters) { + *out = *in + if in.Condition != nil { + in, out := &in.Condition, &out.Condition + *out = make([]ConditionInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ExpiresOn != nil { + in, out := &in.ExpiresOn, &out.ExpiresOn + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.NotBefore != nil { + in, out := &in.NotBefore, &out.NotBefore + *out = new(string) + **out = **in + } + if in.Policy != nil { + in, out := &in.Policy, &out.Policy + *out = make([]PolicyInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APITokenInitParameters. +func (in *APITokenInitParameters) DeepCopy() *APITokenInitParameters { + if in == nil { + return nil + } + out := new(APITokenInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *APITokenList) DeepCopyInto(out *APITokenList) { *out = *in @@ -76,6 +119,18 @@ func (in *APITokenList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *APITokenObservation) DeepCopyInto(out *APITokenObservation) { *out = *in + if in.Condition != nil { + in, out := &in.Condition, &out.Condition + *out = make([]ConditionObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ExpiresOn != nil { + in, out := &in.ExpiresOn, &out.ExpiresOn + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) @@ -91,6 +146,23 @@ func (in *APITokenObservation) DeepCopyInto(out *APITokenObservation) { *out = new(string) **out = **in } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.NotBefore != nil { + in, out := &in.NotBefore, &out.NotBefore + *out = new(string) + **out = **in + } + if in.Policy != nil { + in, out := &in.Policy, &out.Policy + *out = make([]PolicyObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Status != nil { in, out := &in.Status, &out.Status *out = new(string) @@ -157,6 +229,7 @@ func (in *APITokenSpec) DeepCopyInto(out *APITokenSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APITokenSpec. @@ -213,6 +286,36 @@ func (in *Account) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AccountInitParameters) DeepCopyInto(out *AccountInitParameters) { + *out = *in + if in.EnforceTwofactor != nil { + in, out := &in.EnforceTwofactor, &out.EnforceTwofactor + *out = new(bool) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountInitParameters. +func (in *AccountInitParameters) DeepCopy() *AccountInitParameters { + if in == nil { + return nil + } + out := new(AccountInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AccountList) DeepCopyInto(out *AccountList) { *out = *in @@ -248,11 +351,26 @@ func (in *AccountList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AccountObservation) DeepCopyInto(out *AccountObservation) { *out = *in + if in.EnforceTwofactor != nil { + in, out := &in.EnforceTwofactor, &out.EnforceTwofactor + *out = new(bool) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountObservation. @@ -300,6 +418,7 @@ func (in *AccountSpec) DeepCopyInto(out *AccountSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountSpec. @@ -329,9 +448,38 @@ func (in *AccountStatus) DeepCopy() *AccountStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConditionInitParameters) DeepCopyInto(out *ConditionInitParameters) { + *out = *in + if in.RequestIP != nil { + in, out := &in.RequestIP, &out.RequestIP + *out = make([]RequestIPInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConditionInitParameters. +func (in *ConditionInitParameters) DeepCopy() *ConditionInitParameters { + if in == nil { + return nil + } + out := new(ConditionInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ConditionObservation) DeepCopyInto(out *ConditionObservation) { *out = *in + if in.RequestIP != nil { + in, out := &in.RequestIP, &out.RequestIP + *out = make([]RequestIPObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConditionObservation. @@ -393,6 +541,57 @@ func (in *Member) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MemberInitParameters) DeepCopyInto(out *MemberInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.EmailAddress != nil { + in, out := &in.EmailAddress, &out.EmailAddress + *out = new(string) + **out = **in + } + if in.RoleIds != nil { + in, out := &in.RoleIds, &out.RoleIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemberInitParameters. +func (in *MemberInitParameters) DeepCopy() *MemberInitParameters { + if in == nil { + return nil + } + out := new(MemberInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MemberList) DeepCopyInto(out *MemberList) { *out = *in @@ -428,11 +627,37 @@ func (in *MemberList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MemberObservation) DeepCopyInto(out *MemberObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.EmailAddress != nil { + in, out := &in.EmailAddress, &out.EmailAddress + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.RoleIds != nil { + in, out := &in.RoleIds, &out.RoleIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemberObservation. @@ -501,6 +726,7 @@ func (in *MemberSpec) DeepCopyInto(out *MemberSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemberSpec. @@ -530,9 +756,88 @@ func (in *MemberStatus) DeepCopy() *MemberStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyInitParameters) DeepCopyInto(out *PolicyInitParameters) { + *out = *in + if in.Effect != nil { + in, out := &in.Effect, &out.Effect + *out = new(string) + **out = **in + } + if in.PermissionGroups != nil { + in, out := &in.PermissionGroups, &out.PermissionGroups + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyInitParameters. +func (in *PolicyInitParameters) DeepCopy() *PolicyInitParameters { + if in == nil { + return nil + } + out := new(PolicyInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PolicyObservation) DeepCopyInto(out *PolicyObservation) { *out = *in + if in.Effect != nil { + in, out := &in.Effect, &out.Effect + *out = new(string) + **out = **in + } + if in.PermissionGroups != nil { + in, out := &in.PermissionGroups, &out.PermissionGroups + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyObservation. @@ -572,7 +877,8 @@ func (in *PolicyParameters) DeepCopyInto(out *PolicyParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -591,9 +897,68 @@ func (in *PolicyParameters) DeepCopy() *PolicyParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RequestIPInitParameters) DeepCopyInto(out *RequestIPInitParameters) { + *out = *in + if in.In != nil { + in, out := &in.In, &out.In + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.NotIn != nil { + in, out := &in.NotIn, &out.NotIn + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestIPInitParameters. +func (in *RequestIPInitParameters) DeepCopy() *RequestIPInitParameters { + if in == nil { + return nil + } + out := new(RequestIPInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RequestIPObservation) DeepCopyInto(out *RequestIPObservation) { *out = *in + if in.In != nil { + in, out := &in.In, &out.In + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.NotIn != nil { + in, out := &in.NotIn, &out.NotIn + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestIPObservation. diff --git a/apis/account/v1alpha1/zz_generated.managed.go b/apis/account/v1alpha1/zz_generated.managed.go index 02241b7..b279f3d 100644 --- a/apis/account/v1alpha1/zz_generated.managed.go +++ b/apis/account/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *APIToken) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this APIToken. +func (mg *APIToken) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this APIToken. func (mg *APIToken) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this APIToken. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *APIToken) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this APIToken. func (mg *APIToken) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *APIToken) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this APIToken. +func (mg *APIToken) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this APIToken. func (mg *APIToken) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this APIToken. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *APIToken) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this APIToken. func (mg *APIToken) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *Account) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Account. +func (mg *Account) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Account. func (mg *Account) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Account. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Account) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Account. func (mg *Account) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *Account) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Account. +func (mg *Account) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Account. func (mg *Account) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Account. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Account) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Account. func (mg *Account) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -149,19 +137,16 @@ func (mg *Member) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Member. +func (mg *Member) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Member. func (mg *Member) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Member. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Member) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Member. func (mg *Member) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -182,19 +167,16 @@ func (mg *Member) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Member. +func (mg *Member) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Member. func (mg *Member) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Member. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Member) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Member. func (mg *Member) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/account/v1alpha1/zz_generated.resolvers.go b/apis/account/v1alpha1/zz_generated.resolvers.go index 815b183..1111c1d 100644 --- a/apis/account/v1alpha1/zz_generated.resolvers.go +++ b/apis/account/v1alpha1/zz_generated.resolvers.go @@ -35,5 +35,21 @@ func (mg *Member) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &AccountList{}, + Managed: &Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/account/v1alpha1/zz_generated_terraformed.go b/apis/account/v1alpha1/zz_generated_terraformed.go deleted file mode 100755 index a0f023d..0000000 --- a/apis/account/v1alpha1/zz_generated_terraformed.go +++ /dev/null @@ -1,236 +0,0 @@ -/* -Copyright 2022 Upbound Inc. -*/ - -// Code generated by upjet. DO NOT EDIT. - -package v1alpha1 - -import ( - "github.com/pkg/errors" - - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" -) - -// GetTerraformResourceType returns Terraform resource type for this Account -func (mg *Account) GetTerraformResourceType() string { - return "cloudflare_account" -} - -// GetConnectionDetailsMapping for this Account -func (tr *Account) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Account -func (tr *Account) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Account -func (tr *Account) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Account -func (tr *Account) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Account -func (tr *Account) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Account -func (tr *Account) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Account using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Account) LateInitialize(attrs []byte) (bool, error) { - params := &AccountParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Account) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Member -func (mg *Member) GetTerraformResourceType() string { - return "cloudflare_account_member" -} - -// GetConnectionDetailsMapping for this Member -func (tr *Member) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Member -func (tr *Member) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Member -func (tr *Member) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Member -func (tr *Member) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Member -func (tr *Member) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Member -func (tr *Member) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Member using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Member) LateInitialize(attrs []byte) (bool, error) { - params := &MemberParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Member) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this APIToken -func (mg *APIToken) GetTerraformResourceType() string { - return "cloudflare_api_token" -} - -// GetConnectionDetailsMapping for this APIToken -func (tr *APIToken) GetConnectionDetailsMapping() map[string]string { - return map[string]string{"value": "status.atProvider.value"} -} - -// GetObservation of this APIToken -func (tr *APIToken) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this APIToken -func (tr *APIToken) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this APIToken -func (tr *APIToken) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this APIToken -func (tr *APIToken) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this APIToken -func (tr *APIToken) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this APIToken using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *APIToken) LateInitialize(attrs []byte) (bool, error) { - params := &APITokenParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *APIToken) GetTerraformSchemaVersion() int { - return 0 -} diff --git a/apis/account/v1alpha1/zz_groupversion_info.go b/apis/account/v1alpha1/zz_groupversion_info.go index 044c7c7..3354ab3 100755 --- a/apis/account/v1alpha1/zz_groupversion_info.go +++ b/apis/account/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/account/v1alpha1/zz_member_terraformed.go b/apis/account/v1alpha1/zz_member_terraformed.go new file mode 100755 index 0000000..8715ad7 --- /dev/null +++ b/apis/account/v1alpha1/zz_member_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Member +func (mg *Member) GetTerraformResourceType() string { + return "cloudflare_account_member" +} + +// GetConnectionDetailsMapping for this Member +func (tr *Member) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Member +func (tr *Member) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Member +func (tr *Member) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Member +func (tr *Member) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Member +func (tr *Member) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Member +func (tr *Member) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Member +func (tr *Member) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Member +func (tr *Member) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Member using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Member) LateInitialize(attrs []byte) (bool, error) { + params := &MemberParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Member) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/account/v1alpha1/zz_member_types.go b/apis/account/v1alpha1/zz_member_types.go index 6209077..bdbc207 100755 --- a/apis/account/v1alpha1/zz_member_types.go +++ b/apis/account/v1alpha1/zz_member_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,61 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type MemberInitParameters struct { + + // (String) Account ID to create the account member in. + // Account ID to create the account member in. + // +crossplane:generate:reference:type=Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. + // The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. + EmailAddress *string `json:"emailAddress,omitempty" tf:"email_address,omitempty"` + + // (Set of String) List of account role IDs that you want to assign to a member. + // List of account role IDs that you want to assign to a member. + // +listType=set + RoleIds []*string `json:"roleIds,omitempty" tf:"role_ids,omitempty"` + + // (String) A member's status in the account. Available values: accepted, pending. + // A member's status in the account. Available values: `accepted`, `pending`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` +} + type MemberObservation struct { + + // (String) Account ID to create the account member in. + // Account ID to create the account member in. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. + // The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. + EmailAddress *string `json:"emailAddress,omitempty" tf:"email_address,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Set of String) List of account role IDs that you want to assign to a member. + // List of account role IDs that you want to assign to a member. + // +listType=set + RoleIds []*string `json:"roleIds,omitempty" tf:"role_ids,omitempty"` + + // (String) A member's status in the account. Available values: accepted, pending. + // A member's status in the account. Available values: `accepted`, `pending`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` } type MemberParameters struct { + // (String) Account ID to create the account member in. // Account ID to create the account member in. // +crossplane:generate:reference:type=Account // +kubebuilder:validation:Optional @@ -32,14 +85,18 @@ type MemberParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. // The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. - // +kubebuilder:validation:Required - EmailAddress *string `json:"emailAddress" tf:"email_address,omitempty"` + // +kubebuilder:validation:Optional + EmailAddress *string `json:"emailAddress,omitempty" tf:"email_address,omitempty"` + // (Set of String) List of account role IDs that you want to assign to a member. // List of account role IDs that you want to assign to a member. - // +kubebuilder:validation:Required - RoleIds []*string `json:"roleIds" tf:"role_ids,omitempty"` + // +kubebuilder:validation:Optional + // +listType=set + RoleIds []*string `json:"roleIds,omitempty" tf:"role_ids,omitempty"` + // (String) A member's status in the account. Available values: accepted, pending. // A member's status in the account. Available values: `accepted`, `pending`. // +kubebuilder:validation:Optional Status *string `json:"status,omitempty" tf:"status,omitempty"` @@ -49,6 +106,17 @@ type MemberParameters struct { type MemberSpec struct { v1.ResourceSpec `json:",inline"` ForProvider MemberParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider MemberInitParameters `json:"initProvider,omitempty"` } // MemberStatus defines the observed state of Member. @@ -58,19 +126,22 @@ type MemberStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Member is the Schema for the Members API. +// Member is the Schema for the Members API. Provides a resource which manages Cloudflare account members. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Member struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec MemberSpec `json:"spec"` - Status MemberStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.emailAddress) || (has(self.initProvider) && has(self.initProvider.emailAddress))",message="spec.forProvider.emailAddress is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.roleIds) || (has(self.initProvider) && has(self.initProvider.roleIds))",message="spec.forProvider.roleIds is a required parameter" + Spec MemberSpec `json:"spec"` + Status MemberStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/apishield/v1alpha1/zz_generated_terraformed.go b/apis/apishield/v1alpha1/zz_apishield_terraformed.go similarity index 60% rename from apis/apishield/v1alpha1/zz_generated_terraformed.go rename to apis/apishield/v1alpha1/zz_apishield_terraformed.go index f9dd83b..5020660 100755 --- a/apis/apishield/v1alpha1/zz_generated_terraformed.go +++ b/apis/apishield/v1alpha1/zz_apishield_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this APIShield @@ -69,6 +74,46 @@ func (tr *APIShield) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this APIShield +func (tr *APIShield) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this APIShield +func (tr *APIShield) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + // LateInitialize this APIShield using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *APIShield) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/apishield/v1alpha1/zz_apishield_types.go b/apis/apishield/v1alpha1/zz_apishield_types.go index 5e7a949..54b6450 100755 --- a/apis/apishield/v1alpha1/zz_apishield_types.go +++ b/apis/apishield/v1alpha1/zz_apishield_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,16 +17,48 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type APIShieldInitParameters struct { + + // ids can be computed in a privacy-preserving manner. (see below for nested schema) + // Characteristics define properties across which auth-ids can be computed in a privacy-preserving manner. + AuthIDCharacteristics []AuthIDCharacteristicsInitParameters `json:"authIdCharacteristics,omitempty" tf:"auth_id_characteristics,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type APIShieldObservation struct { + + // ids can be computed in a privacy-preserving manner. (see below for nested schema) + // Characteristics define properties across which auth-ids can be computed in a privacy-preserving manner. + AuthIDCharacteristics []AuthIDCharacteristicsObservation `json:"authIdCharacteristics,omitempty" tf:"auth_id_characteristics,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type APIShieldParameters struct { + // ids can be computed in a privacy-preserving manner. (see below for nested schema) // Characteristics define properties across which auth-ids can be computed in a privacy-preserving manner. // +kubebuilder:validation:Optional AuthIDCharacteristics []AuthIDCharacteristicsParameters `json:"authIdCharacteristics,omitempty" tf:"auth_id_characteristics,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -37,15 +73,36 @@ type APIShieldParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type AuthIDCharacteristicsInitParameters struct { + + // (String) The name of the characteristic. + // The name of the characteristic. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The type of characteristic. Available values: header, cookie. + // The type of characteristic. Available values: `header`, `cookie`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type AuthIDCharacteristicsObservation struct { + + // (String) The name of the characteristic. + // The name of the characteristic. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The type of characteristic. Available values: header, cookie. + // The type of characteristic. Available values: `header`, `cookie`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` } type AuthIDCharacteristicsParameters struct { + // (String) The name of the characteristic. // The name of the characteristic. // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) The type of characteristic. Available values: header, cookie. // The type of characteristic. Available values: `header`, `cookie`. // +kubebuilder:validation:Optional Type *string `json:"type,omitempty" tf:"type,omitempty"` @@ -55,6 +112,17 @@ type AuthIDCharacteristicsParameters struct { type APIShieldSpec struct { v1.ResourceSpec `json:",inline"` ForProvider APIShieldParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider APIShieldInitParameters `json:"initProvider,omitempty"` } // APIShieldStatus defines the observed state of APIShield. @@ -64,13 +132,14 @@ type APIShieldStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// APIShield is the Schema for the APIShields API. +// APIShield is the Schema for the APIShields API. Provides a resource to manage API Shield configurations. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type APIShield struct { metav1.TypeMeta `json:",inline"` diff --git a/apis/apishield/v1alpha1/zz_generated.conversion_hubs.go b/apis/apishield/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..4497188 --- /dev/null +++ b/apis/apishield/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,14 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *APIShield) Hub() {} diff --git a/apis/apishield/v1alpha1/zz_generated.deepcopy.go b/apis/apishield/v1alpha1/zz_generated.deepcopy.go index 3fea33a..6b6e777 100644 --- a/apis/apishield/v1alpha1/zz_generated.deepcopy.go +++ b/apis/apishield/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,43 @@ func (in *APIShield) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIShieldInitParameters) DeepCopyInto(out *APIShieldInitParameters) { + *out = *in + if in.AuthIDCharacteristics != nil { + in, out := &in.AuthIDCharacteristics, &out.AuthIDCharacteristics + *out = make([]AuthIDCharacteristicsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIShieldInitParameters. +func (in *APIShieldInitParameters) DeepCopy() *APIShieldInitParameters { + if in == nil { + return nil + } + out := new(APIShieldInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *APIShieldList) DeepCopyInto(out *APIShieldList) { *out = *in @@ -76,11 +112,23 @@ func (in *APIShieldList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *APIShieldObservation) DeepCopyInto(out *APIShieldObservation) { *out = *in + if in.AuthIDCharacteristics != nil { + in, out := &in.AuthIDCharacteristics, &out.AuthIDCharacteristics + *out = make([]AuthIDCharacteristicsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIShieldObservation. @@ -135,6 +183,7 @@ func (in *APIShieldSpec) DeepCopyInto(out *APIShieldSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIShieldSpec. @@ -164,9 +213,44 @@ func (in *APIShieldStatus) DeepCopy() *APIShieldStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuthIDCharacteristicsInitParameters) DeepCopyInto(out *AuthIDCharacteristicsInitParameters) { + *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthIDCharacteristicsInitParameters. +func (in *AuthIDCharacteristicsInitParameters) DeepCopy() *AuthIDCharacteristicsInitParameters { + if in == nil { + return nil + } + out := new(AuthIDCharacteristicsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AuthIDCharacteristicsObservation) DeepCopyInto(out *AuthIDCharacteristicsObservation) { *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthIDCharacteristicsObservation. diff --git a/apis/apishield/v1alpha1/zz_generated.managed.go b/apis/apishield/v1alpha1/zz_generated.managed.go index 71a5d0f..86d0dec 100644 --- a/apis/apishield/v1alpha1/zz_generated.managed.go +++ b/apis/apishield/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *APIShield) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this APIShield. +func (mg *APIShield) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this APIShield. func (mg *APIShield) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this APIShield. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *APIShield) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this APIShield. func (mg *APIShield) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *APIShield) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this APIShield. +func (mg *APIShield) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this APIShield. func (mg *APIShield) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this APIShield. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *APIShield) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this APIShield. func (mg *APIShield) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/apishield/v1alpha1/zz_generated.resolvers.go b/apis/apishield/v1alpha1/zz_generated.resolvers.go index f1c3a02..baf8670 100644 --- a/apis/apishield/v1alpha1/zz_generated.resolvers.go +++ b/apis/apishield/v1alpha1/zz_generated.resolvers.go @@ -36,5 +36,21 @@ func (mg *APIShield) ResolveReferences(ctx context.Context, c client.Reader) err mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/apishield/v1alpha1/zz_groupversion_info.go b/apis/apishield/v1alpha1/zz_groupversion_info.go index ef343b3..e182a92 100755 --- a/apis/apishield/v1alpha1/zz_groupversion_info.go +++ b/apis/apishield/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/argo/v1alpha1/zz_argo_terraformed.go b/apis/argo/v1alpha1/zz_argo_terraformed.go new file mode 100755 index 0000000..857de8d --- /dev/null +++ b/apis/argo/v1alpha1/zz_argo_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Argo +func (mg *Argo) GetTerraformResourceType() string { + return "cloudflare_argo" +} + +// GetConnectionDetailsMapping for this Argo +func (tr *Argo) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Argo +func (tr *Argo) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Argo +func (tr *Argo) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Argo +func (tr *Argo) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Argo +func (tr *Argo) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Argo +func (tr *Argo) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Argo +func (tr *Argo) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Argo +func (tr *Argo) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Argo using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Argo) LateInitialize(attrs []byte) (bool, error) { + params := &ArgoParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Argo) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/argo/v1alpha1/zz_argo_types.go b/apis/argo/v1alpha1/zz_argo_types.go index 611bfc2..f70a5ba 100755 --- a/apis/argo/v1alpha1/zz_argo_types.go +++ b/apis/argo/v1alpha1/zz_argo_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,20 +17,61 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ArgoInitParameters struct { + + // (String) Whether smart routing is enabled. Available values: on, off. + // Whether smart routing is enabled. Available values: `on`, `off`. + SmartRouting *string `json:"smartRouting,omitempty" tf:"smart_routing,omitempty"` + + // (String) Whether tiered caching is enabled. Available values: on, off. + // Whether tiered caching is enabled. Available values: `on`, `off`. + TieredCaching *string `json:"tieredCaching,omitempty" tf:"tiered_caching,omitempty"` + + // (String) The zone identifier to target for the resource. + // The zone identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type ArgoObservation struct { + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) Whether smart routing is enabled. Available values: on, off. + // Whether smart routing is enabled. Available values: `on`, `off`. + SmartRouting *string `json:"smartRouting,omitempty" tf:"smart_routing,omitempty"` + + // (String) Whether tiered caching is enabled. Available values: on, off. + // Whether tiered caching is enabled. Available values: `on`, `off`. + TieredCaching *string `json:"tieredCaching,omitempty" tf:"tiered_caching,omitempty"` + + // (String) The zone identifier to target for the resource. + // The zone identifier to target for the resource. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type ArgoParameters struct { + // (String) Whether smart routing is enabled. Available values: on, off. // Whether smart routing is enabled. Available values: `on`, `off`. // +kubebuilder:validation:Optional SmartRouting *string `json:"smartRouting,omitempty" tf:"smart_routing,omitempty"` + // (String) Whether tiered caching is enabled. Available values: on, off. // Whether tiered caching is enabled. Available values: `on`, `off`. // +kubebuilder:validation:Optional TieredCaching *string `json:"tieredCaching,omitempty" tf:"tiered_caching,omitempty"` + // (String) The zone identifier to target for the resource. // The zone identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -45,6 +90,17 @@ type ArgoParameters struct { type ArgoSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ArgoParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ArgoInitParameters `json:"initProvider,omitempty"` } // ArgoStatus defines the observed state of Argo. @@ -54,13 +110,14 @@ type ArgoStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Argo is the Schema for the Argos API. +// Argo is the Schema for the Argos API. Cloudflare Argo controls the routing to your origin and tiered caching options to speed up your website browsing experience. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Argo struct { metav1.TypeMeta `json:",inline"` diff --git a/apis/argo/v1alpha1/zz_generated.conversion_hubs.go b/apis/argo/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..2f4424c --- /dev/null +++ b/apis/argo/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,26 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Argo) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Tunnel) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *TunnelConfig) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *TunnelRoute) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *TunnelVirtualNetwork) Hub() {} diff --git a/apis/argo/v1alpha1/zz_generated.deepcopy.go b/apis/argo/v1alpha1/zz_generated.deepcopy.go index 32b999a..de3caec 100644 --- a/apis/argo/v1alpha1/zz_generated.deepcopy.go +++ b/apis/argo/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,46 @@ func (in *Argo) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ArgoInitParameters) DeepCopyInto(out *ArgoInitParameters) { + *out = *in + if in.SmartRouting != nil { + in, out := &in.SmartRouting, &out.SmartRouting + *out = new(string) + **out = **in + } + if in.TieredCaching != nil { + in, out := &in.TieredCaching, &out.TieredCaching + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ArgoInitParameters. +func (in *ArgoInitParameters) DeepCopy() *ArgoInitParameters { + if in == nil { + return nil + } + out := new(ArgoInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ArgoList) DeepCopyInto(out *ArgoList) { *out = *in @@ -81,6 +120,21 @@ func (in *ArgoObservation) DeepCopyInto(out *ArgoObservation) { *out = new(string) **out = **in } + if in.SmartRouting != nil { + in, out := &in.SmartRouting, &out.SmartRouting + *out = new(string) + **out = **in + } + if in.TieredCaching != nil { + in, out := &in.TieredCaching, &out.TieredCaching + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ArgoObservation. @@ -138,6 +192,7 @@ func (in *ArgoSpec) DeepCopyInto(out *ArgoSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ArgoSpec. @@ -167,9 +222,66 @@ func (in *ArgoStatus) DeepCopy() *ArgoStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConfigInitParameters) DeepCopyInto(out *ConfigInitParameters) { + *out = *in + if in.IngressRule != nil { + in, out := &in.IngressRule, &out.IngressRule + *out = make([]IngressRuleInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.OriginRequest != nil { + in, out := &in.OriginRequest, &out.OriginRequest + *out = make([]OriginRequestInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.WarpRouting != nil { + in, out := &in.WarpRouting, &out.WarpRouting + *out = make([]WarpRoutingInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigInitParameters. +func (in *ConfigInitParameters) DeepCopy() *ConfigInitParameters { + if in == nil { + return nil + } + out := new(ConfigInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ConfigObservation) DeepCopyInto(out *ConfigObservation) { *out = *in + if in.IngressRule != nil { + in, out := &in.IngressRule, &out.IngressRule + *out = make([]IngressRuleObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.OriginRequest != nil { + in, out := &in.OriginRequest, &out.OriginRequest + *out = make([]OriginRequestObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.WarpRouting != nil { + in, out := &in.WarpRouting, &out.WarpRouting + *out = make([]WarpRoutingObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigObservation. @@ -218,9 +330,66 @@ func (in *ConfigParameters) DeepCopy() *ConfigParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPRulesInitParameters) DeepCopyInto(out *IPRulesInitParameters) { + *out = *in + if in.Allow != nil { + in, out := &in.Allow, &out.Allow + *out = new(bool) + **out = **in + } + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]*float64, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(float64) + **out = **in + } + } + } + if in.Prefix != nil { + in, out := &in.Prefix, &out.Prefix + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPRulesInitParameters. +func (in *IPRulesInitParameters) DeepCopy() *IPRulesInitParameters { + if in == nil { + return nil + } + out := new(IPRulesInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPRulesObservation) DeepCopyInto(out *IPRulesObservation) { *out = *in + if in.Allow != nil { + in, out := &in.Allow, &out.Allow + *out = new(bool) + **out = **in + } + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]*float64, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(float64) + **out = **in + } + } + } + if in.Prefix != nil { + in, out := &in.Prefix, &out.Prefix + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPRulesObservation. @@ -269,9 +438,54 @@ func (in *IPRulesParameters) DeepCopy() *IPRulesParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressRuleInitParameters) DeepCopyInto(out *IngressRuleInitParameters) { + *out = *in + if in.Hostname != nil { + in, out := &in.Hostname, &out.Hostname + *out = new(string) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRuleInitParameters. +func (in *IngressRuleInitParameters) DeepCopy() *IngressRuleInitParameters { + if in == nil { + return nil + } + out := new(IngressRuleInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IngressRuleObservation) DeepCopyInto(out *IngressRuleObservation) { *out = *in + if in.Hostname != nil { + in, out := &in.Hostname, &out.Hostname + *out = new(string) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRuleObservation. @@ -314,9 +528,188 @@ func (in *IngressRuleParameters) DeepCopy() *IngressRuleParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OriginRequestInitParameters) DeepCopyInto(out *OriginRequestInitParameters) { + *out = *in + if in.BastionMode != nil { + in, out := &in.BastionMode, &out.BastionMode + *out = new(bool) + **out = **in + } + if in.CAPool != nil { + in, out := &in.CAPool, &out.CAPool + *out = new(string) + **out = **in + } + if in.ConnectTimeout != nil { + in, out := &in.ConnectTimeout, &out.ConnectTimeout + *out = new(string) + **out = **in + } + if in.DisableChunkedEncoding != nil { + in, out := &in.DisableChunkedEncoding, &out.DisableChunkedEncoding + *out = new(bool) + **out = **in + } + if in.HTTPHostHeader != nil { + in, out := &in.HTTPHostHeader, &out.HTTPHostHeader + *out = new(string) + **out = **in + } + if in.IPRules != nil { + in, out := &in.IPRules, &out.IPRules + *out = make([]IPRulesInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.KeepAliveConnections != nil { + in, out := &in.KeepAliveConnections, &out.KeepAliveConnections + *out = new(float64) + **out = **in + } + if in.KeepAliveTimeout != nil { + in, out := &in.KeepAliveTimeout, &out.KeepAliveTimeout + *out = new(string) + **out = **in + } + if in.NoHappyEyeballs != nil { + in, out := &in.NoHappyEyeballs, &out.NoHappyEyeballs + *out = new(bool) + **out = **in + } + if in.NoTLSVerify != nil { + in, out := &in.NoTLSVerify, &out.NoTLSVerify + *out = new(bool) + **out = **in + } + if in.OriginServerName != nil { + in, out := &in.OriginServerName, &out.OriginServerName + *out = new(string) + **out = **in + } + if in.ProxyAddress != nil { + in, out := &in.ProxyAddress, &out.ProxyAddress + *out = new(string) + **out = **in + } + if in.ProxyPort != nil { + in, out := &in.ProxyPort, &out.ProxyPort + *out = new(float64) + **out = **in + } + if in.ProxyType != nil { + in, out := &in.ProxyType, &out.ProxyType + *out = new(string) + **out = **in + } + if in.TCPKeepAlive != nil { + in, out := &in.TCPKeepAlive, &out.TCPKeepAlive + *out = new(string) + **out = **in + } + if in.TLSTimeout != nil { + in, out := &in.TLSTimeout, &out.TLSTimeout + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginRequestInitParameters. +func (in *OriginRequestInitParameters) DeepCopy() *OriginRequestInitParameters { + if in == nil { + return nil + } + out := new(OriginRequestInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OriginRequestObservation) DeepCopyInto(out *OriginRequestObservation) { *out = *in + if in.BastionMode != nil { + in, out := &in.BastionMode, &out.BastionMode + *out = new(bool) + **out = **in + } + if in.CAPool != nil { + in, out := &in.CAPool, &out.CAPool + *out = new(string) + **out = **in + } + if in.ConnectTimeout != nil { + in, out := &in.ConnectTimeout, &out.ConnectTimeout + *out = new(string) + **out = **in + } + if in.DisableChunkedEncoding != nil { + in, out := &in.DisableChunkedEncoding, &out.DisableChunkedEncoding + *out = new(bool) + **out = **in + } + if in.HTTPHostHeader != nil { + in, out := &in.HTTPHostHeader, &out.HTTPHostHeader + *out = new(string) + **out = **in + } + if in.IPRules != nil { + in, out := &in.IPRules, &out.IPRules + *out = make([]IPRulesObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.KeepAliveConnections != nil { + in, out := &in.KeepAliveConnections, &out.KeepAliveConnections + *out = new(float64) + **out = **in + } + if in.KeepAliveTimeout != nil { + in, out := &in.KeepAliveTimeout, &out.KeepAliveTimeout + *out = new(string) + **out = **in + } + if in.NoHappyEyeballs != nil { + in, out := &in.NoHappyEyeballs, &out.NoHappyEyeballs + *out = new(bool) + **out = **in + } + if in.NoTLSVerify != nil { + in, out := &in.NoTLSVerify, &out.NoTLSVerify + *out = new(bool) + **out = **in + } + if in.OriginServerName != nil { + in, out := &in.OriginServerName, &out.OriginServerName + *out = new(string) + **out = **in + } + if in.ProxyAddress != nil { + in, out := &in.ProxyAddress, &out.ProxyAddress + *out = new(string) + **out = **in + } + if in.ProxyPort != nil { + in, out := &in.ProxyPort, &out.ProxyPort + *out = new(float64) + **out = **in + } + if in.ProxyType != nil { + in, out := &in.ProxyType, &out.ProxyType + *out = new(string) + **out = **in + } + if in.TCPKeepAlive != nil { + in, out := &in.TCPKeepAlive, &out.TCPKeepAlive + *out = new(string) + **out = **in + } + if in.TLSTimeout != nil { + in, out := &in.TLSTimeout, &out.TLSTimeout + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginRequestObservation. @@ -450,36 +843,88 @@ func (in *Tunnel) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TunnelConfig) DeepCopyInto(out *TunnelConfig) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TunnelConfig) DeepCopyInto(out *TunnelConfig) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelConfig. +func (in *TunnelConfig) DeepCopy() *TunnelConfig { + if in == nil { + return nil + } + out := new(TunnelConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TunnelConfig) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TunnelConfigInitParameters) DeepCopyInto(out *TunnelConfigInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Config != nil { + in, out := &in.Config, &out.Config + *out = make([]ConfigInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TunnelID != nil { + in, out := &in.TunnelID, &out.TunnelID + *out = new(string) + **out = **in + } + if in.TunnelIDRef != nil { + in, out := &in.TunnelIDRef, &out.TunnelIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.TunnelIDSelector != nil { + in, out := &in.TunnelIDSelector, &out.TunnelIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelConfig. -func (in *TunnelConfig) DeepCopy() *TunnelConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelConfigInitParameters. +func (in *TunnelConfigInitParameters) DeepCopy() *TunnelConfigInitParameters { if in == nil { return nil } - out := new(TunnelConfig) + out := new(TunnelConfigInitParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TunnelConfig) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TunnelConfigList) DeepCopyInto(out *TunnelConfigList) { *out = *in @@ -515,11 +960,28 @@ func (in *TunnelConfigList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TunnelConfigObservation) DeepCopyInto(out *TunnelConfigObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Config != nil { + in, out := &in.Config, &out.Config + *out = make([]ConfigObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.TunnelID != nil { + in, out := &in.TunnelID, &out.TunnelID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelConfigObservation. @@ -589,6 +1051,7 @@ func (in *TunnelConfigSpec) DeepCopyInto(out *TunnelConfigSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelConfigSpec. @@ -618,6 +1081,41 @@ func (in *TunnelConfigStatus) DeepCopy() *TunnelConfigStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TunnelInitParameters) DeepCopyInto(out *TunnelInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelInitParameters. +func (in *TunnelInitParameters) DeepCopy() *TunnelInitParameters { + if in == nil { + return nil + } + out := new(TunnelInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TunnelList) DeepCopyInto(out *TunnelList) { *out = *in @@ -653,6 +1151,11 @@ func (in *TunnelList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TunnelObservation) DeepCopyInto(out *TunnelObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } if in.Cname != nil { in, out := &in.Cname, &out.Cname *out = new(string) @@ -663,6 +1166,11 @@ func (in *TunnelObservation) DeepCopyInto(out *TunnelObservation) { *out = new(string) **out = **in } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } if in.TunnelToken != nil { in, out := &in.TunnelToken, &out.TunnelToken *out = new(string) @@ -743,6 +1251,76 @@ func (in *TunnelRoute) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TunnelRouteInitParameters) DeepCopyInto(out *TunnelRouteInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Comment != nil { + in, out := &in.Comment, &out.Comment + *out = new(string) + **out = **in + } + if in.Network != nil { + in, out := &in.Network, &out.Network + *out = new(string) + **out = **in + } + if in.TunnelID != nil { + in, out := &in.TunnelID, &out.TunnelID + *out = new(string) + **out = **in + } + if in.TunnelIDRef != nil { + in, out := &in.TunnelIDRef, &out.TunnelIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.TunnelIDSelector != nil { + in, out := &in.TunnelIDSelector, &out.TunnelIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.VirtualNetworkID != nil { + in, out := &in.VirtualNetworkID, &out.VirtualNetworkID + *out = new(string) + **out = **in + } + if in.VirtualNetworkIDRef != nil { + in, out := &in.VirtualNetworkIDRef, &out.VirtualNetworkIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.VirtualNetworkIDSelector != nil { + in, out := &in.VirtualNetworkIDSelector, &out.VirtualNetworkIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelRouteInitParameters. +func (in *TunnelRouteInitParameters) DeepCopy() *TunnelRouteInitParameters { + if in == nil { + return nil + } + out := new(TunnelRouteInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TunnelRouteList) DeepCopyInto(out *TunnelRouteList) { *out = *in @@ -778,11 +1356,36 @@ func (in *TunnelRouteList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TunnelRouteObservation) DeepCopyInto(out *TunnelRouteObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Comment != nil { + in, out := &in.Comment, &out.Comment + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Network != nil { + in, out := &in.Network, &out.Network + *out = new(string) + **out = **in + } + if in.TunnelID != nil { + in, out := &in.TunnelID, &out.TunnelID + *out = new(string) + **out = **in + } + if in.VirtualNetworkID != nil { + in, out := &in.VirtualNetworkID, &out.VirtualNetworkID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelRouteObservation. @@ -870,6 +1473,7 @@ func (in *TunnelRouteSpec) DeepCopyInto(out *TunnelRouteSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelRouteSpec. @@ -904,6 +1508,7 @@ func (in *TunnelSpec) DeepCopyInto(out *TunnelSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelSpec. @@ -960,6 +1565,51 @@ func (in *TunnelVirtualNetwork) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TunnelVirtualNetworkInitParameters) DeepCopyInto(out *TunnelVirtualNetworkInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Comment != nil { + in, out := &in.Comment, &out.Comment + *out = new(string) + **out = **in + } + if in.IsDefaultNetwork != nil { + in, out := &in.IsDefaultNetwork, &out.IsDefaultNetwork + *out = new(bool) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelVirtualNetworkInitParameters. +func (in *TunnelVirtualNetworkInitParameters) DeepCopy() *TunnelVirtualNetworkInitParameters { + if in == nil { + return nil + } + out := new(TunnelVirtualNetworkInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TunnelVirtualNetworkList) DeepCopyInto(out *TunnelVirtualNetworkList) { *out = *in @@ -995,11 +1645,31 @@ func (in *TunnelVirtualNetworkList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TunnelVirtualNetworkObservation) DeepCopyInto(out *TunnelVirtualNetworkObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Comment != nil { + in, out := &in.Comment, &out.Comment + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.IsDefaultNetwork != nil { + in, out := &in.IsDefaultNetwork, &out.IsDefaultNetwork + *out = new(bool) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelVirtualNetworkObservation. @@ -1062,6 +1732,7 @@ func (in *TunnelVirtualNetworkSpec) DeepCopyInto(out *TunnelVirtualNetworkSpec) *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelVirtualNetworkSpec. @@ -1091,9 +1762,34 @@ func (in *TunnelVirtualNetworkStatus) DeepCopy() *TunnelVirtualNetworkStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WarpRoutingInitParameters) DeepCopyInto(out *WarpRoutingInitParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WarpRoutingInitParameters. +func (in *WarpRoutingInitParameters) DeepCopy() *WarpRoutingInitParameters { + if in == nil { + return nil + } + out := new(WarpRoutingInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *WarpRoutingObservation) DeepCopyInto(out *WarpRoutingObservation) { *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WarpRoutingObservation. diff --git a/apis/argo/v1alpha1/zz_generated.managed.go b/apis/argo/v1alpha1/zz_generated.managed.go index db5ef8a..0cef133 100644 --- a/apis/argo/v1alpha1/zz_generated.managed.go +++ b/apis/argo/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Argo) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Argo. +func (mg *Argo) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Argo. func (mg *Argo) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Argo. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Argo) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Argo. func (mg *Argo) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Argo) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Argo. +func (mg *Argo) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Argo. func (mg *Argo) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Argo. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Argo) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Argo. func (mg *Argo) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *Tunnel) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Tunnel. +func (mg *Tunnel) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Tunnel. func (mg *Tunnel) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Tunnel. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Tunnel) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Tunnel. func (mg *Tunnel) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *Tunnel) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Tunnel. +func (mg *Tunnel) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Tunnel. func (mg *Tunnel) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Tunnel. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Tunnel) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Tunnel. func (mg *Tunnel) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -149,19 +137,16 @@ func (mg *TunnelConfig) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this TunnelConfig. +func (mg *TunnelConfig) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this TunnelConfig. func (mg *TunnelConfig) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this TunnelConfig. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *TunnelConfig) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this TunnelConfig. func (mg *TunnelConfig) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -182,19 +167,16 @@ func (mg *TunnelConfig) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this TunnelConfig. +func (mg *TunnelConfig) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this TunnelConfig. func (mg *TunnelConfig) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this TunnelConfig. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *TunnelConfig) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this TunnelConfig. func (mg *TunnelConfig) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -215,19 +197,16 @@ func (mg *TunnelRoute) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this TunnelRoute. +func (mg *TunnelRoute) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this TunnelRoute. func (mg *TunnelRoute) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this TunnelRoute. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *TunnelRoute) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this TunnelRoute. func (mg *TunnelRoute) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -248,19 +227,16 @@ func (mg *TunnelRoute) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this TunnelRoute. +func (mg *TunnelRoute) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this TunnelRoute. func (mg *TunnelRoute) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this TunnelRoute. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *TunnelRoute) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this TunnelRoute. func (mg *TunnelRoute) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -281,19 +257,16 @@ func (mg *TunnelVirtualNetwork) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this TunnelVirtualNetwork. +func (mg *TunnelVirtualNetwork) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this TunnelVirtualNetwork. func (mg *TunnelVirtualNetwork) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this TunnelVirtualNetwork. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *TunnelVirtualNetwork) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this TunnelVirtualNetwork. func (mg *TunnelVirtualNetwork) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -314,19 +287,16 @@ func (mg *TunnelVirtualNetwork) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this TunnelVirtualNetwork. +func (mg *TunnelVirtualNetwork) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this TunnelVirtualNetwork. func (mg *TunnelVirtualNetwork) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this TunnelVirtualNetwork. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *TunnelVirtualNetwork) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this TunnelVirtualNetwork. func (mg *TunnelVirtualNetwork) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/argo/v1alpha1/zz_generated.resolvers.go b/apis/argo/v1alpha1/zz_generated.resolvers.go index ba88341..2a3ee39 100644 --- a/apis/argo/v1alpha1/zz_generated.resolvers.go +++ b/apis/argo/v1alpha1/zz_generated.resolvers.go @@ -37,6 +37,22 @@ func (mg *Argo) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -63,6 +79,22 @@ func (mg *Tunnel) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha11.AccountList{}, + Managed: &v1alpha11.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -105,6 +137,38 @@ func (mg *TunnelConfig) ResolveReferences(ctx context.Context, c client.Reader) mg.Spec.ForProvider.TunnelID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.TunnelIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha11.AccountList{}, + Managed: &v1alpha11.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.TunnelID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.TunnelIDRef, + Selector: mg.Spec.InitProvider.TunnelIDSelector, + To: reference.To{ + List: &TunnelList{}, + Managed: &Tunnel{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.TunnelID") + } + mg.Spec.InitProvider.TunnelID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.TunnelIDRef = rsp.ResolvedReference + return nil } @@ -163,6 +227,54 @@ func (mg *TunnelRoute) ResolveReferences(ctx context.Context, c client.Reader) e mg.Spec.ForProvider.VirtualNetworkID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.VirtualNetworkIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha11.AccountList{}, + Managed: &v1alpha11.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.TunnelID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.TunnelIDRef, + Selector: mg.Spec.InitProvider.TunnelIDSelector, + To: reference.To{ + List: &TunnelList{}, + Managed: &Tunnel{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.TunnelID") + } + mg.Spec.InitProvider.TunnelID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.TunnelIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.VirtualNetworkID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.VirtualNetworkIDRef, + Selector: mg.Spec.InitProvider.VirtualNetworkIDSelector, + To: reference.To{ + List: &TunnelVirtualNetworkList{}, + Managed: &TunnelVirtualNetwork{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.VirtualNetworkID") + } + mg.Spec.InitProvider.VirtualNetworkID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.VirtualNetworkIDRef = rsp.ResolvedReference + return nil } @@ -189,5 +301,21 @@ func (mg *TunnelVirtualNetwork) ResolveReferences(ctx context.Context, c client. mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha11.AccountList{}, + Managed: &v1alpha11.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/argo/v1alpha1/zz_generated_terraformed.go b/apis/argo/v1alpha1/zz_generated_terraformed.go deleted file mode 100755 index 92f5b80..0000000 --- a/apis/argo/v1alpha1/zz_generated_terraformed.go +++ /dev/null @@ -1,384 +0,0 @@ -/* -Copyright 2022 Upbound Inc. -*/ - -// Code generated by upjet. DO NOT EDIT. - -package v1alpha1 - -import ( - "github.com/pkg/errors" - - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" -) - -// GetTerraformResourceType returns Terraform resource type for this Argo -func (mg *Argo) GetTerraformResourceType() string { - return "cloudflare_argo" -} - -// GetConnectionDetailsMapping for this Argo -func (tr *Argo) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Argo -func (tr *Argo) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Argo -func (tr *Argo) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Argo -func (tr *Argo) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Argo -func (tr *Argo) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Argo -func (tr *Argo) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Argo using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Argo) LateInitialize(attrs []byte) (bool, error) { - params := &ArgoParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Argo) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Tunnel -func (mg *Tunnel) GetTerraformResourceType() string { - return "cloudflare_argo_tunnel" -} - -// GetConnectionDetailsMapping for this Tunnel -func (tr *Tunnel) GetConnectionDetailsMapping() map[string]string { - return map[string]string{"secret": "spec.forProvider.secretSecretRef"} -} - -// GetObservation of this Tunnel -func (tr *Tunnel) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Tunnel -func (tr *Tunnel) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Tunnel -func (tr *Tunnel) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Tunnel -func (tr *Tunnel) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Tunnel -func (tr *Tunnel) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Tunnel using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Tunnel) LateInitialize(attrs []byte) (bool, error) { - params := &TunnelParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Tunnel) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this TunnelConfig -func (mg *TunnelConfig) GetTerraformResourceType() string { - return "cloudflare_tunnel_config" -} - -// GetConnectionDetailsMapping for this TunnelConfig -func (tr *TunnelConfig) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this TunnelConfig -func (tr *TunnelConfig) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this TunnelConfig -func (tr *TunnelConfig) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this TunnelConfig -func (tr *TunnelConfig) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this TunnelConfig -func (tr *TunnelConfig) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this TunnelConfig -func (tr *TunnelConfig) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this TunnelConfig using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *TunnelConfig) LateInitialize(attrs []byte) (bool, error) { - params := &TunnelConfigParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *TunnelConfig) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this TunnelRoute -func (mg *TunnelRoute) GetTerraformResourceType() string { - return "cloudflare_tunnel_route" -} - -// GetConnectionDetailsMapping for this TunnelRoute -func (tr *TunnelRoute) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this TunnelRoute -func (tr *TunnelRoute) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this TunnelRoute -func (tr *TunnelRoute) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this TunnelRoute -func (tr *TunnelRoute) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this TunnelRoute -func (tr *TunnelRoute) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this TunnelRoute -func (tr *TunnelRoute) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this TunnelRoute using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *TunnelRoute) LateInitialize(attrs []byte) (bool, error) { - params := &TunnelRouteParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *TunnelRoute) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this TunnelVirtualNetwork -func (mg *TunnelVirtualNetwork) GetTerraformResourceType() string { - return "cloudflare_tunnel_virtual_network" -} - -// GetConnectionDetailsMapping for this TunnelVirtualNetwork -func (tr *TunnelVirtualNetwork) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this TunnelVirtualNetwork -func (tr *TunnelVirtualNetwork) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this TunnelVirtualNetwork -func (tr *TunnelVirtualNetwork) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this TunnelVirtualNetwork -func (tr *TunnelVirtualNetwork) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this TunnelVirtualNetwork -func (tr *TunnelVirtualNetwork) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this TunnelVirtualNetwork -func (tr *TunnelVirtualNetwork) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this TunnelVirtualNetwork using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *TunnelVirtualNetwork) LateInitialize(attrs []byte) (bool, error) { - params := &TunnelVirtualNetworkParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *TunnelVirtualNetwork) GetTerraformSchemaVersion() int { - return 0 -} diff --git a/apis/argo/v1alpha1/zz_groupversion_info.go b/apis/argo/v1alpha1/zz_groupversion_info.go index 8b48531..0469867 100755 --- a/apis/argo/v1alpha1/zz_groupversion_info.go +++ b/apis/argo/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/argo/v1alpha1/zz_tunnel_terraformed.go b/apis/argo/v1alpha1/zz_tunnel_terraformed.go new file mode 100755 index 0000000..ee56c4f --- /dev/null +++ b/apis/argo/v1alpha1/zz_tunnel_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Tunnel +func (mg *Tunnel) GetTerraformResourceType() string { + return "cloudflare_argo_tunnel" +} + +// GetConnectionDetailsMapping for this Tunnel +func (tr *Tunnel) GetConnectionDetailsMapping() map[string]string { + return map[string]string{"secret": "spec.forProvider.secretSecretRef"} +} + +// GetObservation of this Tunnel +func (tr *Tunnel) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Tunnel +func (tr *Tunnel) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Tunnel +func (tr *Tunnel) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Tunnel +func (tr *Tunnel) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Tunnel +func (tr *Tunnel) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Tunnel +func (tr *Tunnel) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Tunnel +func (tr *Tunnel) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Tunnel using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Tunnel) LateInitialize(attrs []byte) (bool, error) { + params := &TunnelParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Tunnel) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/argo/v1alpha1/zz_tunnel_types.go b/apis/argo/v1alpha1/zz_tunnel_types.go index 637b5fb..5a80c6c 100755 --- a/apis/argo/v1alpha1/zz_tunnel_types.go +++ b/apis/argo/v1alpha1/zz_tunnel_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,16 +17,48 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type TunnelInitParameters struct { + + // The Cloudflare account ID that you wish to manage the Argo Tunnel on. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // A user-friendly name chosen when the tunnel is created. Cannot be empty. + // **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type TunnelObservation struct { + + // The Cloudflare account ID that you wish to manage the Argo Tunnel on. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Usable CNAME for accessing the Argo Tunnel. Cname *string `json:"cname,omitempty" tf:"cname,omitempty"` ID *string `json:"id,omitempty" tf:"id,omitempty"` + // A user-friendly name chosen when the tunnel is created. Cannot be empty. + // **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // Token used by a connector to authenticate and run the tunnel. TunnelToken *string `json:"tunnelToken,omitempty" tf:"tunnel_token,omitempty"` } type TunnelParameters struct { + // The Cloudflare account ID that you wish to manage the Argo Tunnel on. // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -36,12 +72,14 @@ type TunnelParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // A user-friendly name chosen when the tunnel is created. Cannot be empty. // **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // 32 or more bytes, encoded as a base64 string. The Create Argo Tunnel endpoint sets this as the tunnel's password. Anyone wishing to run the tunnel needs this password. // **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional SecretSecretRef v1.SecretKeySelector `json:"secretSecretRef" tf:"-"` } @@ -49,6 +87,17 @@ type TunnelParameters struct { type TunnelSpec struct { v1.ResourceSpec `json:",inline"` ForProvider TunnelParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider TunnelInitParameters `json:"initProvider,omitempty"` } // TunnelStatus defines the observed state of Tunnel. @@ -58,19 +107,22 @@ type TunnelStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Tunnel is the Schema for the Tunnels API. +// Tunnel is the Schema for the Tunnels API. Provides the ability to manage Cloudflare Argo Tunnels. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Tunnel struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec TunnelSpec `json:"spec"` - Status TunnelStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.secretSecretRef)",message="spec.forProvider.secretSecretRef is a required parameter" + Spec TunnelSpec `json:"spec"` + Status TunnelStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/argo/v1alpha1/zz_tunnelconfig_terraformed.go b/apis/argo/v1alpha1/zz_tunnelconfig_terraformed.go new file mode 100755 index 0000000..856010f --- /dev/null +++ b/apis/argo/v1alpha1/zz_tunnelconfig_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this TunnelConfig +func (mg *TunnelConfig) GetTerraformResourceType() string { + return "cloudflare_tunnel_config" +} + +// GetConnectionDetailsMapping for this TunnelConfig +func (tr *TunnelConfig) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this TunnelConfig +func (tr *TunnelConfig) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this TunnelConfig +func (tr *TunnelConfig) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this TunnelConfig +func (tr *TunnelConfig) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this TunnelConfig +func (tr *TunnelConfig) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this TunnelConfig +func (tr *TunnelConfig) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this TunnelConfig +func (tr *TunnelConfig) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this TunnelConfig +func (tr *TunnelConfig) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this TunnelConfig using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *TunnelConfig) LateInitialize(attrs []byte) (bool, error) { + params := &TunnelConfigParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *TunnelConfig) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/argo/v1alpha1/zz_tunnelconfig_types.go b/apis/argo/v1alpha1/zz_tunnelconfig_types.go index f43ccf5..65040fd 100755 --- a/apis/argo/v1alpha1/zz_tunnelconfig_types.go +++ b/apis/argo/v1alpha1/zz_tunnelconfig_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,135 +17,418 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ConfigInitParameters struct { + + // (Block List, Min: 1) Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more. (see below for nested schema) + // Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. [Read more](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/local-management/ingress/). + IngressRule []IngressRuleInitParameters `json:"ingressRule,omitempty" tf:"ingress_rule,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + OriginRequest []OriginRequestInitParameters `json:"originRequest,omitempty" tf:"origin_request,omitempty"` + + // routing key and set it to true. (see below for nested schema) + // If you're exposing a [private network](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/), you need to add the `warp-routing` key and set it to `true`. + WarpRouting []WarpRoutingInitParameters `json:"warpRouting,omitempty" tf:"warp_routing,omitempty"` +} + type ConfigObservation struct { + + // (Block List, Min: 1) Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more. (see below for nested schema) + // Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. [Read more](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/local-management/ingress/). + IngressRule []IngressRuleObservation `json:"ingressRule,omitempty" tf:"ingress_rule,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + OriginRequest []OriginRequestObservation `json:"originRequest,omitempty" tf:"origin_request,omitempty"` + + // routing key and set it to true. (see below for nested schema) + // If you're exposing a [private network](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/), you need to add the `warp-routing` key and set it to `true`. + WarpRouting []WarpRoutingObservation `json:"warpRouting,omitempty" tf:"warp_routing,omitempty"` } type ConfigParameters struct { + // (Block List, Min: 1) Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more. (see below for nested schema) // Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. [Read more](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/local-management/ingress/). - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional IngressRule []IngressRuleParameters `json:"ingressRule" tf:"ingress_rule,omitempty"` + // (Block List, Max: 1) (see below for nested schema) // +kubebuilder:validation:Optional OriginRequest []OriginRequestParameters `json:"originRequest,omitempty" tf:"origin_request,omitempty"` + // routing key and set it to true. (see below for nested schema) // If you're exposing a [private network](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/), you need to add the `warp-routing` key and set it to `true`. // +kubebuilder:validation:Optional WarpRouting []WarpRoutingParameters `json:"warpRouting,omitempty" tf:"warp_routing,omitempty"` } +type IPRulesInitParameters struct { + + // (Boolean) Whether to allow the IP prefix. + // Whether to allow the IP prefix. + Allow *bool `json:"allow,omitempty" tf:"allow,omitempty"` + + // (List of Number) Ports to use within the IP rule. + // Ports to use within the IP rule. + Ports []*float64 `json:"ports,omitempty" tf:"ports,omitempty"` + + // (String) IP rule prefix. + // IP rule prefix. + Prefix *string `json:"prefix,omitempty" tf:"prefix,omitempty"` +} + type IPRulesObservation struct { + + // (Boolean) Whether to allow the IP prefix. + // Whether to allow the IP prefix. + Allow *bool `json:"allow,omitempty" tf:"allow,omitempty"` + + // (List of Number) Ports to use within the IP rule. + // Ports to use within the IP rule. + Ports []*float64 `json:"ports,omitempty" tf:"ports,omitempty"` + + // (String) IP rule prefix. + // IP rule prefix. + Prefix *string `json:"prefix,omitempty" tf:"prefix,omitempty"` } type IPRulesParameters struct { + // (Boolean) Whether to allow the IP prefix. // Whether to allow the IP prefix. // +kubebuilder:validation:Optional Allow *bool `json:"allow,omitempty" tf:"allow,omitempty"` + // (List of Number) Ports to use within the IP rule. // Ports to use within the IP rule. // +kubebuilder:validation:Optional Ports []*float64 `json:"ports,omitempty" tf:"ports,omitempty"` + // (String) IP rule prefix. // IP rule prefix. // +kubebuilder:validation:Optional Prefix *string `json:"prefix,omitempty" tf:"prefix,omitempty"` } +type IngressRuleInitParameters struct { + + // (String) Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. + // Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. + Hostname *string `json:"hostname,omitempty" tf:"hostname,omitempty"` + + // (String) Path of the incoming request. If the path matches, the request will be sent to the local service. + // Path of the incoming request. If the path matches, the request will be sent to the local service. + Path *string `json:"path,omitempty" tf:"path,omitempty"` + + // (String) Name of the service to which the request will be sent. + // Name of the service to which the request will be sent. + Service *string `json:"service,omitempty" tf:"service,omitempty"` +} + type IngressRuleObservation struct { + + // (String) Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. + // Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. + Hostname *string `json:"hostname,omitempty" tf:"hostname,omitempty"` + + // (String) Path of the incoming request. If the path matches, the request will be sent to the local service. + // Path of the incoming request. If the path matches, the request will be sent to the local service. + Path *string `json:"path,omitempty" tf:"path,omitempty"` + + // (String) Name of the service to which the request will be sent. + // Name of the service to which the request will be sent. + Service *string `json:"service,omitempty" tf:"service,omitempty"` } type IngressRuleParameters struct { + // (String) Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. // Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. // +kubebuilder:validation:Optional Hostname *string `json:"hostname,omitempty" tf:"hostname,omitempty"` + // (String) Path of the incoming request. If the path matches, the request will be sent to the local service. // Path of the incoming request. If the path matches, the request will be sent to the local service. // +kubebuilder:validation:Optional Path *string `json:"path,omitempty" tf:"path,omitempty"` + // (String) Name of the service to which the request will be sent. // Name of the service to which the request will be sent. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Service *string `json:"service" tf:"service,omitempty"` } +type OriginRequestInitParameters struct { + + // (Boolean) Runs as jump host. + // Runs as jump host. + BastionMode *bool `json:"bastionMode,omitempty" tf:"bastion_mode,omitempty"` + + // (String) Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to "". + // Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to `""`. + CAPool *string `json:"caPool,omitempty" tf:"ca_pool,omitempty"` + + // (String) Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout. Defaults to 30s. + // Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by `tlsTimeout`. Defaults to `30s`. + ConnectTimeout *string `json:"connectTimeout,omitempty" tf:"connect_timeout,omitempty"` + + // (Boolean) Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to false. + // Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to `false`. + DisableChunkedEncoding *bool `json:"disableChunkedEncoding,omitempty" tf:"disable_chunked_encoding,omitempty"` + + // (String) Sets the HTTP Host header on requests sent to the local service. Defaults to "". + // Sets the HTTP Host header on requests sent to the local service. Defaults to `""`. + HTTPHostHeader *string `json:"httpHostHeader,omitempty" tf:"http_host_header,omitempty"` + + // (Block Set) IP rules for the proxy service. (see below for nested schema) + // IP rules for the proxy service. + IPRules []IPRulesInitParameters `json:"ipRules,omitempty" tf:"ip_rules,omitempty"` + + // (Number) Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to 100. + // Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to `100`. + KeepAliveConnections *float64 `json:"keepAliveConnections,omitempty" tf:"keep_alive_connections,omitempty"` + + // (String) Timeout after which an idle keepalive connection can be discarded. Defaults to 1m30s. + // Timeout after which an idle keepalive connection can be discarded. Defaults to `1m30s`. + KeepAliveTimeout *string `json:"keepAliveTimeout,omitempty" tf:"keep_alive_timeout,omitempty"` + + // (Boolean) Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to false. + // Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to `false`. + NoHappyEyeballs *bool `json:"noHappyEyeballs,omitempty" tf:"no_happy_eyeballs,omitempty"` + + // (Boolean) Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to false. + // Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to `false`. + NoTLSVerify *bool `json:"noTlsVerify,omitempty" tf:"no_tls_verify,omitempty"` + + // (String) Hostname that cloudflared should expect from your origin server certificate. Defaults to "". + // Hostname that cloudflared should expect from your origin server certificate. Defaults to `""`. + OriginServerName *string `json:"originServerName,omitempty" tf:"origin_server_name,omitempty"` + + // (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to 127.0.0.1. + // cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to `127.0.0.1`. + ProxyAddress *string `json:"proxyAddress,omitempty" tf:"proxy_address,omitempty"` + + // (Number) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to 0. + // cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to `0`. + ProxyPort *float64 `json:"proxyPort,omitempty" tf:"proxy_port,omitempty"` + + // (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: “, socks. Defaults to "". + // cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: “, `socks`. Defaults to `""`. + ProxyType *string `json:"proxyType,omitempty" tf:"proxy_type,omitempty"` + + // (String) The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to 30s. + // The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to `30s`. + TCPKeepAlive *string `json:"tcpKeepAlive,omitempty" tf:"tcp_keep_alive,omitempty"` + + // (String) Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to 10s. + // Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to `10s`. + TLSTimeout *string `json:"tlsTimeout,omitempty" tf:"tls_timeout,omitempty"` +} + type OriginRequestObservation struct { + + // (Boolean) Runs as jump host. + // Runs as jump host. + BastionMode *bool `json:"bastionMode,omitempty" tf:"bastion_mode,omitempty"` + + // (String) Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to "". + // Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to `""`. + CAPool *string `json:"caPool,omitempty" tf:"ca_pool,omitempty"` + + // (String) Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout. Defaults to 30s. + // Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by `tlsTimeout`. Defaults to `30s`. + ConnectTimeout *string `json:"connectTimeout,omitempty" tf:"connect_timeout,omitempty"` + + // (Boolean) Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to false. + // Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to `false`. + DisableChunkedEncoding *bool `json:"disableChunkedEncoding,omitempty" tf:"disable_chunked_encoding,omitempty"` + + // (String) Sets the HTTP Host header on requests sent to the local service. Defaults to "". + // Sets the HTTP Host header on requests sent to the local service. Defaults to `""`. + HTTPHostHeader *string `json:"httpHostHeader,omitempty" tf:"http_host_header,omitempty"` + + // (Block Set) IP rules for the proxy service. (see below for nested schema) + // IP rules for the proxy service. + IPRules []IPRulesObservation `json:"ipRules,omitempty" tf:"ip_rules,omitempty"` + + // (Number) Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to 100. + // Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to `100`. + KeepAliveConnections *float64 `json:"keepAliveConnections,omitempty" tf:"keep_alive_connections,omitempty"` + + // (String) Timeout after which an idle keepalive connection can be discarded. Defaults to 1m30s. + // Timeout after which an idle keepalive connection can be discarded. Defaults to `1m30s`. + KeepAliveTimeout *string `json:"keepAliveTimeout,omitempty" tf:"keep_alive_timeout,omitempty"` + + // (Boolean) Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to false. + // Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to `false`. + NoHappyEyeballs *bool `json:"noHappyEyeballs,omitempty" tf:"no_happy_eyeballs,omitempty"` + + // (Boolean) Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to false. + // Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to `false`. + NoTLSVerify *bool `json:"noTlsVerify,omitempty" tf:"no_tls_verify,omitempty"` + + // (String) Hostname that cloudflared should expect from your origin server certificate. Defaults to "". + // Hostname that cloudflared should expect from your origin server certificate. Defaults to `""`. + OriginServerName *string `json:"originServerName,omitempty" tf:"origin_server_name,omitempty"` + + // (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to 127.0.0.1. + // cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to `127.0.0.1`. + ProxyAddress *string `json:"proxyAddress,omitempty" tf:"proxy_address,omitempty"` + + // (Number) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to 0. + // cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to `0`. + ProxyPort *float64 `json:"proxyPort,omitempty" tf:"proxy_port,omitempty"` + + // (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: “, socks. Defaults to "". + // cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: “, `socks`. Defaults to `""`. + ProxyType *string `json:"proxyType,omitempty" tf:"proxy_type,omitempty"` + + // (String) The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to 30s. + // The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to `30s`. + TCPKeepAlive *string `json:"tcpKeepAlive,omitempty" tf:"tcp_keep_alive,omitempty"` + + // (String) Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to 10s. + // Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to `10s`. + TLSTimeout *string `json:"tlsTimeout,omitempty" tf:"tls_timeout,omitempty"` } type OriginRequestParameters struct { + // (Boolean) Runs as jump host. // Runs as jump host. // +kubebuilder:validation:Optional BastionMode *bool `json:"bastionMode,omitempty" tf:"bastion_mode,omitempty"` + // (String) Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to "". // Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to `""`. // +kubebuilder:validation:Optional CAPool *string `json:"caPool,omitempty" tf:"ca_pool,omitempty"` + // (String) Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout. Defaults to 30s. // Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by `tlsTimeout`. Defaults to `30s`. // +kubebuilder:validation:Optional ConnectTimeout *string `json:"connectTimeout,omitempty" tf:"connect_timeout,omitempty"` + // (Boolean) Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to false. // Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to `false`. // +kubebuilder:validation:Optional DisableChunkedEncoding *bool `json:"disableChunkedEncoding,omitempty" tf:"disable_chunked_encoding,omitempty"` + // (String) Sets the HTTP Host header on requests sent to the local service. Defaults to "". // Sets the HTTP Host header on requests sent to the local service. Defaults to `""`. // +kubebuilder:validation:Optional HTTPHostHeader *string `json:"httpHostHeader,omitempty" tf:"http_host_header,omitempty"` + // (Block Set) IP rules for the proxy service. (see below for nested schema) // IP rules for the proxy service. // +kubebuilder:validation:Optional IPRules []IPRulesParameters `json:"ipRules,omitempty" tf:"ip_rules,omitempty"` + // (Number) Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to 100. // Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to `100`. // +kubebuilder:validation:Optional KeepAliveConnections *float64 `json:"keepAliveConnections,omitempty" tf:"keep_alive_connections,omitempty"` + // (String) Timeout after which an idle keepalive connection can be discarded. Defaults to 1m30s. // Timeout after which an idle keepalive connection can be discarded. Defaults to `1m30s`. // +kubebuilder:validation:Optional KeepAliveTimeout *string `json:"keepAliveTimeout,omitempty" tf:"keep_alive_timeout,omitempty"` + // (Boolean) Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to false. // Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to `false`. // +kubebuilder:validation:Optional NoHappyEyeballs *bool `json:"noHappyEyeballs,omitempty" tf:"no_happy_eyeballs,omitempty"` + // (Boolean) Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to false. // Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to `false`. // +kubebuilder:validation:Optional NoTLSVerify *bool `json:"noTlsVerify,omitempty" tf:"no_tls_verify,omitempty"` + // (String) Hostname that cloudflared should expect from your origin server certificate. Defaults to "". // Hostname that cloudflared should expect from your origin server certificate. Defaults to `""`. // +kubebuilder:validation:Optional OriginServerName *string `json:"originServerName,omitempty" tf:"origin_server_name,omitempty"` + // (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to 127.0.0.1. // cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to `127.0.0.1`. // +kubebuilder:validation:Optional ProxyAddress *string `json:"proxyAddress,omitempty" tf:"proxy_address,omitempty"` + // (Number) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to 0. // cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to `0`. // +kubebuilder:validation:Optional ProxyPort *float64 `json:"proxyPort,omitempty" tf:"proxy_port,omitempty"` + // (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: “, socks. Defaults to "". // cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: “, `socks`. Defaults to `""`. // +kubebuilder:validation:Optional ProxyType *string `json:"proxyType,omitempty" tf:"proxy_type,omitempty"` + // (String) The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to 30s. // The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to `30s`. // +kubebuilder:validation:Optional TCPKeepAlive *string `json:"tcpKeepAlive,omitempty" tf:"tcp_keep_alive,omitempty"` + // (String) Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to 10s. // Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to `10s`. // +kubebuilder:validation:Optional TLSTimeout *string `json:"tlsTimeout,omitempty" tf:"tls_timeout,omitempty"` } +type TunnelConfigInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (Block List, Min: 1, Max: 1) Configuration block for Tunnel Configuration. (see below for nested schema) + // Configuration block for Tunnel Configuration. + Config []ConfigInitParameters `json:"config,omitempty" tf:"config,omitempty"` + + // (String) Identifier of the Tunnel to target for this configuration. + // Identifier of the Tunnel to target for this configuration. + // +crossplane:generate:reference:type=Tunnel + TunnelID *string `json:"tunnelId,omitempty" tf:"tunnel_id,omitempty"` + + // Reference to a Tunnel to populate tunnelId. + // +kubebuilder:validation:Optional + TunnelIDRef *v1.Reference `json:"tunnelIdRef,omitempty" tf:"-"` + + // Selector for a Tunnel to populate tunnelId. + // +kubebuilder:validation:Optional + TunnelIDSelector *v1.Selector `json:"tunnelIdSelector,omitempty" tf:"-"` +} + type TunnelConfigObservation struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (Block List, Min: 1, Max: 1) Configuration block for Tunnel Configuration. (see below for nested schema) + // Configuration block for Tunnel Configuration. + Config []ConfigObservation `json:"config,omitempty" tf:"config,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) Identifier of the Tunnel to target for this configuration. + // Identifier of the Tunnel to target for this configuration. + TunnelID *string `json:"tunnelId,omitempty" tf:"tunnel_id,omitempty"` } type TunnelConfigParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -155,10 +442,12 @@ type TunnelConfigParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (Block List, Min: 1, Max: 1) Configuration block for Tunnel Configuration. (see below for nested schema) // Configuration block for Tunnel Configuration. - // +kubebuilder:validation:Required - Config []ConfigParameters `json:"config" tf:"config,omitempty"` + // +kubebuilder:validation:Optional + Config []ConfigParameters `json:"config,omitempty" tf:"config,omitempty"` + // (String) Identifier of the Tunnel to target for this configuration. // Identifier of the Tunnel to target for this configuration. // +crossplane:generate:reference:type=Tunnel // +kubebuilder:validation:Optional @@ -173,11 +462,23 @@ type TunnelConfigParameters struct { TunnelIDSelector *v1.Selector `json:"tunnelIdSelector,omitempty" tf:"-"` } +type WarpRoutingInitParameters struct { + + // (Boolean) Whether WARP routing is enabled. + // Whether WARP routing is enabled. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` +} + type WarpRoutingObservation struct { + + // (Boolean) Whether WARP routing is enabled. + // Whether WARP routing is enabled. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` } type WarpRoutingParameters struct { + // (Boolean) Whether WARP routing is enabled. // Whether WARP routing is enabled. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` @@ -187,6 +488,17 @@ type WarpRoutingParameters struct { type TunnelConfigSpec struct { v1.ResourceSpec `json:",inline"` ForProvider TunnelConfigParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider TunnelConfigInitParameters `json:"initProvider,omitempty"` } // TunnelConfigStatus defines the observed state of TunnelConfig. @@ -196,19 +508,21 @@ type TunnelConfigStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// TunnelConfig is the Schema for the TunnelConfigs API. +// TunnelConfig is the Schema for the TunnelConfigs API. Provides a Cloudflare Tunnel configuration resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type TunnelConfig struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec TunnelConfigSpec `json:"spec"` - Status TunnelConfigStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.config) || (has(self.initProvider) && has(self.initProvider.config))",message="spec.forProvider.config is a required parameter" + Spec TunnelConfigSpec `json:"spec"` + Status TunnelConfigStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/argo/v1alpha1/zz_tunnelroute_terraformed.go b/apis/argo/v1alpha1/zz_tunnelroute_terraformed.go new file mode 100755 index 0000000..86e8ba1 --- /dev/null +++ b/apis/argo/v1alpha1/zz_tunnelroute_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this TunnelRoute +func (mg *TunnelRoute) GetTerraformResourceType() string { + return "cloudflare_tunnel_route" +} + +// GetConnectionDetailsMapping for this TunnelRoute +func (tr *TunnelRoute) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this TunnelRoute +func (tr *TunnelRoute) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this TunnelRoute +func (tr *TunnelRoute) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this TunnelRoute +func (tr *TunnelRoute) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this TunnelRoute +func (tr *TunnelRoute) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this TunnelRoute +func (tr *TunnelRoute) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this TunnelRoute +func (tr *TunnelRoute) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this TunnelRoute +func (tr *TunnelRoute) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this TunnelRoute using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *TunnelRoute) LateInitialize(attrs []byte) (bool, error) { + params := &TunnelRouteParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *TunnelRoute) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/argo/v1alpha1/zz_tunnelroute_types.go b/apis/argo/v1alpha1/zz_tunnelroute_types.go index df77de5..2c922f5 100755 --- a/apis/argo/v1alpha1/zz_tunnelroute_types.go +++ b/apis/argo/v1alpha1/zz_tunnelroute_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,85 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type TunnelRouteInitParameters struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) Description of the tunnel route. + // Description of the tunnel route. + Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` + + // (String) The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. + // The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. + Network *string `json:"network,omitempty" tf:"network,omitempty"` + + // (String) The ID of the tunnel that will service the tunnel route. + // The ID of the tunnel that will service the tunnel route. + // +crossplane:generate:reference:type=Tunnel + TunnelID *string `json:"tunnelId,omitempty" tf:"tunnel_id,omitempty"` + + // Reference to a Tunnel to populate tunnelId. + // +kubebuilder:validation:Optional + TunnelIDRef *v1.Reference `json:"tunnelIdRef,omitempty" tf:"-"` + + // Selector for a Tunnel to populate tunnelId. + // +kubebuilder:validation:Optional + TunnelIDSelector *v1.Selector `json:"tunnelIdSelector,omitempty" tf:"-"` + + // (String) The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. Modifying this attribute will force creation of a new resource. + // The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=TunnelVirtualNetwork + VirtualNetworkID *string `json:"virtualNetworkId,omitempty" tf:"virtual_network_id,omitempty"` + + // Reference to a TunnelVirtualNetwork to populate virtualNetworkId. + // +kubebuilder:validation:Optional + VirtualNetworkIDRef *v1.Reference `json:"virtualNetworkIdRef,omitempty" tf:"-"` + + // Selector for a TunnelVirtualNetwork to populate virtualNetworkId. + // +kubebuilder:validation:Optional + VirtualNetworkIDSelector *v1.Selector `json:"virtualNetworkIdSelector,omitempty" tf:"-"` +} + type TunnelRouteObservation struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) Description of the tunnel route. + // Description of the tunnel route. + Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. + // The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. + Network *string `json:"network,omitempty" tf:"network,omitempty"` + + // (String) The ID of the tunnel that will service the tunnel route. + // The ID of the tunnel that will service the tunnel route. + TunnelID *string `json:"tunnelId,omitempty" tf:"tunnel_id,omitempty"` + + // (String) The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. Modifying this attribute will force creation of a new resource. + // The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. **Modifying this attribute will force creation of a new resource.** + VirtualNetworkID *string `json:"virtualNetworkId,omitempty" tf:"virtual_network_id,omitempty"` } type TunnelRouteParameters struct { + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,14 +109,17 @@ type TunnelRouteParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) Description of the tunnel route. // Description of the tunnel route. // +kubebuilder:validation:Optional Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` + // (String) The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. // The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. - // +kubebuilder:validation:Required - Network *string `json:"network" tf:"network,omitempty"` + // +kubebuilder:validation:Optional + Network *string `json:"network,omitempty" tf:"network,omitempty"` + // (String) The ID of the tunnel that will service the tunnel route. // The ID of the tunnel that will service the tunnel route. // +crossplane:generate:reference:type=Tunnel // +kubebuilder:validation:Optional @@ -53,6 +133,7 @@ type TunnelRouteParameters struct { // +kubebuilder:validation:Optional TunnelIDSelector *v1.Selector `json:"tunnelIdSelector,omitempty" tf:"-"` + // (String) The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. Modifying this attribute will force creation of a new resource. // The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=TunnelVirtualNetwork // +kubebuilder:validation:Optional @@ -71,6 +152,17 @@ type TunnelRouteParameters struct { type TunnelRouteSpec struct { v1.ResourceSpec `json:",inline"` ForProvider TunnelRouteParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider TunnelRouteInitParameters `json:"initProvider,omitempty"` } // TunnelRouteStatus defines the observed state of TunnelRoute. @@ -80,19 +172,21 @@ type TunnelRouteStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// TunnelRoute is the Schema for the TunnelRoutes API. +// TunnelRoute is the Schema for the TunnelRoutes API. Provides a resource, that manages Cloudflare tunnel routes for Zero Trust. Tunnel routes are used to direct IP traffic through Cloudflare Tunnels. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type TunnelRoute struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec TunnelRouteSpec `json:"spec"` - Status TunnelRouteStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.network) || (has(self.initProvider) && has(self.initProvider.network))",message="spec.forProvider.network is a required parameter" + Spec TunnelRouteSpec `json:"spec"` + Status TunnelRouteStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/argo/v1alpha1/zz_tunnelvirtualnetwork_terraformed.go b/apis/argo/v1alpha1/zz_tunnelvirtualnetwork_terraformed.go new file mode 100755 index 0000000..e4ebaaf --- /dev/null +++ b/apis/argo/v1alpha1/zz_tunnelvirtualnetwork_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this TunnelVirtualNetwork +func (mg *TunnelVirtualNetwork) GetTerraformResourceType() string { + return "cloudflare_tunnel_virtual_network" +} + +// GetConnectionDetailsMapping for this TunnelVirtualNetwork +func (tr *TunnelVirtualNetwork) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this TunnelVirtualNetwork +func (tr *TunnelVirtualNetwork) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this TunnelVirtualNetwork +func (tr *TunnelVirtualNetwork) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this TunnelVirtualNetwork +func (tr *TunnelVirtualNetwork) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this TunnelVirtualNetwork +func (tr *TunnelVirtualNetwork) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this TunnelVirtualNetwork +func (tr *TunnelVirtualNetwork) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this TunnelVirtualNetwork +func (tr *TunnelVirtualNetwork) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this TunnelVirtualNetwork +func (tr *TunnelVirtualNetwork) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this TunnelVirtualNetwork using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *TunnelVirtualNetwork) LateInitialize(attrs []byte) (bool, error) { + params := &TunnelVirtualNetworkParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *TunnelVirtualNetwork) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/argo/v1alpha1/zz_tunnelvirtualnetwork_types.go b/apis/argo/v1alpha1/zz_tunnelvirtualnetwork_types.go index 1092b7f..c136105 100755 --- a/apis/argo/v1alpha1/zz_tunnelvirtualnetwork_types.go +++ b/apis/argo/v1alpha1/zz_tunnelvirtualnetwork_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,59 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type TunnelVirtualNetworkInitParameters struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) Description of the tunnel virtual network. + // Description of the tunnel virtual network. + Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` + + // (Boolean) Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. + // Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. + IsDefaultNetwork *bool `json:"isDefaultNetwork,omitempty" tf:"is_default_network,omitempty"` + + // friendly name chosen when the virtual network is created. + // A user-friendly name chosen when the virtual network is created. + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type TunnelVirtualNetworkObservation struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) Description of the tunnel virtual network. + // Description of the tunnel virtual network. + Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Boolean) Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. + // Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. + IsDefaultNetwork *bool `json:"isDefaultNetwork,omitempty" tf:"is_default_network,omitempty"` + + // friendly name chosen when the virtual network is created. + // A user-friendly name chosen when the virtual network is created. + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type TunnelVirtualNetworkParameters struct { + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,23 +83,37 @@ type TunnelVirtualNetworkParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) Description of the tunnel virtual network. // Description of the tunnel virtual network. // +kubebuilder:validation:Optional Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` + // (Boolean) Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. // Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. // +kubebuilder:validation:Optional IsDefaultNetwork *bool `json:"isDefaultNetwork,omitempty" tf:"is_default_network,omitempty"` + // friendly name chosen when the virtual network is created. // A user-friendly name chosen when the virtual network is created. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` } // TunnelVirtualNetworkSpec defines the desired state of TunnelVirtualNetwork type TunnelVirtualNetworkSpec struct { v1.ResourceSpec `json:",inline"` ForProvider TunnelVirtualNetworkParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider TunnelVirtualNetworkInitParameters `json:"initProvider,omitempty"` } // TunnelVirtualNetworkStatus defines the observed state of TunnelVirtualNetwork. @@ -58,19 +123,21 @@ type TunnelVirtualNetworkStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// TunnelVirtualNetwork is the Schema for the TunnelVirtualNetworks API. +// TunnelVirtualNetwork is the Schema for the TunnelVirtualNetworks API. Provides a resource, that manages Cloudflare tunnel virtual networks for Zero Trust. Tunnel virtual networks are used for segregation of Tunnel IP Routes via Virtualized Networks to handle overlapping private IPs in your origins. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type TunnelVirtualNetwork struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec TunnelVirtualNetworkSpec `json:"spec"` - Status TunnelVirtualNetworkStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec TunnelVirtualNetworkSpec `json:"spec"` + Status TunnelVirtualNetworkStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/authenticatedoriginpulls/v1alpha1/zz_generated_terraformed.go b/apis/authenticatedoriginpulls/v1alpha1/zz_authenticatedoriginspulls_terraformed.go similarity index 55% rename from apis/authenticatedoriginpulls/v1alpha1/zz_generated_terraformed.go rename to apis/authenticatedoriginpulls/v1alpha1/zz_authenticatedoriginspulls_terraformed.go index f95cf00..9f6a352 100755 --- a/apis/authenticatedoriginpulls/v1alpha1/zz_generated_terraformed.go +++ b/apis/authenticatedoriginpulls/v1alpha1/zz_authenticatedoriginspulls_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this AuthenticatedOriginsPulls @@ -69,84 +74,50 @@ func (tr *AuthenticatedOriginsPulls) SetParameters(params map[string]any) error return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } -// LateInitialize this AuthenticatedOriginsPulls using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *AuthenticatedOriginsPulls) LateInitialize(attrs []byte) (bool, error) { - params := &AuthenticatedOriginsPullsParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *AuthenticatedOriginsPulls) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Certificate -func (mg *Certificate) GetTerraformResourceType() string { - return "cloudflare_authenticated_origin_pulls_certificate" -} - -// GetConnectionDetailsMapping for this Certificate -func (tr *Certificate) GetConnectionDetailsMapping() map[string]string { - return map[string]string{"private_key": "spec.forProvider.privateKeySecretRef"} -} - -// GetObservation of this Certificate -func (tr *Certificate) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) +// GetInitParameters of this AuthenticatedOriginsPulls +func (tr *AuthenticatedOriginsPulls) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) if err != nil { return nil, err } base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) + return base, json.TFParser.Unmarshal(p, &base) } -// SetObservation for this Certificate -func (tr *Certificate) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) +// GetInitParameters of this AuthenticatedOriginsPulls +func (tr *AuthenticatedOriginsPulls) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() if err != nil { - return err + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Certificate -func (tr *Certificate) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" + if !shouldMergeInitProvider { + return params, nil } - return *tr.Status.AtProvider.ID -} -// GetParameters of this Certificate -func (tr *Certificate) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + initParams, err := tr.GetInitParameters() if err != nil { - return nil, err + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} -// SetParameters for this Certificate -func (tr *Certificate) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) if err != nil { - return err + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) + + return params, nil } -// LateInitialize this Certificate using its observed tfState. +// LateInitialize this AuthenticatedOriginsPulls using its observed tfState. // returns True if there are any spec changes for the resource. -func (tr *Certificate) LateInitialize(attrs []byte) (bool, error) { - params := &CertificateParameters{} +func (tr *AuthenticatedOriginsPulls) LateInitialize(attrs []byte) (bool, error) { + params := &AuthenticatedOriginsPullsParameters{} if err := json.TFParser.Unmarshal(attrs, params); err != nil { return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") } @@ -157,6 +128,6 @@ func (tr *Certificate) LateInitialize(attrs []byte) (bool, error) { } // GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Certificate) GetTerraformSchemaVersion() int { +func (tr *AuthenticatedOriginsPulls) GetTerraformSchemaVersion() int { return 0 } diff --git a/apis/authenticatedoriginpulls/v1alpha1/zz_authenticatedoriginspulls_types.go b/apis/authenticatedoriginpulls/v1alpha1/zz_authenticatedoriginspulls_types.go index f15d584..8a178b5 100755 --- a/apis/authenticatedoriginpulls/v1alpha1/zz_authenticatedoriginspulls_types.go +++ b/apis/authenticatedoriginpulls/v1alpha1/zz_authenticatedoriginspulls_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,61 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type AuthenticatedOriginsPullsInitParameters struct { + + // The id of an uploaded Authenticated Origin Pulls certificate. If no hostname is provided, this certificate will be used zone wide as Per-Zone Authenticated Origin Pulls. + // +crossplane:generate:reference:type=Certificate + AuthenticatedOriginPullsCertificate *string `json:"authenticatedOriginPullsCertificate,omitempty" tf:"authenticated_origin_pulls_certificate,omitempty"` + + // Reference to a Certificate to populate authenticatedOriginPullsCertificate. + // +kubebuilder:validation:Optional + AuthenticatedOriginPullsCertificateRef *v1.Reference `json:"authenticatedOriginPullsCertificateRef,omitempty" tf:"-"` + + // Selector for a Certificate to populate authenticatedOriginPullsCertificate. + // +kubebuilder:validation:Optional + AuthenticatedOriginPullsCertificateSelector *v1.Selector `json:"authenticatedOriginPullsCertificateSelector,omitempty" tf:"-"` + + // Whether or not to enable Authenticated Origin Pulls on the given zone or hostname. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // Specify a hostname to enable Per-Hostname Authenticated Origin Pulls on, using the provided certificate. + Hostname *string `json:"hostname,omitempty" tf:"hostname,omitempty"` + + // The zone ID to upload the certificate to. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type AuthenticatedOriginsPullsObservation struct { + + // The id of an uploaded Authenticated Origin Pulls certificate. If no hostname is provided, this certificate will be used zone wide as Per-Zone Authenticated Origin Pulls. + AuthenticatedOriginPullsCertificate *string `json:"authenticatedOriginPullsCertificate,omitempty" tf:"authenticated_origin_pulls_certificate,omitempty"` + + // Whether or not to enable Authenticated Origin Pulls on the given zone or hostname. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // Specify a hostname to enable Per-Hostname Authenticated Origin Pulls on, using the provided certificate. + Hostname *string `json:"hostname,omitempty" tf:"hostname,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // The zone ID to upload the certificate to. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type AuthenticatedOriginsPullsParameters struct { + // The id of an uploaded Authenticated Origin Pulls certificate. If no hostname is provided, this certificate will be used zone wide as Per-Zone Authenticated Origin Pulls. // +crossplane:generate:reference:type=Certificate // +kubebuilder:validation:Optional AuthenticatedOriginPullsCertificate *string `json:"authenticatedOriginPullsCertificate,omitempty" tf:"authenticated_origin_pulls_certificate,omitempty"` @@ -31,12 +84,15 @@ type AuthenticatedOriginsPullsParameters struct { // +kubebuilder:validation:Optional AuthenticatedOriginPullsCertificateSelector *v1.Selector `json:"authenticatedOriginPullsCertificateSelector,omitempty" tf:"-"` - // +kubebuilder:validation:Required - Enabled *bool `json:"enabled" tf:"enabled,omitempty"` + // Whether or not to enable Authenticated Origin Pulls on the given zone or hostname. + // +kubebuilder:validation:Optional + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // Specify a hostname to enable Per-Hostname Authenticated Origin Pulls on, using the provided certificate. // +kubebuilder:validation:Optional Hostname *string `json:"hostname,omitempty" tf:"hostname,omitempty"` + // The zone ID to upload the certificate to. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -55,6 +111,17 @@ type AuthenticatedOriginsPullsParameters struct { type AuthenticatedOriginsPullsSpec struct { v1.ResourceSpec `json:",inline"` ForProvider AuthenticatedOriginsPullsParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider AuthenticatedOriginsPullsInitParameters `json:"initProvider,omitempty"` } // AuthenticatedOriginsPullsStatus defines the observed state of AuthenticatedOriginsPulls. @@ -64,19 +131,21 @@ type AuthenticatedOriginsPullsStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// AuthenticatedOriginsPulls is the Schema for the AuthenticatedOriginsPullss API. +// AuthenticatedOriginsPulls is the Schema for the AuthenticatedOriginsPullss API. Provides a Cloudflare Authenticated Origin Pulls resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type AuthenticatedOriginsPulls struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec AuthenticatedOriginsPullsSpec `json:"spec"` - Status AuthenticatedOriginsPullsStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.enabled) || (has(self.initProvider) && has(self.initProvider.enabled))",message="spec.forProvider.enabled is a required parameter" + Spec AuthenticatedOriginsPullsSpec `json:"spec"` + Status AuthenticatedOriginsPullsStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/authenticatedoriginpulls/v1alpha1/zz_certificate_terraformed.go b/apis/authenticatedoriginpulls/v1alpha1/zz_certificate_terraformed.go new file mode 100755 index 0000000..8969d03 --- /dev/null +++ b/apis/authenticatedoriginpulls/v1alpha1/zz_certificate_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Certificate +func (mg *Certificate) GetTerraformResourceType() string { + return "cloudflare_authenticated_origin_pulls_certificate" +} + +// GetConnectionDetailsMapping for this Certificate +func (tr *Certificate) GetConnectionDetailsMapping() map[string]string { + return map[string]string{"private_key": "spec.forProvider.privateKeySecretRef"} +} + +// GetObservation of this Certificate +func (tr *Certificate) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Certificate +func (tr *Certificate) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Certificate +func (tr *Certificate) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Certificate +func (tr *Certificate) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Certificate +func (tr *Certificate) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Certificate +func (tr *Certificate) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Certificate +func (tr *Certificate) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Certificate using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Certificate) LateInitialize(attrs []byte) (bool, error) { + params := &CertificateParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Certificate) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/authenticatedoriginpulls/v1alpha1/zz_certificate_types.go b/apis/authenticatedoriginpulls/v1alpha1/zz_certificate_types.go index 30fcc3b..1ee9585 100755 --- a/apis/authenticatedoriginpulls/v1alpha1/zz_certificate_types.go +++ b/apis/authenticatedoriginpulls/v1alpha1/zz_certificate_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,8 +17,36 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type CertificateInitParameters struct { + + // The public client certificate. + // **Modifying this attribute will force creation of a new resource.** + Certificate *string `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // The form of Authenticated Origin Pulls to upload the certificate to. + // **Modifying this attribute will force creation of a new resource.** + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // The zone ID to upload the certificate to. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type CertificateObservation struct { + // The public client certificate. + // **Modifying this attribute will force creation of a new resource.** + Certificate *string `json:"certificate,omitempty" tf:"certificate,omitempty"` + // **Modifying this attribute will force creation of a new resource.** ExpiresOn *string `json:"expiresOn,omitempty" tf:"expires_on,omitempty"` @@ -32,24 +64,36 @@ type CertificateObservation struct { // **Modifying this attribute will force creation of a new resource.** Status *string `json:"status,omitempty" tf:"status,omitempty"` + // The form of Authenticated Origin Pulls to upload the certificate to. + // **Modifying this attribute will force creation of a new resource.** + Type *string `json:"type,omitempty" tf:"type,omitempty"` + // **Modifying this attribute will force creation of a new resource.** UploadedOn *string `json:"uploadedOn,omitempty" tf:"uploaded_on,omitempty"` + + // The zone ID to upload the certificate to. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type CertificateParameters struct { + // The public client certificate. // **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Certificate *string `json:"certificate" tf:"certificate,omitempty"` + // +kubebuilder:validation:Optional + Certificate *string `json:"certificate,omitempty" tf:"certificate,omitempty"` + // The private key of the client certificate. // **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional PrivateKeySecretRef v1.SecretKeySelector `json:"privateKeySecretRef" tf:"-"` + // The form of Authenticated Origin Pulls to upload the certificate to. // **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Type *string `json:"type" tf:"type,omitempty"` + // +kubebuilder:validation:Optional + Type *string `json:"type,omitempty" tf:"type,omitempty"` + // The zone ID to upload the certificate to. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -68,6 +112,17 @@ type CertificateParameters struct { type CertificateSpec struct { v1.ResourceSpec `json:",inline"` ForProvider CertificateParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider CertificateInitParameters `json:"initProvider,omitempty"` } // CertificateStatus defines the observed state of Certificate. @@ -77,19 +132,23 @@ type CertificateStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Certificate is the Schema for the Certificates API. +// Certificate is the Schema for the Certificates API. Provides a Cloudflare Authenticated Origin Pulls certificate resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Certificate struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec CertificateSpec `json:"spec"` - Status CertificateStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.certificate) || (has(self.initProvider) && has(self.initProvider.certificate))",message="spec.forProvider.certificate is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.privateKeySecretRef)",message="spec.forProvider.privateKeySecretRef is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.type) || (has(self.initProvider) && has(self.initProvider.type))",message="spec.forProvider.type is a required parameter" + Spec CertificateSpec `json:"spec"` + Status CertificateStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/authenticatedoriginpulls/v1alpha1/zz_generated.conversion_hubs.go b/apis/authenticatedoriginpulls/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..26ac425 --- /dev/null +++ b/apis/authenticatedoriginpulls/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,17 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *AuthenticatedOriginsPulls) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Certificate) Hub() {} diff --git a/apis/authenticatedoriginpulls/v1alpha1/zz_generated.deepcopy.go b/apis/authenticatedoriginpulls/v1alpha1/zz_generated.deepcopy.go index f6badb1..5dbe508 100644 --- a/apis/authenticatedoriginpulls/v1alpha1/zz_generated.deepcopy.go +++ b/apis/authenticatedoriginpulls/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,61 @@ func (in *AuthenticatedOriginsPulls) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuthenticatedOriginsPullsInitParameters) DeepCopyInto(out *AuthenticatedOriginsPullsInitParameters) { + *out = *in + if in.AuthenticatedOriginPullsCertificate != nil { + in, out := &in.AuthenticatedOriginPullsCertificate, &out.AuthenticatedOriginPullsCertificate + *out = new(string) + **out = **in + } + if in.AuthenticatedOriginPullsCertificateRef != nil { + in, out := &in.AuthenticatedOriginPullsCertificateRef, &out.AuthenticatedOriginPullsCertificateRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AuthenticatedOriginPullsCertificateSelector != nil { + in, out := &in.AuthenticatedOriginPullsCertificateSelector, &out.AuthenticatedOriginPullsCertificateSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Hostname != nil { + in, out := &in.Hostname, &out.Hostname + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticatedOriginsPullsInitParameters. +func (in *AuthenticatedOriginsPullsInitParameters) DeepCopy() *AuthenticatedOriginsPullsInitParameters { + if in == nil { + return nil + } + out := new(AuthenticatedOriginsPullsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AuthenticatedOriginsPullsList) DeepCopyInto(out *AuthenticatedOriginsPullsList) { *out = *in @@ -76,11 +130,31 @@ func (in *AuthenticatedOriginsPullsList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AuthenticatedOriginsPullsObservation) DeepCopyInto(out *AuthenticatedOriginsPullsObservation) { *out = *in + if in.AuthenticatedOriginPullsCertificate != nil { + in, out := &in.AuthenticatedOriginPullsCertificate, &out.AuthenticatedOriginPullsCertificate + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Hostname != nil { + in, out := &in.Hostname, &out.Hostname + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticatedOriginsPullsObservation. @@ -153,6 +227,7 @@ func (in *AuthenticatedOriginsPullsSpec) DeepCopyInto(out *AuthenticatedOriginsP *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticatedOriginsPullsSpec. @@ -209,6 +284,46 @@ func (in *Certificate) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertificateInitParameters) DeepCopyInto(out *CertificateInitParameters) { + *out = *in + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateInitParameters. +func (in *CertificateInitParameters) DeepCopy() *CertificateInitParameters { + if in == nil { + return nil + } + out := new(CertificateInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CertificateList) DeepCopyInto(out *CertificateList) { *out = *in @@ -244,6 +359,11 @@ func (in *CertificateList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CertificateObservation) DeepCopyInto(out *CertificateObservation) { *out = *in + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(string) + **out = **in + } if in.ExpiresOn != nil { in, out := &in.ExpiresOn, &out.ExpiresOn *out = new(string) @@ -274,11 +394,21 @@ func (in *CertificateObservation) DeepCopyInto(out *CertificateObservation) { *out = new(string) **out = **in } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } if in.UploadedOn != nil { in, out := &in.UploadedOn, &out.UploadedOn *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateObservation. @@ -337,6 +467,7 @@ func (in *CertificateSpec) DeepCopyInto(out *CertificateSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSpec. diff --git a/apis/authenticatedoriginpulls/v1alpha1/zz_generated.managed.go b/apis/authenticatedoriginpulls/v1alpha1/zz_generated.managed.go index b5f4136..9d71749 100644 --- a/apis/authenticatedoriginpulls/v1alpha1/zz_generated.managed.go +++ b/apis/authenticatedoriginpulls/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *AuthenticatedOriginsPulls) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this AuthenticatedOriginsPulls. +func (mg *AuthenticatedOriginsPulls) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this AuthenticatedOriginsPulls. func (mg *AuthenticatedOriginsPulls) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this AuthenticatedOriginsPulls. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *AuthenticatedOriginsPulls) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this AuthenticatedOriginsPulls. func (mg *AuthenticatedOriginsPulls) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *AuthenticatedOriginsPulls) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this AuthenticatedOriginsPulls. +func (mg *AuthenticatedOriginsPulls) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this AuthenticatedOriginsPulls. func (mg *AuthenticatedOriginsPulls) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this AuthenticatedOriginsPulls. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *AuthenticatedOriginsPulls) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this AuthenticatedOriginsPulls. func (mg *AuthenticatedOriginsPulls) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *Certificate) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Certificate. +func (mg *Certificate) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Certificate. func (mg *Certificate) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Certificate. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Certificate) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Certificate. func (mg *Certificate) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *Certificate) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Certificate. +func (mg *Certificate) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Certificate. func (mg *Certificate) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Certificate. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Certificate) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Certificate. func (mg *Certificate) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/authenticatedoriginpulls/v1alpha1/zz_generated.resolvers.go b/apis/authenticatedoriginpulls/v1alpha1/zz_generated.resolvers.go index 65e8bb7..ca8ef74 100644 --- a/apis/authenticatedoriginpulls/v1alpha1/zz_generated.resolvers.go +++ b/apis/authenticatedoriginpulls/v1alpha1/zz_generated.resolvers.go @@ -52,6 +52,38 @@ func (mg *AuthenticatedOriginsPulls) ResolveReferences(ctx context.Context, c cl mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AuthenticatedOriginPullsCertificate), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AuthenticatedOriginPullsCertificateRef, + Selector: mg.Spec.InitProvider.AuthenticatedOriginPullsCertificateSelector, + To: reference.To{ + List: &CertificateList{}, + Managed: &Certificate{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AuthenticatedOriginPullsCertificate") + } + mg.Spec.InitProvider.AuthenticatedOriginPullsCertificate = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AuthenticatedOriginPullsCertificateRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -78,5 +110,21 @@ func (mg *Certificate) ResolveReferences(ctx context.Context, c client.Reader) e mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/authenticatedoriginpulls/v1alpha1/zz_groupversion_info.go b/apis/authenticatedoriginpulls/v1alpha1/zz_groupversion_info.go index e02de3a..811d642 100755 --- a/apis/authenticatedoriginpulls/v1alpha1/zz_groupversion_info.go +++ b/apis/authenticatedoriginpulls/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/byoip/v1alpha1/zz_generated.conversion_hubs.go b/apis/byoip/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..1209e73 --- /dev/null +++ b/apis/byoip/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,14 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *IPPrefix) Hub() {} diff --git a/apis/byoip/v1alpha1/zz_generated.deepcopy.go b/apis/byoip/v1alpha1/zz_generated.deepcopy.go index 04d2a7f..ee611b1 100644 --- a/apis/byoip/v1alpha1/zz_generated.deepcopy.go +++ b/apis/byoip/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,51 @@ func (in *IPPrefix) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPPrefixInitParameters) DeepCopyInto(out *IPPrefixInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Advertisement != nil { + in, out := &in.Advertisement, &out.Advertisement + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.PrefixID != nil { + in, out := &in.PrefixID, &out.PrefixID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPPrefixInitParameters. +func (in *IPPrefixInitParameters) DeepCopy() *IPPrefixInitParameters { + if in == nil { + return nil + } + out := new(IPPrefixInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPPrefixList) DeepCopyInto(out *IPPrefixList) { *out = *in @@ -76,11 +120,31 @@ func (in *IPPrefixList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPPrefixObservation) DeepCopyInto(out *IPPrefixObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Advertisement != nil { + in, out := &in.Advertisement, &out.Advertisement + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.PrefixID != nil { + in, out := &in.PrefixID, &out.PrefixID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPPrefixObservation. @@ -143,6 +207,7 @@ func (in *IPPrefixSpec) DeepCopyInto(out *IPPrefixSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPPrefixSpec. diff --git a/apis/byoip/v1alpha1/zz_generated.managed.go b/apis/byoip/v1alpha1/zz_generated.managed.go index 163f94a..5de1146 100644 --- a/apis/byoip/v1alpha1/zz_generated.managed.go +++ b/apis/byoip/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *IPPrefix) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this IPPrefix. +func (mg *IPPrefix) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this IPPrefix. func (mg *IPPrefix) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this IPPrefix. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *IPPrefix) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this IPPrefix. func (mg *IPPrefix) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *IPPrefix) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this IPPrefix. +func (mg *IPPrefix) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this IPPrefix. func (mg *IPPrefix) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this IPPrefix. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *IPPrefix) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this IPPrefix. func (mg *IPPrefix) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/byoip/v1alpha1/zz_generated.resolvers.go b/apis/byoip/v1alpha1/zz_generated.resolvers.go index ae9fb94..ffde882 100644 --- a/apis/byoip/v1alpha1/zz_generated.resolvers.go +++ b/apis/byoip/v1alpha1/zz_generated.resolvers.go @@ -36,5 +36,21 @@ func (mg *IPPrefix) ResolveReferences(ctx context.Context, c client.Reader) erro mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/byoip/v1alpha1/zz_groupversion_info.go b/apis/byoip/v1alpha1/zz_groupversion_info.go index d2e61ae..2afb84a 100755 --- a/apis/byoip/v1alpha1/zz_groupversion_info.go +++ b/apis/byoip/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/byoip/v1alpha1/zz_generated_terraformed.go b/apis/byoip/v1alpha1/zz_ipprefix_terraformed.go similarity index 60% rename from apis/byoip/v1alpha1/zz_generated_terraformed.go rename to apis/byoip/v1alpha1/zz_ipprefix_terraformed.go index 2cdf105..84425b7 100755 --- a/apis/byoip/v1alpha1/zz_generated_terraformed.go +++ b/apis/byoip/v1alpha1/zz_ipprefix_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this IPPrefix @@ -69,6 +74,46 @@ func (tr *IPPrefix) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this IPPrefix +func (tr *IPPrefix) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this IPPrefix +func (tr *IPPrefix) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + // LateInitialize this IPPrefix using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *IPPrefix) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/byoip/v1alpha1/zz_ipprefix_types.go b/apis/byoip/v1alpha1/zz_ipprefix_types.go index cedbd47..c1f568b 100755 --- a/apis/byoip/v1alpha1/zz_ipprefix_types.go +++ b/apis/byoip/v1alpha1/zz_ipprefix_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,59 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type IPPrefixInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: on, off. + // Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: `on`, `off`. + Advertisement *string `json:"advertisement,omitempty" tf:"advertisement,omitempty"` + + // (String) Description of the BYO IP prefix. + // Description of the BYO IP prefix. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // Your-Own-IP prefix ID. Modifying this attribute will force creation of a new resource. + // The assigned Bring-Your-Own-IP prefix ID. **Modifying this attribute will force creation of a new resource.** + PrefixID *string `json:"prefixId,omitempty" tf:"prefix_id,omitempty"` +} + type IPPrefixObservation struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: on, off. + // Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: `on`, `off`. + Advertisement *string `json:"advertisement,omitempty" tf:"advertisement,omitempty"` + + // (String) Description of the BYO IP prefix. + // Description of the BYO IP prefix. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // Your-Own-IP prefix ID. Modifying this attribute will force creation of a new resource. + // The assigned Bring-Your-Own-IP prefix ID. **Modifying this attribute will force creation of a new resource.** + PrefixID *string `json:"prefixId,omitempty" tf:"prefix_id,omitempty"` } type IPPrefixParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,23 +83,37 @@ type IPPrefixParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: on, off. // Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: `on`, `off`. // +kubebuilder:validation:Optional Advertisement *string `json:"advertisement,omitempty" tf:"advertisement,omitempty"` + // (String) Description of the BYO IP prefix. // Description of the BYO IP prefix. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // Your-Own-IP prefix ID. Modifying this attribute will force creation of a new resource. // The assigned Bring-Your-Own-IP prefix ID. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - PrefixID *string `json:"prefixId" tf:"prefix_id,omitempty"` + // +kubebuilder:validation:Optional + PrefixID *string `json:"prefixId,omitempty" tf:"prefix_id,omitempty"` } // IPPrefixSpec defines the desired state of IPPrefix type IPPrefixSpec struct { v1.ResourceSpec `json:",inline"` ForProvider IPPrefixParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider IPPrefixInitParameters `json:"initProvider,omitempty"` } // IPPrefixStatus defines the observed state of IPPrefix. @@ -58,19 +123,21 @@ type IPPrefixStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// IPPrefix is the Schema for the IPPrefixs API. +// IPPrefix is the Schema for the IPPrefixs API. Provides the ability to manage Bring-Your-Own-IP prefixes (BYOIP) which are used with or without Magic Transit. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type IPPrefix struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec IPPrefixSpec `json:"spec"` - Status IPPrefixStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.prefixId) || (has(self.initProvider) && has(self.initProvider.prefixId))",message="spec.forProvider.prefixId is a required parameter" + Spec IPPrefixSpec `json:"spec"` + Status IPPrefixStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/certificate/v1alpha1/zz_generated.conversion_hubs.go b/apis/certificate/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..4b82355 --- /dev/null +++ b/apis/certificate/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,14 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Pack) Hub() {} diff --git a/apis/certificate/v1alpha1/zz_generated.deepcopy.go b/apis/certificate/v1alpha1/zz_generated.deepcopy.go index b9f5e0a..68034e1 100644 --- a/apis/certificate/v1alpha1/zz_generated.deepcopy.go +++ b/apis/certificate/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,89 @@ func (in *Pack) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PackInitParameters) DeepCopyInto(out *PackInitParameters) { + *out = *in + if in.CertificateAuthority != nil { + in, out := &in.CertificateAuthority, &out.CertificateAuthority + *out = new(string) + **out = **in + } + if in.CloudflareBranding != nil { + in, out := &in.CloudflareBranding, &out.CloudflareBranding + *out = new(bool) + **out = **in + } + if in.Hosts != nil { + in, out := &in.Hosts, &out.Hosts + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.ValidationErrors != nil { + in, out := &in.ValidationErrors, &out.ValidationErrors + *out = make([]ValidationErrorsInitParameters, len(*in)) + copy(*out, *in) + } + if in.ValidationMethod != nil { + in, out := &in.ValidationMethod, &out.ValidationMethod + *out = new(string) + **out = **in + } + if in.ValidationRecords != nil { + in, out := &in.ValidationRecords, &out.ValidationRecords + *out = make([]ValidationRecordsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ValidityDays != nil { + in, out := &in.ValidityDays, &out.ValidityDays + *out = new(float64) + **out = **in + } + if in.WaitForActiveStatus != nil { + in, out := &in.WaitForActiveStatus, &out.WaitForActiveStatus + *out = new(bool) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackInitParameters. +func (in *PackInitParameters) DeepCopy() *PackInitParameters { + if in == nil { + return nil + } + out := new(PackInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PackList) DeepCopyInto(out *PackList) { *out = *in @@ -76,11 +158,37 @@ func (in *PackList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PackObservation) DeepCopyInto(out *PackObservation) { *out = *in + if in.CertificateAuthority != nil { + in, out := &in.CertificateAuthority, &out.CertificateAuthority + *out = new(string) + **out = **in + } + if in.CloudflareBranding != nil { + in, out := &in.CloudflareBranding, &out.CloudflareBranding + *out = new(bool) + **out = **in + } + if in.Hosts != nil { + in, out := &in.Hosts, &out.Hosts + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } if in.ValidationErrors != nil { in, out := &in.ValidationErrors, &out.ValidationErrors *out = make([]ValidationErrorsObservation, len(*in)) @@ -88,6 +196,33 @@ func (in *PackObservation) DeepCopyInto(out *PackObservation) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.ValidationMethod != nil { + in, out := &in.ValidationMethod, &out.ValidationMethod + *out = new(string) + **out = **in + } + if in.ValidationRecords != nil { + in, out := &in.ValidationRecords, &out.ValidationRecords + *out = make([]ValidationRecordsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ValidityDays != nil { + in, out := &in.ValidityDays, &out.ValidityDays + *out = new(float64) + **out = **in + } + if in.WaitForActiveStatus != nil { + in, out := &in.WaitForActiveStatus, &out.WaitForActiveStatus + *out = new(bool) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackObservation. @@ -188,6 +323,7 @@ func (in *PackSpec) DeepCopyInto(out *PackSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackSpec. @@ -217,6 +353,21 @@ func (in *PackStatus) DeepCopy() *PackStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ValidationErrorsInitParameters) DeepCopyInto(out *ValidationErrorsInitParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValidationErrorsInitParameters. +func (in *ValidationErrorsInitParameters) DeepCopy() *ValidationErrorsInitParameters { + if in == nil { + return nil + } + out := new(ValidationErrorsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ValidationErrorsObservation) DeepCopyInto(out *ValidationErrorsObservation) { *out = *in @@ -252,9 +403,106 @@ func (in *ValidationErrorsParameters) DeepCopy() *ValidationErrorsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ValidationRecordsInitParameters) DeepCopyInto(out *ValidationRecordsInitParameters) { + *out = *in + if in.CnameName != nil { + in, out := &in.CnameName, &out.CnameName + *out = new(string) + **out = **in + } + if in.CnameTarget != nil { + in, out := &in.CnameTarget, &out.CnameTarget + *out = new(string) + **out = **in + } + if in.Emails != nil { + in, out := &in.Emails, &out.Emails + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.HTTPBody != nil { + in, out := &in.HTTPBody, &out.HTTPBody + *out = new(string) + **out = **in + } + if in.HTTPURL != nil { + in, out := &in.HTTPURL, &out.HTTPURL + *out = new(string) + **out = **in + } + if in.TxtName != nil { + in, out := &in.TxtName, &out.TxtName + *out = new(string) + **out = **in + } + if in.TxtValue != nil { + in, out := &in.TxtValue, &out.TxtValue + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValidationRecordsInitParameters. +func (in *ValidationRecordsInitParameters) DeepCopy() *ValidationRecordsInitParameters { + if in == nil { + return nil + } + out := new(ValidationRecordsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ValidationRecordsObservation) DeepCopyInto(out *ValidationRecordsObservation) { *out = *in + if in.CnameName != nil { + in, out := &in.CnameName, &out.CnameName + *out = new(string) + **out = **in + } + if in.CnameTarget != nil { + in, out := &in.CnameTarget, &out.CnameTarget + *out = new(string) + **out = **in + } + if in.Emails != nil { + in, out := &in.Emails, &out.Emails + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.HTTPBody != nil { + in, out := &in.HTTPBody, &out.HTTPBody + *out = new(string) + **out = **in + } + if in.HTTPURL != nil { + in, out := &in.HTTPURL, &out.HTTPURL + *out = new(string) + **out = **in + } + if in.TxtName != nil { + in, out := &in.TxtName, &out.TxtName + *out = new(string) + **out = **in + } + if in.TxtValue != nil { + in, out := &in.TxtValue, &out.TxtValue + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValidationRecordsObservation. diff --git a/apis/certificate/v1alpha1/zz_generated.managed.go b/apis/certificate/v1alpha1/zz_generated.managed.go index c38761c..8def012 100644 --- a/apis/certificate/v1alpha1/zz_generated.managed.go +++ b/apis/certificate/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Pack) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Pack. +func (mg *Pack) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Pack. func (mg *Pack) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Pack. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Pack) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Pack. func (mg *Pack) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Pack) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Pack. +func (mg *Pack) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Pack. func (mg *Pack) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Pack. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Pack) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Pack. func (mg *Pack) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/certificate/v1alpha1/zz_generated.resolvers.go b/apis/certificate/v1alpha1/zz_generated.resolvers.go index 592f0a7..27630bc 100644 --- a/apis/certificate/v1alpha1/zz_generated.resolvers.go +++ b/apis/certificate/v1alpha1/zz_generated.resolvers.go @@ -36,5 +36,21 @@ func (mg *Pack) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/certificate/v1alpha1/zz_groupversion_info.go b/apis/certificate/v1alpha1/zz_groupversion_info.go index f6f6b62..a85c61b 100755 --- a/apis/certificate/v1alpha1/zz_groupversion_info.go +++ b/apis/certificate/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/certificate/v1alpha1/zz_generated_terraformed.go b/apis/certificate/v1alpha1/zz_pack_terraformed.go similarity index 60% rename from apis/certificate/v1alpha1/zz_generated_terraformed.go rename to apis/certificate/v1alpha1/zz_pack_terraformed.go index 9b04b64..b8c5876 100755 --- a/apis/certificate/v1alpha1/zz_generated_terraformed.go +++ b/apis/certificate/v1alpha1/zz_pack_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this Pack @@ -69,6 +74,46 @@ func (tr *Pack) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Pack +func (tr *Pack) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Pack +func (tr *Pack) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + // LateInitialize this Pack using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Pack) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/certificate/v1alpha1/zz_pack_types.go b/apis/certificate/v1alpha1/zz_pack_types.go index 8e89d5a..fd4369b 100755 --- a/apis/certificate/v1alpha1/zz_pack_types.go +++ b/apis/certificate/v1alpha1/zz_pack_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,49 +17,149 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type PackInitParameters struct { + + // (String) Which certificate authority to issue the certificate pack. Available values: digicert, lets_encrypt, google. Modifying this attribute will force creation of a new resource. + // Which certificate authority to issue the certificate pack. Available values: `digicert`, `lets_encrypt`, `google`. **Modifying this attribute will force creation of a new resource.** + CertificateAuthority *string `json:"certificateAuthority,omitempty" tf:"certificate_authority,omitempty"` + + // (Boolean) Whether or not to include Cloudflare branding. This will add sni.cloudflaressl.com as the Common Name if set to true. Modifying this attribute will force creation of a new resource. + // Whether or not to include Cloudflare branding. This will add `sni.cloudflaressl.com` as the Common Name if set to `true`. **Modifying this attribute will force creation of a new resource.** + CloudflareBranding *bool `json:"cloudflareBranding,omitempty" tf:"cloudflare_branding,omitempty"` + + // (Set of String) List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let's Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. Modifying this attribute will force creation of a new resource. + // List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let's Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. **Modifying this attribute will force creation of a new resource.** + // +listType=set + Hosts []*string `json:"hosts,omitempty" tf:"hosts,omitempty"` + + // (String) Certificate pack configuration type. Available values: advanced. Modifying this attribute will force creation of a new resource. + // Certificate pack configuration type. Available values: `advanced`. **Modifying this attribute will force creation of a new resource.** + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (Block List) (see below for nested schema) + ValidationErrors []ValidationErrorsInitParameters `json:"validationErrors,omitempty" tf:"validation_errors,omitempty"` + + // (String) Which validation method to use in order to prove domain ownership. Available values: txt, http, email. Modifying this attribute will force creation of a new resource. + // Which validation method to use in order to prove domain ownership. Available values: `txt`, `http`, `email`. **Modifying this attribute will force creation of a new resource.** + ValidationMethod *string `json:"validationMethod,omitempty" tf:"validation_method,omitempty"` + + // (Block List) (see below for nested schema) + ValidationRecords []ValidationRecordsInitParameters `json:"validationRecords,omitempty" tf:"validation_records,omitempty"` + + // (Number) How long the certificate is valid for. Note: If using Let's Encrypt, this value can only be 90 days. Available values: 14, 30, 90, 365. Modifying this attribute will force creation of a new resource. + // How long the certificate is valid for. Note: If using Let's Encrypt, this value can only be 90 days. Available values: `14`, `30`, `90`, `365`. **Modifying this attribute will force creation of a new resource.** + ValidityDays *float64 `json:"validityDays,omitempty" tf:"validity_days,omitempty"` + + // (Boolean) Whether or not to wait for a certificate pack to reach status active during creation. Defaults to false. Modifying this attribute will force creation of a new resource. + // Whether or not to wait for a certificate pack to reach status `active` during creation. Defaults to `false`. **Modifying this attribute will force creation of a new resource.** + WaitForActiveStatus *bool `json:"waitForActiveStatus,omitempty" tf:"wait_for_active_status,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type PackObservation struct { + + // (String) Which certificate authority to issue the certificate pack. Available values: digicert, lets_encrypt, google. Modifying this attribute will force creation of a new resource. + // Which certificate authority to issue the certificate pack. Available values: `digicert`, `lets_encrypt`, `google`. **Modifying this attribute will force creation of a new resource.** + CertificateAuthority *string `json:"certificateAuthority,omitempty" tf:"certificate_authority,omitempty"` + + // (Boolean) Whether or not to include Cloudflare branding. This will add sni.cloudflaressl.com as the Common Name if set to true. Modifying this attribute will force creation of a new resource. + // Whether or not to include Cloudflare branding. This will add `sni.cloudflaressl.com` as the Common Name if set to `true`. **Modifying this attribute will force creation of a new resource.** + CloudflareBranding *bool `json:"cloudflareBranding,omitempty" tf:"cloudflare_branding,omitempty"` + + // (Set of String) List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let's Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. Modifying this attribute will force creation of a new resource. + // List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let's Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. **Modifying this attribute will force creation of a new resource.** + // +listType=set + Hosts []*string `json:"hosts,omitempty" tf:"hosts,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` - // +kubebuilder:validation:Optional + // (String) Certificate pack configuration type. Available values: advanced. Modifying this attribute will force creation of a new resource. + // Certificate pack configuration type. Available values: `advanced`. **Modifying this attribute will force creation of a new resource.** + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (Block List) (see below for nested schema) ValidationErrors []ValidationErrorsObservation `json:"validationErrors,omitempty" tf:"validation_errors,omitempty"` + + // (String) Which validation method to use in order to prove domain ownership. Available values: txt, http, email. Modifying this attribute will force creation of a new resource. + // Which validation method to use in order to prove domain ownership. Available values: `txt`, `http`, `email`. **Modifying this attribute will force creation of a new resource.** + ValidationMethod *string `json:"validationMethod,omitempty" tf:"validation_method,omitempty"` + + // (Block List) (see below for nested schema) + ValidationRecords []ValidationRecordsObservation `json:"validationRecords,omitempty" tf:"validation_records,omitempty"` + + // (Number) How long the certificate is valid for. Note: If using Let's Encrypt, this value can only be 90 days. Available values: 14, 30, 90, 365. Modifying this attribute will force creation of a new resource. + // How long the certificate is valid for. Note: If using Let's Encrypt, this value can only be 90 days. Available values: `14`, `30`, `90`, `365`. **Modifying this attribute will force creation of a new resource.** + ValidityDays *float64 `json:"validityDays,omitempty" tf:"validity_days,omitempty"` + + // (Boolean) Whether or not to wait for a certificate pack to reach status active during creation. Defaults to false. Modifying this attribute will force creation of a new resource. + // Whether or not to wait for a certificate pack to reach status `active` during creation. Defaults to `false`. **Modifying this attribute will force creation of a new resource.** + WaitForActiveStatus *bool `json:"waitForActiveStatus,omitempty" tf:"wait_for_active_status,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type PackParameters struct { + // (String) Which certificate authority to issue the certificate pack. Available values: digicert, lets_encrypt, google. Modifying this attribute will force creation of a new resource. // Which certificate authority to issue the certificate pack. Available values: `digicert`, `lets_encrypt`, `google`. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - CertificateAuthority *string `json:"certificateAuthority" tf:"certificate_authority,omitempty"` + // +kubebuilder:validation:Optional + CertificateAuthority *string `json:"certificateAuthority,omitempty" tf:"certificate_authority,omitempty"` + // (Boolean) Whether or not to include Cloudflare branding. This will add sni.cloudflaressl.com as the Common Name if set to true. Modifying this attribute will force creation of a new resource. // Whether or not to include Cloudflare branding. This will add `sni.cloudflaressl.com` as the Common Name if set to `true`. **Modifying this attribute will force creation of a new resource.** // +kubebuilder:validation:Optional CloudflareBranding *bool `json:"cloudflareBranding,omitempty" tf:"cloudflare_branding,omitempty"` + // (Set of String) List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let's Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. Modifying this attribute will force creation of a new resource. // List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let's Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Hosts []*string `json:"hosts" tf:"hosts,omitempty"` + // +kubebuilder:validation:Optional + // +listType=set + Hosts []*string `json:"hosts,omitempty" tf:"hosts,omitempty"` + // (String) Certificate pack configuration type. Available values: advanced. Modifying this attribute will force creation of a new resource. // Certificate pack configuration type. Available values: `advanced`. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Type *string `json:"type" tf:"type,omitempty"` + // +kubebuilder:validation:Optional + Type *string `json:"type,omitempty" tf:"type,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional ValidationErrors []ValidationErrorsParameters `json:"validationErrors,omitempty" tf:"validation_errors,omitempty"` + // (String) Which validation method to use in order to prove domain ownership. Available values: txt, http, email. Modifying this attribute will force creation of a new resource. // Which validation method to use in order to prove domain ownership. Available values: `txt`, `http`, `email`. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - ValidationMethod *string `json:"validationMethod" tf:"validation_method,omitempty"` + // +kubebuilder:validation:Optional + ValidationMethod *string `json:"validationMethod,omitempty" tf:"validation_method,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional ValidationRecords []ValidationRecordsParameters `json:"validationRecords,omitempty" tf:"validation_records,omitempty"` + // (Number) How long the certificate is valid for. Note: If using Let's Encrypt, this value can only be 90 days. Available values: 14, 30, 90, 365. Modifying this attribute will force creation of a new resource. // How long the certificate is valid for. Note: If using Let's Encrypt, this value can only be 90 days. Available values: `14`, `30`, `90`, `365`. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - ValidityDays *float64 `json:"validityDays" tf:"validity_days,omitempty"` + // +kubebuilder:validation:Optional + ValidityDays *float64 `json:"validityDays,omitempty" tf:"validity_days,omitempty"` + // (Boolean) Whether or not to wait for a certificate pack to reach status active during creation. Defaults to false. Modifying this attribute will force creation of a new resource. // Whether or not to wait for a certificate pack to reach status `active` during creation. Defaults to `false`. **Modifying this attribute will force creation of a new resource.** // +kubebuilder:validation:Optional WaitForActiveStatus *bool `json:"waitForActiveStatus,omitempty" tf:"wait_for_active_status,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -70,36 +174,93 @@ type PackParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type ValidationErrorsInitParameters struct { +} + type ValidationErrorsObservation struct { + + // (String) Message *string `json:"message,omitempty" tf:"message,omitempty"` } type ValidationErrorsParameters struct { } +type ValidationRecordsInitParameters struct { + + // (String) + CnameName *string `json:"cnameName,omitempty" tf:"cname_name,omitempty"` + + // (String) + CnameTarget *string `json:"cnameTarget,omitempty" tf:"cname_target,omitempty"` + + // (List of String) + Emails []*string `json:"emails,omitempty" tf:"emails,omitempty"` + + // (String) + HTTPBody *string `json:"httpBody,omitempty" tf:"http_body,omitempty"` + + // (String) + HTTPURL *string `json:"httpUrl,omitempty" tf:"http_url,omitempty"` + + // (String) + TxtName *string `json:"txtName,omitempty" tf:"txt_name,omitempty"` + + // (String) + TxtValue *string `json:"txtValue,omitempty" tf:"txt_value,omitempty"` +} + type ValidationRecordsObservation struct { + + // (String) + CnameName *string `json:"cnameName,omitempty" tf:"cname_name,omitempty"` + + // (String) + CnameTarget *string `json:"cnameTarget,omitempty" tf:"cname_target,omitempty"` + + // (List of String) + Emails []*string `json:"emails,omitempty" tf:"emails,omitempty"` + + // (String) + HTTPBody *string `json:"httpBody,omitempty" tf:"http_body,omitempty"` + + // (String) + HTTPURL *string `json:"httpUrl,omitempty" tf:"http_url,omitempty"` + + // (String) + TxtName *string `json:"txtName,omitempty" tf:"txt_name,omitempty"` + + // (String) + TxtValue *string `json:"txtValue,omitempty" tf:"txt_value,omitempty"` } type ValidationRecordsParameters struct { + // (String) // +kubebuilder:validation:Optional CnameName *string `json:"cnameName,omitempty" tf:"cname_name,omitempty"` + // (String) // +kubebuilder:validation:Optional CnameTarget *string `json:"cnameTarget,omitempty" tf:"cname_target,omitempty"` + // (List of String) // +kubebuilder:validation:Optional Emails []*string `json:"emails,omitempty" tf:"emails,omitempty"` + // (String) // +kubebuilder:validation:Optional HTTPBody *string `json:"httpBody,omitempty" tf:"http_body,omitempty"` + // (String) // +kubebuilder:validation:Optional HTTPURL *string `json:"httpUrl,omitempty" tf:"http_url,omitempty"` + // (String) // +kubebuilder:validation:Optional TxtName *string `json:"txtName,omitempty" tf:"txt_name,omitempty"` + // (String) // +kubebuilder:validation:Optional TxtValue *string `json:"txtValue,omitempty" tf:"txt_value,omitempty"` } @@ -108,6 +269,17 @@ type ValidationRecordsParameters struct { type PackSpec struct { v1.ResourceSpec `json:",inline"` ForProvider PackParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider PackInitParameters `json:"initProvider,omitempty"` } // PackStatus defines the observed state of Pack. @@ -117,19 +289,25 @@ type PackStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Pack is the Schema for the Packs API. +// Pack is the Schema for the Packs API. Provides a Cloudflare Certificate Pack resource that is used to provision managed TLS certificates. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Pack struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec PackSpec `json:"spec"` - Status PackStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.certificateAuthority) || (has(self.initProvider) && has(self.initProvider.certificateAuthority))",message="spec.forProvider.certificateAuthority is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.hosts) || (has(self.initProvider) && has(self.initProvider.hosts))",message="spec.forProvider.hosts is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.type) || (has(self.initProvider) && has(self.initProvider.type))",message="spec.forProvider.type is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.validationMethod) || (has(self.initProvider) && has(self.initProvider.validationMethod))",message="spec.forProvider.validationMethod is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.validityDays) || (has(self.initProvider) && has(self.initProvider.validityDays))",message="spec.forProvider.validityDays is a required parameter" + Spec PackSpec `json:"spec"` + Status PackStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/custom/v1alpha1/zz_generated.conversion_hubs.go b/apis/custom/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..aec5654 --- /dev/null +++ b/apis/custom/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,17 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Pages) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *SSL) Hub() {} diff --git a/apis/custom/v1alpha1/zz_generated.deepcopy.go b/apis/custom/v1alpha1/zz_generated.deepcopy.go index 645dc49..42e951c 100644 --- a/apis/custom/v1alpha1/zz_generated.deepcopy.go +++ b/apis/custom/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -14,9 +13,64 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CustomSSLOptionsInitParameters) DeepCopyInto(out *CustomSSLOptionsInitParameters) { + *out = *in + if in.BundleMethod != nil { + in, out := &in.BundleMethod, &out.BundleMethod + *out = new(string) + **out = **in + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(string) + **out = **in + } + if in.GeoRestrictions != nil { + in, out := &in.GeoRestrictions, &out.GeoRestrictions + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomSSLOptionsInitParameters. +func (in *CustomSSLOptionsInitParameters) DeepCopy() *CustomSSLOptionsInitParameters { + if in == nil { + return nil + } + out := new(CustomSSLOptionsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CustomSSLOptionsObservation) DeepCopyInto(out *CustomSSLOptionsObservation) { *out = *in + if in.BundleMethod != nil { + in, out := &in.BundleMethod, &out.BundleMethod + *out = new(string) + **out = **in + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(string) + **out = **in + } + if in.GeoRestrictions != nil { + in, out := &in.GeoRestrictions, &out.GeoRestrictions + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomSSLOptionsObservation. @@ -69,9 +123,44 @@ func (in *CustomSSLOptionsParameters) DeepCopy() *CustomSSLOptionsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CustomSSLPriorityInitParameters) DeepCopyInto(out *CustomSSLPriorityInitParameters) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomSSLPriorityInitParameters. +func (in *CustomSSLPriorityInitParameters) DeepCopy() *CustomSSLPriorityInitParameters { + if in == nil { + return nil + } + out := new(CustomSSLPriorityInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CustomSSLPriorityObservation) DeepCopyInto(out *CustomSSLPriorityObservation) { *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomSSLPriorityObservation. @@ -136,6 +225,66 @@ func (in *Pages) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PagesInitParameters) DeepCopyInto(out *PagesInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.State != nil { + in, out := &in.State, &out.State + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.URL != nil { + in, out := &in.URL, &out.URL + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PagesInitParameters. +func (in *PagesInitParameters) DeepCopy() *PagesInitParameters { + if in == nil { + return nil + } + out := new(PagesInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PagesList) DeepCopyInto(out *PagesList) { *out = *in @@ -171,11 +320,36 @@ func (in *PagesList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PagesObservation) DeepCopyInto(out *PagesObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.State != nil { + in, out := &in.State, &out.State + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.URL != nil { + in, out := &in.URL, &out.URL + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PagesObservation. @@ -253,6 +427,7 @@ func (in *PagesSpec) DeepCopyInto(out *PagesSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PagesSpec. @@ -309,6 +484,50 @@ func (in *SSL) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SSLInitParameters) DeepCopyInto(out *SSLInitParameters) { + *out = *in + if in.CustomSSLOptions != nil { + in, out := &in.CustomSSLOptions, &out.CustomSSLOptions + *out = make([]CustomSSLOptionsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CustomSSLPriority != nil { + in, out := &in.CustomSSLPriority, &out.CustomSSLPriority + *out = make([]CustomSSLPriorityInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SSLInitParameters. +func (in *SSLInitParameters) DeepCopy() *SSLInitParameters { + if in == nil { + return nil + } + out := new(SSLInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SSLList) DeepCopyInto(out *SSLList) { *out = *in @@ -344,6 +563,20 @@ func (in *SSLList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SSLObservation) DeepCopyInto(out *SSLObservation) { *out = *in + if in.CustomSSLOptions != nil { + in, out := &in.CustomSSLOptions, &out.CustomSSLOptions + *out = make([]CustomSSLOptionsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CustomSSLPriority != nil { + in, out := &in.CustomSSLPriority, &out.CustomSSLPriority + *out = make([]CustomSSLPriorityObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.ExpiresOn != nil { in, out := &in.ExpiresOn, &out.ExpiresOn *out = new(string) @@ -395,6 +628,11 @@ func (in *SSLObservation) DeepCopyInto(out *SSLObservation) { *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SSLObservation. @@ -456,6 +694,7 @@ func (in *SSLSpec) DeepCopyInto(out *SSLSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SSLSpec. diff --git a/apis/custom/v1alpha1/zz_generated.managed.go b/apis/custom/v1alpha1/zz_generated.managed.go index 68567fe..76f0fdf 100644 --- a/apis/custom/v1alpha1/zz_generated.managed.go +++ b/apis/custom/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Pages) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Pages. +func (mg *Pages) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Pages. func (mg *Pages) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Pages. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Pages) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Pages. func (mg *Pages) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Pages) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Pages. +func (mg *Pages) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Pages. func (mg *Pages) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Pages. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Pages) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Pages. func (mg *Pages) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *SSL) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this SSL. +func (mg *SSL) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this SSL. func (mg *SSL) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this SSL. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *SSL) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this SSL. func (mg *SSL) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *SSL) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this SSL. +func (mg *SSL) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this SSL. func (mg *SSL) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this SSL. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *SSL) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this SSL. func (mg *SSL) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/custom/v1alpha1/zz_generated.resolvers.go b/apis/custom/v1alpha1/zz_generated.resolvers.go index a251215..5da074c 100644 --- a/apis/custom/v1alpha1/zz_generated.resolvers.go +++ b/apis/custom/v1alpha1/zz_generated.resolvers.go @@ -53,6 +53,38 @@ func (mg *Pages) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -79,5 +111,21 @@ func (mg *SSL) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/custom/v1alpha1/zz_groupversion_info.go b/apis/custom/v1alpha1/zz_groupversion_info.go index e3c54e1..3c4a83e 100755 --- a/apis/custom/v1alpha1/zz_groupversion_info.go +++ b/apis/custom/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/custom/v1alpha1/zz_pages_terraformed.go b/apis/custom/v1alpha1/zz_pages_terraformed.go new file mode 100755 index 0000000..ffe8a8a --- /dev/null +++ b/apis/custom/v1alpha1/zz_pages_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Pages +func (mg *Pages) GetTerraformResourceType() string { + return "cloudflare_custom_pages" +} + +// GetConnectionDetailsMapping for this Pages +func (tr *Pages) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Pages +func (tr *Pages) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Pages +func (tr *Pages) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Pages +func (tr *Pages) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Pages +func (tr *Pages) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Pages +func (tr *Pages) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Pages +func (tr *Pages) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Pages +func (tr *Pages) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Pages using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Pages) LateInitialize(attrs []byte) (bool, error) { + params := &PagesParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Pages) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/custom/v1alpha1/zz_pages_types.go b/apis/custom/v1alpha1/zz_pages_types.go index c23d7bc..8caaf20 100755 --- a/apis/custom/v1alpha1/zz_pages_types.go +++ b/apis/custom/v1alpha1/zz_pages_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,85 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type PagesInitParameters struct { + + // The account ID where the custom pages should be + // updated. Either account_id or zone_id must be provided. If + // account_id is present, it will override the zone setting. + // The account identifier to target for the resource. Conflicts with `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // Managed state of the custom page. Must be one of + // default, customized. + State *string `json:"state,omitempty" tf:"state,omitempty"` + + // The type of custom page you wish to update. Must + // be one of basic_challenge, waf_challenge, waf_block, + // ratelimit_block, country_challenge, ip_block, under_attack, + // 500_errors, 1000_errors, always_online, managed_challenge. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // URL of where the custom page source is located. + URL *string `json:"url,omitempty" tf:"url,omitempty"` + + // The zone ID where the custom pages should be + // updated. Either zone_id or account_id must be provided. + // The zone identifier to target for the resource. Conflicts with `account_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type PagesObservation struct { + + // The account ID where the custom pages should be + // updated. Either account_id or zone_id must be provided. If + // account_id is present, it will override the zone setting. + // The account identifier to target for the resource. Conflicts with `zone_id`. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // Managed state of the custom page. Must be one of + // default, customized. + State *string `json:"state,omitempty" tf:"state,omitempty"` + + // The type of custom page you wish to update. Must + // be one of basic_challenge, waf_challenge, waf_block, + // ratelimit_block, country_challenge, ip_block, under_attack, + // 500_errors, 1000_errors, always_online, managed_challenge. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // URL of where the custom page source is located. + URL *string `json:"url,omitempty" tf:"url,omitempty"` + + // The zone ID where the custom pages should be + // updated. Either zone_id or account_id must be provided. + // The zone identifier to target for the resource. Conflicts with `account_id`. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type PagesParameters struct { + // The account ID where the custom pages should be + // updated. Either account_id or zone_id must be provided. If + // account_id is present, it will override the zone setting. // The account identifier to target for the resource. Conflicts with `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,15 +109,24 @@ type PagesParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // Managed state of the custom page. Must be one of + // default, customized. // +kubebuilder:validation:Optional State *string `json:"state,omitempty" tf:"state,omitempty"` - // +kubebuilder:validation:Required - Type *string `json:"type" tf:"type,omitempty"` + // The type of custom page you wish to update. Must + // be one of basic_challenge, waf_challenge, waf_block, + // ratelimit_block, country_challenge, ip_block, under_attack, + // 500_errors, 1000_errors, always_online, managed_challenge. + // +kubebuilder:validation:Optional + Type *string `json:"type,omitempty" tf:"type,omitempty"` - // +kubebuilder:validation:Required - URL *string `json:"url" tf:"url,omitempty"` + // URL of where the custom page source is located. + // +kubebuilder:validation:Optional + URL *string `json:"url,omitempty" tf:"url,omitempty"` + // The zone ID where the custom pages should be + // updated. Either zone_id or account_id must be provided. // The zone identifier to target for the resource. Conflicts with `account_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -59,6 +145,17 @@ type PagesParameters struct { type PagesSpec struct { v1.ResourceSpec `json:",inline"` ForProvider PagesParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider PagesInitParameters `json:"initProvider,omitempty"` } // PagesStatus defines the observed state of Pages. @@ -68,19 +165,22 @@ type PagesStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Pages is the Schema for the Pagess API. +// Pages is the Schema for the Pagess API. Provides a resource which manages Cloudflare custom pages. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Pages struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec PagesSpec `json:"spec"` - Status PagesStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.type) || (has(self.initProvider) && has(self.initProvider.type))",message="spec.forProvider.type is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.url) || (has(self.initProvider) && has(self.initProvider.url))",message="spec.forProvider.url is a required parameter" + Spec PagesSpec `json:"spec"` + Status PagesStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/custom/v1alpha1/zz_generated_terraformed.go b/apis/custom/v1alpha1/zz_ssl_terraformed.go similarity index 55% rename from apis/custom/v1alpha1/zz_generated_terraformed.go rename to apis/custom/v1alpha1/zz_ssl_terraformed.go index e764357..c83d914 100755 --- a/apis/custom/v1alpha1/zz_generated_terraformed.go +++ b/apis/custom/v1alpha1/zz_ssl_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,24 +11,25 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) -// GetTerraformResourceType returns Terraform resource type for this Pages -func (mg *Pages) GetTerraformResourceType() string { - return "cloudflare_custom_pages" +// GetTerraformResourceType returns Terraform resource type for this SSL +func (mg *SSL) GetTerraformResourceType() string { + return "cloudflare_custom_ssl" } -// GetConnectionDetailsMapping for this Pages -func (tr *Pages) GetConnectionDetailsMapping() map[string]string { - return nil +// GetConnectionDetailsMapping for this SSL +func (tr *SSL) GetConnectionDetailsMapping() map[string]string { + return map[string]string{"custom_ssl_options[*].private_key": "spec.forProvider.customSslOptions[*].privateKeySecretRef"} } -// GetObservation of this Pages -func (tr *Pages) GetObservation() (map[string]any, error) { +// GetObservation of this SSL +func (tr *SSL) GetObservation() (map[string]any, error) { o, err := json.TFParser.Marshal(tr.Status.AtProvider) if err != nil { return nil, err @@ -33,8 +38,8 @@ func (tr *Pages) GetObservation() (map[string]any, error) { return base, json.TFParser.Unmarshal(o, &base) } -// SetObservation for this Pages -func (tr *Pages) SetObservation(obs map[string]any) error { +// SetObservation for this SSL +func (tr *SSL) SetObservation(obs map[string]any) error { p, err := json.TFParser.Marshal(obs) if err != nil { return err @@ -42,16 +47,16 @@ func (tr *Pages) SetObservation(obs map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) } -// GetID returns ID of underlying Terraform resource of this Pages -func (tr *Pages) GetID() string { +// GetID returns ID of underlying Terraform resource of this SSL +func (tr *SSL) GetID() string { if tr.Status.AtProvider.ID == nil { return "" } return *tr.Status.AtProvider.ID } -// GetParameters of this Pages -func (tr *Pages) GetParameters() (map[string]any, error) { +// GetParameters of this SSL +func (tr *SSL) GetParameters() (map[string]any, error) { p, err := json.TFParser.Marshal(tr.Spec.ForProvider) if err != nil { return nil, err @@ -60,8 +65,8 @@ func (tr *Pages) GetParameters() (map[string]any, error) { return base, json.TFParser.Unmarshal(p, &base) } -// SetParameters for this Pages -func (tr *Pages) SetParameters(params map[string]any) error { +// SetParameters for this SSL +func (tr *SSL) SetParameters(params map[string]any) error { p, err := json.TFParser.Marshal(params) if err != nil { return err @@ -69,78 +74,44 @@ func (tr *Pages) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } -// LateInitialize this Pages using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Pages) LateInitialize(attrs []byte) (bool, error) { - params := &PagesParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Pages) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this SSL -func (mg *SSL) GetTerraformResourceType() string { - return "cloudflare_custom_ssl" -} - -// GetConnectionDetailsMapping for this SSL -func (tr *SSL) GetConnectionDetailsMapping() map[string]string { - return map[string]string{"custom_ssl_options[*].private_key": "spec.forProvider.customSslOptions[*].privateKeySecretRef"} -} - -// GetObservation of this SSL -func (tr *SSL) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) +// GetInitParameters of this SSL +func (tr *SSL) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) if err != nil { return nil, err } base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) + return base, json.TFParser.Unmarshal(p, &base) } -// SetObservation for this SSL -func (tr *SSL) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) +// GetInitParameters of this SSL +func (tr *SSL) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() if err != nil { - return err + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this SSL -func (tr *SSL) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" + if !shouldMergeInitProvider { + return params, nil } - return *tr.Status.AtProvider.ID -} -// GetParameters of this SSL -func (tr *SSL) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + initParams, err := tr.GetInitParameters() if err != nil { - return nil, err + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} -// SetParameters for this SSL -func (tr *SSL) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) if err != nil { - return err + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) + + return params, nil } // LateInitialize this SSL using its observed tfState. diff --git a/apis/custom/v1alpha1/zz_ssl_types.go b/apis/custom/v1alpha1/zz_ssl_types.go index fc13747..1dee4e0 100755 --- a/apis/custom/v1alpha1/zz_ssl_types.go +++ b/apis/custom/v1alpha1/zz_ssl_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,28 +17,69 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type CustomSSLOptionsInitParameters struct { + + // Method of building intermediate certificate chain. A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. Valid values are ubiquitous (default), optimal, force. + BundleMethod *string `json:"bundleMethod,omitempty" tf:"bundle_method,omitempty"` + + // Certificate certificate and the intermediate(s) + Certificate *string `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // Specifies the region where your private key can be held locally. Valid values are us, eu, highest_security. + GeoRestrictions *string `json:"geoRestrictions,omitempty" tf:"geo_restrictions,omitempty"` + + // Whether to enable support for legacy clients which do not include SNI in the TLS handshake. Valid values are legacy_custom (default), sni_custom. + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type CustomSSLOptionsObservation struct { + + // Method of building intermediate certificate chain. A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. Valid values are ubiquitous (default), optimal, force. + BundleMethod *string `json:"bundleMethod,omitempty" tf:"bundle_method,omitempty"` + + // Certificate certificate and the intermediate(s) + Certificate *string `json:"certificate,omitempty" tf:"certificate,omitempty"` + + // Specifies the region where your private key can be held locally. Valid values are us, eu, highest_security. + GeoRestrictions *string `json:"geoRestrictions,omitempty" tf:"geo_restrictions,omitempty"` + + // Whether to enable support for legacy clients which do not include SNI in the TLS handshake. Valid values are legacy_custom (default), sni_custom. + Type *string `json:"type,omitempty" tf:"type,omitempty"` } type CustomSSLOptionsParameters struct { + // Method of building intermediate certificate chain. A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. Valid values are ubiquitous (default), optimal, force. // +kubebuilder:validation:Optional BundleMethod *string `json:"bundleMethod,omitempty" tf:"bundle_method,omitempty"` + // Certificate certificate and the intermediate(s) // +kubebuilder:validation:Optional Certificate *string `json:"certificate,omitempty" tf:"certificate,omitempty"` + // Specifies the region where your private key can be held locally. Valid values are us, eu, highest_security. // +kubebuilder:validation:Optional GeoRestrictions *string `json:"geoRestrictions,omitempty" tf:"geo_restrictions,omitempty"` + // Certificate's private key // +kubebuilder:validation:Optional PrivateKeySecretRef *v1.SecretKeySelector `json:"privateKeySecretRef,omitempty" tf:"-"` + // Whether to enable support for legacy clients which do not include SNI in the TLS handshake. Valid values are legacy_custom (default), sni_custom. // +kubebuilder:validation:Optional Type *string `json:"type,omitempty" tf:"type,omitempty"` } +type CustomSSLPriorityInitParameters struct { + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` +} + type CustomSSLPriorityObservation struct { + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` } type CustomSSLPriorityParameters struct { @@ -46,7 +91,36 @@ type CustomSSLPriorityParameters struct { Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` } +type SSLInitParameters struct { + + // The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type. + // **Modifying this attribute will force creation of a new resource.** + CustomSSLOptions []CustomSSLOptionsInitParameters `json:"customSslOptions,omitempty" tf:"custom_ssl_options,omitempty"` + + CustomSSLPriority []CustomSSLPriorityInitParameters `json:"customSslPriority,omitempty" tf:"custom_ssl_priority,omitempty"` + + // The DNS zone id to the custom ssl cert should be added. + // The zone identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type SSLObservation struct { + + // The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type. + // **Modifying this attribute will force creation of a new resource.** + CustomSSLOptions []CustomSSLOptionsObservation `json:"customSslOptions,omitempty" tf:"custom_ssl_options,omitempty"` + + CustomSSLPriority []CustomSSLPriorityObservation `json:"customSslPriority,omitempty" tf:"custom_ssl_priority,omitempty"` + ExpiresOn *string `json:"expiresOn,omitempty" tf:"expires_on,omitempty"` Hosts []*string `json:"hosts,omitempty" tf:"hosts,omitempty"` @@ -64,10 +138,15 @@ type SSLObservation struct { Status *string `json:"status,omitempty" tf:"status,omitempty"` UploadedOn *string `json:"uploadedOn,omitempty" tf:"uploaded_on,omitempty"` + + // The DNS zone id to the custom ssl cert should be added. + // The zone identifier to target for the resource. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type SSLParameters struct { + // The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type. // **Modifying this attribute will force creation of a new resource.** // +kubebuilder:validation:Optional CustomSSLOptions []CustomSSLOptionsParameters `json:"customSslOptions,omitempty" tf:"custom_ssl_options,omitempty"` @@ -75,6 +154,7 @@ type SSLParameters struct { // +kubebuilder:validation:Optional CustomSSLPriority []CustomSSLPriorityParameters `json:"customSslPriority,omitempty" tf:"custom_ssl_priority,omitempty"` + // The DNS zone id to the custom ssl cert should be added. // The zone identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -93,6 +173,17 @@ type SSLParameters struct { type SSLSpec struct { v1.ResourceSpec `json:",inline"` ForProvider SSLParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider SSLInitParameters `json:"initProvider,omitempty"` } // SSLStatus defines the observed state of SSL. @@ -102,13 +193,14 @@ type SSLStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// SSL is the Schema for the SSLs API. +// SSL is the Schema for the SSLs API. Provides a Cloudflare custom SSL resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type SSL struct { metav1.TypeMeta `json:",inline"` diff --git a/apis/customhostname/v1alpha1/zz_generated_terraformed.go b/apis/customhostname/v1alpha1/zz_fallbackorigin_terraformed.go similarity index 55% rename from apis/customhostname/v1alpha1/zz_generated_terraformed.go rename to apis/customhostname/v1alpha1/zz_fallbackorigin_terraformed.go index b1b1d71..ca8a0be 100755 --- a/apis/customhostname/v1alpha1/zz_generated_terraformed.go +++ b/apis/customhostname/v1alpha1/zz_fallbackorigin_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,24 +11,25 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) -// GetTerraformResourceType returns Terraform resource type for this Hostname -func (mg *Hostname) GetTerraformResourceType() string { - return "cloudflare_custom_hostname" +// GetTerraformResourceType returns Terraform resource type for this FallbackOrigin +func (mg *FallbackOrigin) GetTerraformResourceType() string { + return "cloudflare_custom_hostname_fallback_origin" } -// GetConnectionDetailsMapping for this Hostname -func (tr *Hostname) GetConnectionDetailsMapping() map[string]string { +// GetConnectionDetailsMapping for this FallbackOrigin +func (tr *FallbackOrigin) GetConnectionDetailsMapping() map[string]string { return nil } -// GetObservation of this Hostname -func (tr *Hostname) GetObservation() (map[string]any, error) { +// GetObservation of this FallbackOrigin +func (tr *FallbackOrigin) GetObservation() (map[string]any, error) { o, err := json.TFParser.Marshal(tr.Status.AtProvider) if err != nil { return nil, err @@ -33,8 +38,8 @@ func (tr *Hostname) GetObservation() (map[string]any, error) { return base, json.TFParser.Unmarshal(o, &base) } -// SetObservation for this Hostname -func (tr *Hostname) SetObservation(obs map[string]any) error { +// SetObservation for this FallbackOrigin +func (tr *FallbackOrigin) SetObservation(obs map[string]any) error { p, err := json.TFParser.Marshal(obs) if err != nil { return err @@ -42,16 +47,16 @@ func (tr *Hostname) SetObservation(obs map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) } -// GetID returns ID of underlying Terraform resource of this Hostname -func (tr *Hostname) GetID() string { +// GetID returns ID of underlying Terraform resource of this FallbackOrigin +func (tr *FallbackOrigin) GetID() string { if tr.Status.AtProvider.ID == nil { return "" } return *tr.Status.AtProvider.ID } -// GetParameters of this Hostname -func (tr *Hostname) GetParameters() (map[string]any, error) { +// GetParameters of this FallbackOrigin +func (tr *FallbackOrigin) GetParameters() (map[string]any, error) { p, err := json.TFParser.Marshal(tr.Spec.ForProvider) if err != nil { return nil, err @@ -60,8 +65,8 @@ func (tr *Hostname) GetParameters() (map[string]any, error) { return base, json.TFParser.Unmarshal(p, &base) } -// SetParameters for this Hostname -func (tr *Hostname) SetParameters(params map[string]any) error { +// SetParameters for this FallbackOrigin +func (tr *FallbackOrigin) SetParameters(params map[string]any) error { p, err := json.TFParser.Marshal(params) if err != nil { return err @@ -69,78 +74,44 @@ func (tr *Hostname) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } -// LateInitialize this Hostname using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Hostname) LateInitialize(attrs []byte) (bool, error) { - params := &HostnameParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Hostname) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this FallbackOrigin -func (mg *FallbackOrigin) GetTerraformResourceType() string { - return "cloudflare_custom_hostname_fallback_origin" -} - -// GetConnectionDetailsMapping for this FallbackOrigin -func (tr *FallbackOrigin) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this FallbackOrigin -func (tr *FallbackOrigin) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) +// GetInitParameters of this FallbackOrigin +func (tr *FallbackOrigin) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) if err != nil { return nil, err } base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) + return base, json.TFParser.Unmarshal(p, &base) } -// SetObservation for this FallbackOrigin -func (tr *FallbackOrigin) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) +// GetInitParameters of this FallbackOrigin +func (tr *FallbackOrigin) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() if err != nil { - return err + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this FallbackOrigin -func (tr *FallbackOrigin) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" + if !shouldMergeInitProvider { + return params, nil } - return *tr.Status.AtProvider.ID -} -// GetParameters of this FallbackOrigin -func (tr *FallbackOrigin) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + initParams, err := tr.GetInitParameters() if err != nil { - return nil, err + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} -// SetParameters for this FallbackOrigin -func (tr *FallbackOrigin) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) if err != nil { - return err + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) + + return params, nil } // LateInitialize this FallbackOrigin using its observed tfState. diff --git a/apis/customhostname/v1alpha1/zz_fallbackorigin_types.go b/apis/customhostname/v1alpha1/zz_fallbackorigin_types.go index 6b86837..cdb97f4 100755 --- a/apis/customhostname/v1alpha1/zz_fallbackorigin_types.go +++ b/apis/customhostname/v1alpha1/zz_fallbackorigin_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,17 +17,46 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type FallbackOriginInitParameters struct { + + // Hostname you intend to fallback requests to. Origin must be a proxied A/AAAA/CNAME DNS record within Clouldflare. + Origin *string `json:"origin,omitempty" tf:"origin,omitempty"` + + // The DNS zone ID where the custom hostname should be assigned. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type FallbackOriginObservation struct { ID *string `json:"id,omitempty" tf:"id,omitempty"` + // Hostname you intend to fallback requests to. Origin must be a proxied A/AAAA/CNAME DNS record within Clouldflare. + Origin *string `json:"origin,omitempty" tf:"origin,omitempty"` + + // Status of the fallback origin's activation. Status *string `json:"status,omitempty" tf:"status,omitempty"` + + // The DNS zone ID where the custom hostname should be assigned. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type FallbackOriginParameters struct { - // +kubebuilder:validation:Required - Origin *string `json:"origin" tf:"origin,omitempty"` + // Hostname you intend to fallback requests to. Origin must be a proxied A/AAAA/CNAME DNS record within Clouldflare. + // +kubebuilder:validation:Optional + Origin *string `json:"origin,omitempty" tf:"origin,omitempty"` + // The DNS zone ID where the custom hostname should be assigned. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -42,6 +75,17 @@ type FallbackOriginParameters struct { type FallbackOriginSpec struct { v1.ResourceSpec `json:",inline"` ForProvider FallbackOriginParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider FallbackOriginInitParameters `json:"initProvider,omitempty"` } // FallbackOriginStatus defines the observed state of FallbackOrigin. @@ -51,19 +95,21 @@ type FallbackOriginStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// FallbackOrigin is the Schema for the FallbackOrigins API. +// FallbackOrigin is the Schema for the FallbackOrigins API. Provides a Cloudflare custom hostname fallback origin resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type FallbackOrigin struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec FallbackOriginSpec `json:"spec"` - Status FallbackOriginStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.origin) || (has(self.initProvider) && has(self.initProvider.origin))",message="spec.forProvider.origin is a required parameter" + Spec FallbackOriginSpec `json:"spec"` + Status FallbackOriginStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/customhostname/v1alpha1/zz_generated.conversion_hubs.go b/apis/customhostname/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..9520ed6 --- /dev/null +++ b/apis/customhostname/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,17 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Hostname) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *FallbackOrigin) Hub() {} diff --git a/apis/customhostname/v1alpha1/zz_generated.deepcopy.go b/apis/customhostname/v1alpha1/zz_generated.deepcopy.go index 9f5927d..ad13fe5 100644 --- a/apis/customhostname/v1alpha1/zz_generated.deepcopy.go +++ b/apis/customhostname/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,41 @@ func (in *FallbackOrigin) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FallbackOriginInitParameters) DeepCopyInto(out *FallbackOriginInitParameters) { + *out = *in + if in.Origin != nil { + in, out := &in.Origin, &out.Origin + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackOriginInitParameters. +func (in *FallbackOriginInitParameters) DeepCopy() *FallbackOriginInitParameters { + if in == nil { + return nil + } + out := new(FallbackOriginInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FallbackOriginList) DeepCopyInto(out *FallbackOriginList) { *out = *in @@ -81,11 +115,21 @@ func (in *FallbackOriginObservation) DeepCopyInto(out *FallbackOriginObservation *out = new(string) **out = **in } + if in.Origin != nil { + in, out := &in.Origin, &out.Origin + *out = new(string) + **out = **in + } if in.Status != nil { in, out := &in.Status, &out.Status *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackOriginObservation. @@ -138,6 +182,7 @@ func (in *FallbackOriginSpec) DeepCopyInto(out *FallbackOriginSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackOriginSpec. @@ -194,6 +239,79 @@ func (in *Hostname) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HostnameInitParameters) DeepCopyInto(out *HostnameInitParameters) { + *out = *in + if in.CustomMetadata != nil { + in, out := &in.CustomMetadata, &out.CustomMetadata + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.CustomOriginServer != nil { + in, out := &in.CustomOriginServer, &out.CustomOriginServer + *out = new(string) + **out = **in + } + if in.CustomOriginSni != nil { + in, out := &in.CustomOriginSni, &out.CustomOriginSni + *out = new(string) + **out = **in + } + if in.Hostname != nil { + in, out := &in.Hostname, &out.Hostname + *out = new(string) + **out = **in + } + if in.SSL != nil { + in, out := &in.SSL, &out.SSL + *out = make([]SSLInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.WaitForSSLPendingValidation != nil { + in, out := &in.WaitForSSLPendingValidation, &out.WaitForSSLPendingValidation + *out = new(bool) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostnameInitParameters. +func (in *HostnameInitParameters) DeepCopy() *HostnameInitParameters { + if in == nil { + return nil + } + out := new(HostnameInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HostnameList) DeepCopyInto(out *HostnameList) { *out = *in @@ -229,6 +347,37 @@ func (in *HostnameList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HostnameObservation) DeepCopyInto(out *HostnameObservation) { *out = *in + if in.CustomMetadata != nil { + in, out := &in.CustomMetadata, &out.CustomMetadata + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.CustomOriginServer != nil { + in, out := &in.CustomOriginServer, &out.CustomOriginServer + *out = new(string) + **out = **in + } + if in.CustomOriginSni != nil { + in, out := &in.CustomOriginSni, &out.CustomOriginSni + *out = new(string) + **out = **in + } + if in.Hostname != nil { + in, out := &in.Hostname, &out.Hostname + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) @@ -242,7 +391,8 @@ func (in *HostnameObservation) DeepCopyInto(out *HostnameObservation) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -257,7 +407,8 @@ func (in *HostnameObservation) DeepCopyInto(out *HostnameObservation) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -276,6 +427,16 @@ func (in *HostnameObservation) DeepCopyInto(out *HostnameObservation) { *out = new(string) **out = **in } + if in.WaitForSSLPendingValidation != nil { + in, out := &in.WaitForSSLPendingValidation, &out.WaitForSSLPendingValidation + *out = new(bool) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostnameObservation. @@ -299,7 +460,8 @@ func (in *HostnameParameters) DeepCopyInto(out *HostnameParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -365,6 +527,7 @@ func (in *HostnameSpec) DeepCopyInto(out *HostnameSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostnameSpec. @@ -394,14 +557,98 @@ func (in *HostnameStatus) DeepCopy() *HostnameStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SSLInitParameters) DeepCopyInto(out *SSLInitParameters) { + *out = *in + if in.CertificateAuthority != nil { + in, out := &in.CertificateAuthority, &out.CertificateAuthority + *out = new(string) + **out = **in + } + if in.CustomCertificate != nil { + in, out := &in.CustomCertificate, &out.CustomCertificate + *out = new(string) + **out = **in + } + if in.CustomKey != nil { + in, out := &in.CustomKey, &out.CustomKey + *out = new(string) + **out = **in + } + if in.Method != nil { + in, out := &in.Method, &out.Method + *out = new(string) + **out = **in + } + if in.Settings != nil { + in, out := &in.Settings, &out.Settings + *out = make([]SettingsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.Wildcard != nil { + in, out := &in.Wildcard, &out.Wildcard + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SSLInitParameters. +func (in *SSLInitParameters) DeepCopy() *SSLInitParameters { + if in == nil { + return nil + } + out := new(SSLInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SSLObservation) DeepCopyInto(out *SSLObservation) { *out = *in + if in.CertificateAuthority != nil { + in, out := &in.CertificateAuthority, &out.CertificateAuthority + *out = new(string) + **out = **in + } + if in.CustomCertificate != nil { + in, out := &in.CustomCertificate, &out.CustomCertificate + *out = new(string) + **out = **in + } + if in.CustomKey != nil { + in, out := &in.CustomKey, &out.CustomKey + *out = new(string) + **out = **in + } + if in.Method != nil { + in, out := &in.Method, &out.Method + *out = new(string) + **out = **in + } + if in.Settings != nil { + in, out := &in.Settings, &out.Settings + *out = make([]SettingsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Status != nil { in, out := &in.Status, &out.Status *out = new(string) **out = **in } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } if in.ValidationErrors != nil { in, out := &in.ValidationErrors, &out.ValidationErrors *out = make([]ValidationErrorsObservation, len(*in)) @@ -416,6 +663,11 @@ func (in *SSLObservation) DeepCopyInto(out *SSLObservation) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.Wildcard != nil { + in, out := &in.Wildcard, &out.Wildcard + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SSLObservation. @@ -480,9 +732,86 @@ func (in *SSLParameters) DeepCopy() *SSLParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SettingsInitParameters) DeepCopyInto(out *SettingsInitParameters) { + *out = *in + if in.Ciphers != nil { + in, out := &in.Ciphers, &out.Ciphers + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EarlyHints != nil { + in, out := &in.EarlyHints, &out.EarlyHints + *out = new(string) + **out = **in + } + if in.Http2 != nil { + in, out := &in.Http2, &out.Http2 + *out = new(string) + **out = **in + } + if in.MinTLSVersion != nil { + in, out := &in.MinTLSVersion, &out.MinTLSVersion + *out = new(string) + **out = **in + } + if in.Tls13 != nil { + in, out := &in.Tls13, &out.Tls13 + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsInitParameters. +func (in *SettingsInitParameters) DeepCopy() *SettingsInitParameters { + if in == nil { + return nil + } + out := new(SettingsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SettingsObservation) DeepCopyInto(out *SettingsObservation) { *out = *in + if in.Ciphers != nil { + in, out := &in.Ciphers, &out.Ciphers + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EarlyHints != nil { + in, out := &in.EarlyHints, &out.EarlyHints + *out = new(string) + **out = **in + } + if in.Http2 != nil { + in, out := &in.Http2, &out.Http2 + *out = new(string) + **out = **in + } + if in.MinTLSVersion != nil { + in, out := &in.MinTLSVersion, &out.MinTLSVersion + *out = new(string) + **out = **in + } + if in.Tls13 != nil { + in, out := &in.Tls13, &out.Tls13 + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsObservation. @@ -541,6 +870,21 @@ func (in *SettingsParameters) DeepCopy() *SettingsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ValidationErrorsInitParameters) DeepCopyInto(out *ValidationErrorsInitParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValidationErrorsInitParameters. +func (in *ValidationErrorsInitParameters) DeepCopy() *ValidationErrorsInitParameters { + if in == nil { + return nil + } + out := new(ValidationErrorsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ValidationErrorsObservation) DeepCopyInto(out *ValidationErrorsObservation) { *out = *in @@ -576,6 +920,21 @@ func (in *ValidationErrorsParameters) DeepCopy() *ValidationErrorsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ValidationRecordsInitParameters) DeepCopyInto(out *ValidationRecordsInitParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValidationRecordsInitParameters. +func (in *ValidationRecordsInitParameters) DeepCopy() *ValidationRecordsInitParameters { + if in == nil { + return nil + } + out := new(ValidationRecordsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ValidationRecordsObservation) DeepCopyInto(out *ValidationRecordsObservation) { *out = *in diff --git a/apis/customhostname/v1alpha1/zz_generated.managed.go b/apis/customhostname/v1alpha1/zz_generated.managed.go index bedff81..8bc3998 100644 --- a/apis/customhostname/v1alpha1/zz_generated.managed.go +++ b/apis/customhostname/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *FallbackOrigin) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this FallbackOrigin. +func (mg *FallbackOrigin) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this FallbackOrigin. func (mg *FallbackOrigin) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this FallbackOrigin. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *FallbackOrigin) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this FallbackOrigin. func (mg *FallbackOrigin) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *FallbackOrigin) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this FallbackOrigin. +func (mg *FallbackOrigin) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this FallbackOrigin. func (mg *FallbackOrigin) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this FallbackOrigin. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *FallbackOrigin) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this FallbackOrigin. func (mg *FallbackOrigin) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *Hostname) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Hostname. +func (mg *Hostname) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Hostname. func (mg *Hostname) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Hostname. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Hostname) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Hostname. func (mg *Hostname) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *Hostname) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Hostname. +func (mg *Hostname) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Hostname. func (mg *Hostname) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Hostname. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Hostname) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Hostname. func (mg *Hostname) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/customhostname/v1alpha1/zz_generated.resolvers.go b/apis/customhostname/v1alpha1/zz_generated.resolvers.go index 207574d..a6beb75 100644 --- a/apis/customhostname/v1alpha1/zz_generated.resolvers.go +++ b/apis/customhostname/v1alpha1/zz_generated.resolvers.go @@ -36,6 +36,22 @@ func (mg *FallbackOrigin) ResolveReferences(ctx context.Context, c client.Reader mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -62,5 +78,21 @@ func (mg *Hostname) ResolveReferences(ctx context.Context, c client.Reader) erro mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/customhostname/v1alpha1/zz_groupversion_info.go b/apis/customhostname/v1alpha1/zz_groupversion_info.go index 0f09d2b..d0f404e 100755 --- a/apis/customhostname/v1alpha1/zz_groupversion_info.go +++ b/apis/customhostname/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/customhostname/v1alpha1/zz_hostname_terraformed.go b/apis/customhostname/v1alpha1/zz_hostname_terraformed.go new file mode 100755 index 0000000..92b1dc5 --- /dev/null +++ b/apis/customhostname/v1alpha1/zz_hostname_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Hostname +func (mg *Hostname) GetTerraformResourceType() string { + return "cloudflare_custom_hostname" +} + +// GetConnectionDetailsMapping for this Hostname +func (tr *Hostname) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Hostname +func (tr *Hostname) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Hostname +func (tr *Hostname) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Hostname +func (tr *Hostname) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Hostname +func (tr *Hostname) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Hostname +func (tr *Hostname) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Hostname +func (tr *Hostname) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Hostname +func (tr *Hostname) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Hostname using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Hostname) LateInitialize(attrs []byte) (bool, error) { + params := &HostnameParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Hostname) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/customhostname/v1alpha1/zz_hostname_types.go b/apis/customhostname/v1alpha1/zz_hostname_types.go index 91c95f8..9882c7e 100755 --- a/apis/customhostname/v1alpha1/zz_hostname_types.go +++ b/apis/customhostname/v1alpha1/zz_hostname_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,47 +17,128 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type HostnameInitParameters struct { + + // (Map of String) Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. + // Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. + // +mapType=granular + CustomMetadata map[string]*string `json:"customMetadata,omitempty" tf:"custom_metadata,omitempty"` + + // (String) The custom origin server used for certificates. + // The custom origin server used for certificates. + CustomOriginServer *string `json:"customOriginServer,omitempty" tf:"custom_origin_server,omitempty"` + + // (String) The custom origin SNI used for certificates. + // The [custom origin SNI](https://developers.cloudflare.com/ssl/ssl-for-saas/hostname-specific-behavior/custom-origin) used for certificates. + CustomOriginSni *string `json:"customOriginSni,omitempty" tf:"custom_origin_sni,omitempty"` + + // (String) Hostname you intend to request a certificate for. Modifying this attribute will force creation of a new resource. + // Hostname you intend to request a certificate for. **Modifying this attribute will force creation of a new resource.** + Hostname *string `json:"hostname,omitempty" tf:"hostname,omitempty"` + + // (Block List) SSL configuration of the certificate. (see below for nested schema) + // SSL configuration of the certificate. + SSL []SSLInitParameters `json:"ssl,omitempty" tf:"ssl,omitempty"` + + // object to reach status pending_validation during creation. Defaults to false. + // Whether to wait for a custom hostname SSL sub-object to reach status `pending_validation` during creation. Defaults to `false`. + WaitForSSLPendingValidation *bool `json:"waitForSslPendingValidation,omitempty" tf:"wait_for_ssl_pending_validation,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type HostnameObservation struct { + + // (Map of String) Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. + // Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. + // +mapType=granular + CustomMetadata map[string]*string `json:"customMetadata,omitempty" tf:"custom_metadata,omitempty"` + + // (String) The custom origin server used for certificates. + // The custom origin server used for certificates. + CustomOriginServer *string `json:"customOriginServer,omitempty" tf:"custom_origin_server,omitempty"` + + // (String) The custom origin SNI used for certificates. + // The [custom origin SNI](https://developers.cloudflare.com/ssl/ssl-for-saas/hostname-specific-behavior/custom-origin) used for certificates. + CustomOriginSni *string `json:"customOriginSni,omitempty" tf:"custom_origin_sni,omitempty"` + + // (String) Hostname you intend to request a certificate for. Modifying this attribute will force creation of a new resource. + // Hostname you intend to request a certificate for. **Modifying this attribute will force creation of a new resource.** + Hostname *string `json:"hostname,omitempty" tf:"hostname,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (Map of String) + // +mapType=granular OwnershipVerification map[string]*string `json:"ownershipVerification,omitempty" tf:"ownership_verification,omitempty"` + // (Map of String) + // +mapType=granular OwnershipVerificationHTTP map[string]*string `json:"ownershipVerificationHttp,omitempty" tf:"ownership_verification_http,omitempty"` + // (Block List) SSL configuration of the certificate. (see below for nested schema) // SSL configuration of the certificate. - // +kubebuilder:validation:Optional SSL []SSLObservation `json:"ssl,omitempty" tf:"ssl,omitempty"` + // (String) Status of the certificate. // Status of the certificate. Status *string `json:"status,omitempty" tf:"status,omitempty"` + + // object to reach status pending_validation during creation. Defaults to false. + // Whether to wait for a custom hostname SSL sub-object to reach status `pending_validation` during creation. Defaults to `false`. + WaitForSSLPendingValidation *bool `json:"waitForSslPendingValidation,omitempty" tf:"wait_for_ssl_pending_validation,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type HostnameParameters struct { + // (Map of String) Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. // Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. // +kubebuilder:validation:Optional + // +mapType=granular CustomMetadata map[string]*string `json:"customMetadata,omitempty" tf:"custom_metadata,omitempty"` + // (String) The custom origin server used for certificates. // The custom origin server used for certificates. // +kubebuilder:validation:Optional CustomOriginServer *string `json:"customOriginServer,omitempty" tf:"custom_origin_server,omitempty"` + // (String) The custom origin SNI used for certificates. // The [custom origin SNI](https://developers.cloudflare.com/ssl/ssl-for-saas/hostname-specific-behavior/custom-origin) used for certificates. // +kubebuilder:validation:Optional CustomOriginSni *string `json:"customOriginSni,omitempty" tf:"custom_origin_sni,omitempty"` + // (String) Hostname you intend to request a certificate for. Modifying this attribute will force creation of a new resource. // Hostname you intend to request a certificate for. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Hostname *string `json:"hostname" tf:"hostname,omitempty"` + // +kubebuilder:validation:Optional + Hostname *string `json:"hostname,omitempty" tf:"hostname,omitempty"` + // (Block List) SSL configuration of the certificate. (see below for nested schema) // SSL configuration of the certificate. // +kubebuilder:validation:Optional SSL []SSLParameters `json:"ssl,omitempty" tf:"ssl,omitempty"` + // object to reach status pending_validation during creation. Defaults to false. // Whether to wait for a custom hostname SSL sub-object to reach status `pending_validation` during creation. Defaults to `false`. // +kubebuilder:validation:Optional WaitForSSLPendingValidation *bool `json:"waitForSslPendingValidation,omitempty" tf:"wait_for_ssl_pending_validation,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -68,90 +153,225 @@ type HostnameParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type SSLInitParameters struct { + + // (String) + CertificateAuthority *string `json:"certificateAuthority,omitempty" tf:"certificate_authority,omitempty"` + + // (String) If a custom uploaded certificate is used. + // If a custom uploaded certificate is used. + CustomCertificate *string `json:"customCertificate,omitempty" tf:"custom_certificate,omitempty"` + + // (String) The key for a custom uploaded certificate. + // The key for a custom uploaded certificate. + CustomKey *string `json:"customKey,omitempty" tf:"custom_key,omitempty"` + + // (String) Domain control validation (DCV) method used for this hostname. Available values: http, txt, email. + // Domain control validation (DCV) method used for this hostname. Available values: `http`, `txt`, `email`. + Method *string `json:"method,omitempty" tf:"method,omitempty"` + + // (Block List) SSL/TLS settings for the certificate. (see below for nested schema) + // SSL/TLS settings for the certificate. + Settings []SettingsInitParameters `json:"settings,omitempty" tf:"settings,omitempty"` + + // (String) Level of validation to be used for this hostname. Available values: dv. Defaults to dv. + // Level of validation to be used for this hostname. Available values: `dv`. Defaults to `dv`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (Boolean) Indicates whether the certificate covers a wildcard. + // Indicates whether the certificate covers a wildcard. + Wildcard *bool `json:"wildcard,omitempty" tf:"wildcard,omitempty"` +} + type SSLObservation struct { + + // (String) + CertificateAuthority *string `json:"certificateAuthority,omitempty" tf:"certificate_authority,omitempty"` + + // (String) If a custom uploaded certificate is used. + // If a custom uploaded certificate is used. + CustomCertificate *string `json:"customCertificate,omitempty" tf:"custom_certificate,omitempty"` + + // (String) The key for a custom uploaded certificate. + // The key for a custom uploaded certificate. + CustomKey *string `json:"customKey,omitempty" tf:"custom_key,omitempty"` + + // (String) Domain control validation (DCV) method used for this hostname. Available values: http, txt, email. + // Domain control validation (DCV) method used for this hostname. Available values: `http`, `txt`, `email`. + Method *string `json:"method,omitempty" tf:"method,omitempty"` + + // (Block List) SSL/TLS settings for the certificate. (see below for nested schema) + // SSL/TLS settings for the certificate. + Settings []SettingsObservation `json:"settings,omitempty" tf:"settings,omitempty"` + + // (String) Status of the certificate. Status *string `json:"status,omitempty" tf:"status,omitempty"` + // (String) Level of validation to be used for this hostname. Available values: dv. Defaults to dv. + // Level of validation to be used for this hostname. Available values: `dv`. Defaults to `dv`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (List of Object) (see below for nested schema) ValidationErrors []ValidationErrorsObservation `json:"validationErrors,omitempty" tf:"validation_errors,omitempty"` + // (List of Object) (see below for nested schema) ValidationRecords []ValidationRecordsObservation `json:"validationRecords,omitempty" tf:"validation_records,omitempty"` + + // (Boolean) Indicates whether the certificate covers a wildcard. + // Indicates whether the certificate covers a wildcard. + Wildcard *bool `json:"wildcard,omitempty" tf:"wildcard,omitempty"` } type SSLParameters struct { + // (String) // +kubebuilder:validation:Optional CertificateAuthority *string `json:"certificateAuthority,omitempty" tf:"certificate_authority,omitempty"` + // (String) If a custom uploaded certificate is used. // If a custom uploaded certificate is used. // +kubebuilder:validation:Optional CustomCertificate *string `json:"customCertificate,omitempty" tf:"custom_certificate,omitempty"` + // (String) The key for a custom uploaded certificate. // The key for a custom uploaded certificate. // +kubebuilder:validation:Optional CustomKey *string `json:"customKey,omitempty" tf:"custom_key,omitempty"` + // (String) Domain control validation (DCV) method used for this hostname. Available values: http, txt, email. // Domain control validation (DCV) method used for this hostname. Available values: `http`, `txt`, `email`. // +kubebuilder:validation:Optional Method *string `json:"method,omitempty" tf:"method,omitempty"` + // (Block List) SSL/TLS settings for the certificate. (see below for nested schema) // SSL/TLS settings for the certificate. // +kubebuilder:validation:Optional Settings []SettingsParameters `json:"settings,omitempty" tf:"settings,omitempty"` + // (String) Level of validation to be used for this hostname. Available values: dv. Defaults to dv. // Level of validation to be used for this hostname. Available values: `dv`. Defaults to `dv`. // +kubebuilder:validation:Optional Type *string `json:"type,omitempty" tf:"type,omitempty"` + // (Boolean) Indicates whether the certificate covers a wildcard. // Indicates whether the certificate covers a wildcard. // +kubebuilder:validation:Optional Wildcard *bool `json:"wildcard,omitempty" tf:"wildcard,omitempty"` } +type SettingsInitParameters struct { + + // (Set of String) List of SSL/TLS ciphers to associate with this certificate. + // List of SSL/TLS ciphers to associate with this certificate. + // +listType=set + Ciphers []*string `json:"ciphers,omitempty" tf:"ciphers,omitempty"` + + // (String) Whether early hints should be supported. Available values: on, off. + // Whether early hints should be supported. Available values: `on`, `off`. + EarlyHints *string `json:"earlyHints,omitempty" tf:"early_hints,omitempty"` + + // (String) Whether HTTP2 should be supported. Available values: on, off. + // Whether HTTP2 should be supported. Available values: `on`, `off`. + Http2 *string `json:"http2,omitempty" tf:"http2,omitempty"` + + // (String) Lowest version of TLS this certificate should support. Available values: 1.0, 1.1, 1.2, 1.3. + // Lowest version of TLS this certificate should support. Available values: `1.0`, `1.1`, `1.2`, `1.3`. + MinTLSVersion *string `json:"minTlsVersion,omitempty" tf:"min_tls_version,omitempty"` + + // (String) Whether TLSv1.3 should be supported. Available values: on, off. + // Whether TLSv1.3 should be supported. Available values: `on`, `off`. + Tls13 *string `json:"tls13,omitempty" tf:"tls13,omitempty"` +} + type SettingsObservation struct { + + // (Set of String) List of SSL/TLS ciphers to associate with this certificate. + // List of SSL/TLS ciphers to associate with this certificate. + // +listType=set + Ciphers []*string `json:"ciphers,omitempty" tf:"ciphers,omitempty"` + + // (String) Whether early hints should be supported. Available values: on, off. + // Whether early hints should be supported. Available values: `on`, `off`. + EarlyHints *string `json:"earlyHints,omitempty" tf:"early_hints,omitempty"` + + // (String) Whether HTTP2 should be supported. Available values: on, off. + // Whether HTTP2 should be supported. Available values: `on`, `off`. + Http2 *string `json:"http2,omitempty" tf:"http2,omitempty"` + + // (String) Lowest version of TLS this certificate should support. Available values: 1.0, 1.1, 1.2, 1.3. + // Lowest version of TLS this certificate should support. Available values: `1.0`, `1.1`, `1.2`, `1.3`. + MinTLSVersion *string `json:"minTlsVersion,omitempty" tf:"min_tls_version,omitempty"` + + // (String) Whether TLSv1.3 should be supported. Available values: on, off. + // Whether TLSv1.3 should be supported. Available values: `on`, `off`. + Tls13 *string `json:"tls13,omitempty" tf:"tls13,omitempty"` } type SettingsParameters struct { + // (Set of String) List of SSL/TLS ciphers to associate with this certificate. // List of SSL/TLS ciphers to associate with this certificate. // +kubebuilder:validation:Optional + // +listType=set Ciphers []*string `json:"ciphers,omitempty" tf:"ciphers,omitempty"` + // (String) Whether early hints should be supported. Available values: on, off. // Whether early hints should be supported. Available values: `on`, `off`. // +kubebuilder:validation:Optional EarlyHints *string `json:"earlyHints,omitempty" tf:"early_hints,omitempty"` + // (String) Whether HTTP2 should be supported. Available values: on, off. // Whether HTTP2 should be supported. Available values: `on`, `off`. // +kubebuilder:validation:Optional Http2 *string `json:"http2,omitempty" tf:"http2,omitempty"` + // (String) Lowest version of TLS this certificate should support. Available values: 1.0, 1.1, 1.2, 1.3. // Lowest version of TLS this certificate should support. Available values: `1.0`, `1.1`, `1.2`, `1.3`. // +kubebuilder:validation:Optional MinTLSVersion *string `json:"minTlsVersion,omitempty" tf:"min_tls_version,omitempty"` + // (String) Whether TLSv1.3 should be supported. Available values: on, off. // Whether TLSv1.3 should be supported. Available values: `on`, `off`. // +kubebuilder:validation:Optional Tls13 *string `json:"tls13,omitempty" tf:"tls13,omitempty"` } +type ValidationErrorsInitParameters struct { +} + type ValidationErrorsObservation struct { + + // (String) Message *string `json:"message,omitempty" tf:"message,omitempty"` } type ValidationErrorsParameters struct { } +type ValidationRecordsInitParameters struct { +} + type ValidationRecordsObservation struct { + + // (String) CnameName *string `json:"cnameName,omitempty" tf:"cname_name,omitempty"` + // (String) CnameTarget *string `json:"cnameTarget,omitempty" tf:"cname_target,omitempty"` + // (List of String) Emails []*string `json:"emails,omitempty" tf:"emails,omitempty"` + // (String) HTTPBody *string `json:"httpBody,omitempty" tf:"http_body,omitempty"` + // (String) HTTPURL *string `json:"httpUrl,omitempty" tf:"http_url,omitempty"` + // (String) TxtName *string `json:"txtName,omitempty" tf:"txt_name,omitempty"` + // (String) TxtValue *string `json:"txtValue,omitempty" tf:"txt_value,omitempty"` } @@ -162,6 +382,17 @@ type ValidationRecordsParameters struct { type HostnameSpec struct { v1.ResourceSpec `json:",inline"` ForProvider HostnameParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider HostnameInitParameters `json:"initProvider,omitempty"` } // HostnameStatus defines the observed state of Hostname. @@ -171,19 +402,21 @@ type HostnameStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Hostname is the Schema for the Hostnames API. +// Hostname is the Schema for the Hostnames API. Provides a Cloudflare custom hostname (also known as SSL for SaaS) resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Hostname struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec HostnameSpec `json:"spec"` - Status HostnameStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.hostname) || (has(self.initProvider) && has(self.initProvider.hostname))",message="spec.forProvider.hostname is a required parameter" + Spec HostnameSpec `json:"spec"` + Status HostnameStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/dlp/v1alpha1/zz_generated.conversion_hubs.go b/apis/dlp/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..d179420 --- /dev/null +++ b/apis/dlp/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,14 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Profile) Hub() {} diff --git a/apis/dlp/v1alpha1/zz_generated.deepcopy.go b/apis/dlp/v1alpha1/zz_generated.deepcopy.go index d1a9502..3d76659 100644 --- a/apis/dlp/v1alpha1/zz_generated.deepcopy.go +++ b/apis/dlp/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -14,9 +13,68 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EntryInitParameters) DeepCopyInto(out *EntryInitParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Pattern != nil { + in, out := &in.Pattern, &out.Pattern + *out = make([]PatternInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EntryInitParameters. +func (in *EntryInitParameters) DeepCopy() *EntryInitParameters { + if in == nil { + return nil + } + out := new(EntryInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *EntryObservation) DeepCopyInto(out *EntryObservation) { *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Pattern != nil { + in, out := &in.Pattern, &out.Pattern + *out = make([]PatternObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EntryObservation. @@ -66,9 +124,44 @@ func (in *EntryParameters) DeepCopy() *EntryParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PatternInitParameters) DeepCopyInto(out *PatternInitParameters) { + *out = *in + if in.Regex != nil { + in, out := &in.Regex, &out.Regex + *out = new(string) + **out = **in + } + if in.Validation != nil { + in, out := &in.Validation, &out.Validation + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PatternInitParameters. +func (in *PatternInitParameters) DeepCopy() *PatternInitParameters { + if in == nil { + return nil + } + out := new(PatternInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PatternObservation) DeepCopyInto(out *PatternObservation) { *out = *in + if in.Regex != nil { + in, out := &in.Regex, &out.Regex + *out = new(string) + **out = **in + } + if in.Validation != nil { + in, out := &in.Validation, &out.Validation + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PatternObservation. @@ -133,6 +226,58 @@ func (in *Profile) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ProfileInitParameters) DeepCopyInto(out *ProfileInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Entry != nil { + in, out := &in.Entry, &out.Entry + *out = make([]EntryInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProfileInitParameters. +func (in *ProfileInitParameters) DeepCopy() *ProfileInitParameters { + if in == nil { + return nil + } + out := new(ProfileInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProfileList) DeepCopyInto(out *ProfileList) { *out = *in @@ -168,11 +313,38 @@ func (in *ProfileList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProfileObservation) DeepCopyInto(out *ProfileObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Entry != nil { + in, out := &in.Entry, &out.Entry + *out = make([]EntryObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProfileObservation. @@ -242,6 +414,7 @@ func (in *ProfileSpec) DeepCopyInto(out *ProfileSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProfileSpec. diff --git a/apis/dlp/v1alpha1/zz_generated.managed.go b/apis/dlp/v1alpha1/zz_generated.managed.go index a7809a7..305835c 100644 --- a/apis/dlp/v1alpha1/zz_generated.managed.go +++ b/apis/dlp/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Profile) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Profile. +func (mg *Profile) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Profile. func (mg *Profile) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Profile. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Profile) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Profile. func (mg *Profile) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Profile) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Profile. +func (mg *Profile) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Profile. func (mg *Profile) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Profile. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Profile) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Profile. func (mg *Profile) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/dlp/v1alpha1/zz_generated.resolvers.go b/apis/dlp/v1alpha1/zz_generated.resolvers.go index d7d6b36..5237faa 100644 --- a/apis/dlp/v1alpha1/zz_generated.resolvers.go +++ b/apis/dlp/v1alpha1/zz_generated.resolvers.go @@ -36,5 +36,21 @@ func (mg *Profile) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/dlp/v1alpha1/zz_groupversion_info.go b/apis/dlp/v1alpha1/zz_groupversion_info.go index 4392082..e7983f7 100755 --- a/apis/dlp/v1alpha1/zz_groupversion_info.go +++ b/apis/dlp/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/dlp/v1alpha1/zz_generated_terraformed.go b/apis/dlp/v1alpha1/zz_profile_terraformed.go similarity index 60% rename from apis/dlp/v1alpha1/zz_generated_terraformed.go rename to apis/dlp/v1alpha1/zz_profile_terraformed.go index 54b9286..999105f 100755 --- a/apis/dlp/v1alpha1/zz_generated_terraformed.go +++ b/apis/dlp/v1alpha1/zz_profile_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this Profile @@ -69,6 +74,46 @@ func (tr *Profile) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Profile +func (tr *Profile) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Profile +func (tr *Profile) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + // LateInitialize this Profile using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Profile) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/dlp/v1alpha1/zz_profile_types.go b/apis/dlp/v1alpha1/zz_profile_types.go index f713574..f747ebb 100755 --- a/apis/dlp/v1alpha1/zz_profile_types.go +++ b/apis/dlp/v1alpha1/zz_profile_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,47 +17,160 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type EntryInitParameters struct { + + // (Boolean) Whether the entry is active. Defaults to false. + // Whether the entry is active. Defaults to `false`. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The ID of this resource. + // Unique entry identifier. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) Name of the profile. Modifying this attribute will force creation of a new resource. + // Name of the entry to deploy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + Pattern []PatternInitParameters `json:"pattern,omitempty" tf:"pattern,omitempty"` +} + type EntryObservation struct { + + // (Boolean) Whether the entry is active. Defaults to false. + // Whether the entry is active. Defaults to `false`. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The ID of this resource. + // Unique entry identifier. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) Name of the profile. Modifying this attribute will force creation of a new resource. + // Name of the entry to deploy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Block List, Max: 1) (see below for nested schema) + Pattern []PatternObservation `json:"pattern,omitempty" tf:"pattern,omitempty"` } type EntryParameters struct { + // (Boolean) Whether the entry is active. Defaults to false. // Whether the entry is active. Defaults to `false`. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // (String) The ID of this resource. // Unique entry identifier. // +kubebuilder:validation:Optional ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (String) Name of the profile. Modifying this attribute will force creation of a new resource. // Name of the entry to deploy. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` + // (Block List, Max: 1) (see below for nested schema) // +kubebuilder:validation:Optional Pattern []PatternParameters `json:"pattern,omitempty" tf:"pattern,omitempty"` } +type PatternInitParameters struct { + + // (String) The regex that defines the pattern. + // The regex that defines the pattern. + Regex *string `json:"regex,omitempty" tf:"regex,omitempty"` + + // (String) The validation algorithm to apply with this pattern. + // The validation algorithm to apply with this pattern. + Validation *string `json:"validation,omitempty" tf:"validation,omitempty"` +} + type PatternObservation struct { + + // (String) The regex that defines the pattern. + // The regex that defines the pattern. + Regex *string `json:"regex,omitempty" tf:"regex,omitempty"` + + // (String) The validation algorithm to apply with this pattern. + // The validation algorithm to apply with this pattern. + Validation *string `json:"validation,omitempty" tf:"validation,omitempty"` } type PatternParameters struct { + // (String) The regex that defines the pattern. // The regex that defines the pattern. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Regex *string `json:"regex" tf:"regex,omitempty"` + // (String) The validation algorithm to apply with this pattern. // The validation algorithm to apply with this pattern. // +kubebuilder:validation:Optional Validation *string `json:"validation,omitempty" tf:"validation,omitempty"` } +type ProfileInitParameters struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) Brief summary of the profile and its intended use. + // Brief summary of the profile and its intended use. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Block Set, Min: 1) List of entries to apply to the profile. (see below for nested schema) + // List of entries to apply to the profile. + Entry []EntryInitParameters `json:"entry,omitempty" tf:"entry,omitempty"` + + // (String) Name of the profile. Modifying this attribute will force creation of a new resource. + // Name of the profile. **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The type of the profile. Available values: custom, predefined. Modifying this attribute will force creation of a new resource. + // The type of the profile. Available values: `custom`, `predefined`. **Modifying this attribute will force creation of a new resource.** + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type ProfileObservation struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) Brief summary of the profile and its intended use. + // Brief summary of the profile and its intended use. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Block Set, Min: 1) List of entries to apply to the profile. (see below for nested schema) + // List of entries to apply to the profile. + Entry []EntryObservation `json:"entry,omitempty" tf:"entry,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) Name of the profile. Modifying this attribute will force creation of a new resource. + // Name of the profile. **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The type of the profile. Available values: custom, predefined. Modifying this attribute will force creation of a new resource. + // The type of the profile. Available values: `custom`, `predefined`. **Modifying this attribute will force creation of a new resource.** + Type *string `json:"type,omitempty" tf:"type,omitempty"` } type ProfileParameters struct { + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -67,27 +184,42 @@ type ProfileParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) Brief summary of the profile and its intended use. // Brief summary of the profile and its intended use. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (Block Set, Min: 1) List of entries to apply to the profile. (see below for nested schema) // List of entries to apply to the profile. - // +kubebuilder:validation:Required - Entry []EntryParameters `json:"entry" tf:"entry,omitempty"` + // +kubebuilder:validation:Optional + Entry []EntryParameters `json:"entry,omitempty" tf:"entry,omitempty"` + // (String) Name of the profile. Modifying this attribute will force creation of a new resource. // Name of the profile. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) The type of the profile. Available values: custom, predefined. Modifying this attribute will force creation of a new resource. // The type of the profile. Available values: `custom`, `predefined`. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Type *string `json:"type" tf:"type,omitempty"` + // +kubebuilder:validation:Optional + Type *string `json:"type,omitempty" tf:"type,omitempty"` } // ProfileSpec defines the desired state of Profile type ProfileSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ProfileParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ProfileInitParameters `json:"initProvider,omitempty"` } // ProfileStatus defines the observed state of Profile. @@ -97,19 +229,23 @@ type ProfileStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Profile is the Schema for the Profiles API. +// Profile is the Schema for the Profiles API. Provides a Cloudflare DLP Profile resource. Data Loss Prevention profiles are a set of entries that can be matched in HTTP bodies or files. They are referenced in Zero Trust Gateway rules. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Profile struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec ProfileSpec `json:"spec"` - Status ProfileStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.entry) || (has(self.initProvider) && has(self.initProvider.entry))",message="spec.forProvider.entry is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.type) || (has(self.initProvider) && has(self.initProvider.type))",message="spec.forProvider.type is a required parameter" + Spec ProfileSpec `json:"spec"` + Status ProfileStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/dns/v1alpha1/zz_generated.conversion_hubs.go b/apis/dns/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..5f86834 --- /dev/null +++ b/apis/dns/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,14 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Record) Hub() {} diff --git a/apis/dns/v1alpha1/zz_generated.deepcopy.go b/apis/dns/v1alpha1/zz_generated.deepcopy.go index 67c34b4..a6b6bc4 100644 --- a/apis/dns/v1alpha1/zz_generated.deepcopy.go +++ b/apis/dns/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -14,9 +13,414 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DataInitParameters) DeepCopyInto(out *DataInitParameters) { + *out = *in + if in.Algorithm != nil { + in, out := &in.Algorithm, &out.Algorithm + *out = new(float64) + **out = **in + } + if in.Altitude != nil { + in, out := &in.Altitude, &out.Altitude + *out = new(float64) + **out = **in + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(string) + **out = **in + } + if in.Content != nil { + in, out := &in.Content, &out.Content + *out = new(string) + **out = **in + } + if in.Digest != nil { + in, out := &in.Digest, &out.Digest + *out = new(string) + **out = **in + } + if in.DigestType != nil { + in, out := &in.DigestType, &out.DigestType + *out = new(float64) + **out = **in + } + if in.Fingerprint != nil { + in, out := &in.Fingerprint, &out.Fingerprint + *out = new(string) + **out = **in + } + if in.Flags != nil { + in, out := &in.Flags, &out.Flags + *out = new(string) + **out = **in + } + if in.KeyTag != nil { + in, out := &in.KeyTag, &out.KeyTag + *out = new(float64) + **out = **in + } + if in.LatDegrees != nil { + in, out := &in.LatDegrees, &out.LatDegrees + *out = new(float64) + **out = **in + } + if in.LatDirection != nil { + in, out := &in.LatDirection, &out.LatDirection + *out = new(string) + **out = **in + } + if in.LatMinutes != nil { + in, out := &in.LatMinutes, &out.LatMinutes + *out = new(float64) + **out = **in + } + if in.LatSeconds != nil { + in, out := &in.LatSeconds, &out.LatSeconds + *out = new(float64) + **out = **in + } + if in.LongDegrees != nil { + in, out := &in.LongDegrees, &out.LongDegrees + *out = new(float64) + **out = **in + } + if in.LongDirection != nil { + in, out := &in.LongDirection, &out.LongDirection + *out = new(string) + **out = **in + } + if in.LongMinutes != nil { + in, out := &in.LongMinutes, &out.LongMinutes + *out = new(float64) + **out = **in + } + if in.LongSeconds != nil { + in, out := &in.LongSeconds, &out.LongSeconds + *out = new(float64) + **out = **in + } + if in.MatchingType != nil { + in, out := &in.MatchingType, &out.MatchingType + *out = new(float64) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Order != nil { + in, out := &in.Order, &out.Order + *out = new(float64) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(float64) + **out = **in + } + if in.PrecisionHorz != nil { + in, out := &in.PrecisionHorz, &out.PrecisionHorz + *out = new(float64) + **out = **in + } + if in.PrecisionVert != nil { + in, out := &in.PrecisionVert, &out.PrecisionVert + *out = new(float64) + **out = **in + } + if in.Preference != nil { + in, out := &in.Preference, &out.Preference + *out = new(float64) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.Proto != nil { + in, out := &in.Proto, &out.Proto + *out = new(string) + **out = **in + } + if in.Protocol != nil { + in, out := &in.Protocol, &out.Protocol + *out = new(float64) + **out = **in + } + if in.PublicKey != nil { + in, out := &in.PublicKey, &out.PublicKey + *out = new(string) + **out = **in + } + if in.Regex != nil { + in, out := &in.Regex, &out.Regex + *out = new(string) + **out = **in + } + if in.Replacement != nil { + in, out := &in.Replacement, &out.Replacement + *out = new(string) + **out = **in + } + if in.Selector != nil { + in, out := &in.Selector, &out.Selector + *out = new(float64) + **out = **in + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(string) + **out = **in + } + if in.Size != nil { + in, out := &in.Size, &out.Size + *out = new(float64) + **out = **in + } + if in.Tag != nil { + in, out := &in.Tag, &out.Tag + *out = new(string) + **out = **in + } + if in.Target != nil { + in, out := &in.Target, &out.Target + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(float64) + **out = **in + } + if in.Usage != nil { + in, out := &in.Usage, &out.Usage + *out = new(float64) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } + if in.Weight != nil { + in, out := &in.Weight, &out.Weight + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DataInitParameters. +func (in *DataInitParameters) DeepCopy() *DataInitParameters { + if in == nil { + return nil + } + out := new(DataInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DataObservation) DeepCopyInto(out *DataObservation) { *out = *in + if in.Algorithm != nil { + in, out := &in.Algorithm, &out.Algorithm + *out = new(float64) + **out = **in + } + if in.Altitude != nil { + in, out := &in.Altitude, &out.Altitude + *out = new(float64) + **out = **in + } + if in.Certificate != nil { + in, out := &in.Certificate, &out.Certificate + *out = new(string) + **out = **in + } + if in.Content != nil { + in, out := &in.Content, &out.Content + *out = new(string) + **out = **in + } + if in.Digest != nil { + in, out := &in.Digest, &out.Digest + *out = new(string) + **out = **in + } + if in.DigestType != nil { + in, out := &in.DigestType, &out.DigestType + *out = new(float64) + **out = **in + } + if in.Fingerprint != nil { + in, out := &in.Fingerprint, &out.Fingerprint + *out = new(string) + **out = **in + } + if in.Flags != nil { + in, out := &in.Flags, &out.Flags + *out = new(string) + **out = **in + } + if in.KeyTag != nil { + in, out := &in.KeyTag, &out.KeyTag + *out = new(float64) + **out = **in + } + if in.LatDegrees != nil { + in, out := &in.LatDegrees, &out.LatDegrees + *out = new(float64) + **out = **in + } + if in.LatDirection != nil { + in, out := &in.LatDirection, &out.LatDirection + *out = new(string) + **out = **in + } + if in.LatMinutes != nil { + in, out := &in.LatMinutes, &out.LatMinutes + *out = new(float64) + **out = **in + } + if in.LatSeconds != nil { + in, out := &in.LatSeconds, &out.LatSeconds + *out = new(float64) + **out = **in + } + if in.LongDegrees != nil { + in, out := &in.LongDegrees, &out.LongDegrees + *out = new(float64) + **out = **in + } + if in.LongDirection != nil { + in, out := &in.LongDirection, &out.LongDirection + *out = new(string) + **out = **in + } + if in.LongMinutes != nil { + in, out := &in.LongMinutes, &out.LongMinutes + *out = new(float64) + **out = **in + } + if in.LongSeconds != nil { + in, out := &in.LongSeconds, &out.LongSeconds + *out = new(float64) + **out = **in + } + if in.MatchingType != nil { + in, out := &in.MatchingType, &out.MatchingType + *out = new(float64) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Order != nil { + in, out := &in.Order, &out.Order + *out = new(float64) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(float64) + **out = **in + } + if in.PrecisionHorz != nil { + in, out := &in.PrecisionHorz, &out.PrecisionHorz + *out = new(float64) + **out = **in + } + if in.PrecisionVert != nil { + in, out := &in.PrecisionVert, &out.PrecisionVert + *out = new(float64) + **out = **in + } + if in.Preference != nil { + in, out := &in.Preference, &out.Preference + *out = new(float64) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.Proto != nil { + in, out := &in.Proto, &out.Proto + *out = new(string) + **out = **in + } + if in.Protocol != nil { + in, out := &in.Protocol, &out.Protocol + *out = new(float64) + **out = **in + } + if in.PublicKey != nil { + in, out := &in.PublicKey, &out.PublicKey + *out = new(string) + **out = **in + } + if in.Regex != nil { + in, out := &in.Regex, &out.Regex + *out = new(string) + **out = **in + } + if in.Replacement != nil { + in, out := &in.Replacement, &out.Replacement + *out = new(string) + **out = **in + } + if in.Selector != nil { + in, out := &in.Selector, &out.Selector + *out = new(float64) + **out = **in + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(string) + **out = **in + } + if in.Size != nil { + in, out := &in.Size, &out.Size + *out = new(float64) + **out = **in + } + if in.Tag != nil { + in, out := &in.Tag, &out.Tag + *out = new(string) + **out = **in + } + if in.Target != nil { + in, out := &in.Target, &out.Target + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(float64) + **out = **in + } + if in.Usage != nil { + in, out := &in.Usage, &out.Usage + *out = new(float64) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } + if in.Weight != nil { + in, out := &in.Weight, &out.Weight + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DataObservation. @@ -266,6 +670,78 @@ func (in *Record) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RecordInitParameters) DeepCopyInto(out *RecordInitParameters) { + *out = *in + if in.AllowOverwrite != nil { + in, out := &in.AllowOverwrite, &out.AllowOverwrite + *out = new(bool) + **out = **in + } + if in.Data != nil { + in, out := &in.Data, &out.Data + *out = make([]DataInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.Proxied != nil { + in, out := &in.Proxied, &out.Proxied + *out = new(bool) + **out = **in + } + if in.TTL != nil { + in, out := &in.TTL, &out.TTL + *out = new(float64) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RecordInitParameters. +func (in *RecordInitParameters) DeepCopy() *RecordInitParameters { + if in == nil { + return nil + } + out := new(RecordInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RecordList) DeepCopyInto(out *RecordList) { *out = *in @@ -301,11 +777,23 @@ func (in *RecordList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RecordObservation) DeepCopyInto(out *RecordObservation) { *out = *in + if in.AllowOverwrite != nil { + in, out := &in.AllowOverwrite, &out.AllowOverwrite + *out = new(bool) + **out = **in + } if in.CreatedOn != nil { in, out := &in.CreatedOn, &out.CreatedOn *out = new(string) **out = **in } + if in.Data != nil { + in, out := &in.Data, &out.Data + *out = make([]DataObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Hostname != nil { in, out := &in.Hostname, &out.Hostname *out = new(string) @@ -324,7 +812,8 @@ func (in *RecordObservation) DeepCopyInto(out *RecordObservation) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -336,11 +825,46 @@ func (in *RecordObservation) DeepCopyInto(out *RecordObservation) { *out = new(string) **out = **in } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } if in.Proxiable != nil { in, out := &in.Proxiable, &out.Proxiable *out = new(bool) **out = **in } + if in.Proxied != nil { + in, out := &in.Proxied, &out.Proxied + *out = new(bool) + **out = **in + } + if in.TTL != nil { + in, out := &in.TTL, &out.TTL + *out = new(float64) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RecordObservation. @@ -430,6 +954,7 @@ func (in *RecordSpec) DeepCopyInto(out *RecordSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RecordSpec. diff --git a/apis/dns/v1alpha1/zz_generated.managed.go b/apis/dns/v1alpha1/zz_generated.managed.go index f346de9..3729793 100644 --- a/apis/dns/v1alpha1/zz_generated.managed.go +++ b/apis/dns/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Record) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Record. +func (mg *Record) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Record. func (mg *Record) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Record. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Record) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Record. func (mg *Record) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Record) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Record. +func (mg *Record) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Record. func (mg *Record) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Record. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Record) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Record. func (mg *Record) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/dns/v1alpha1/zz_generated.resolvers.go b/apis/dns/v1alpha1/zz_generated.resolvers.go index 55f20c4..0c788f1 100644 --- a/apis/dns/v1alpha1/zz_generated.resolvers.go +++ b/apis/dns/v1alpha1/zz_generated.resolvers.go @@ -36,5 +36,21 @@ func (mg *Record) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/dns/v1alpha1/zz_groupversion_info.go b/apis/dns/v1alpha1/zz_groupversion_info.go index 1bc16d5..2caecf6 100755 --- a/apis/dns/v1alpha1/zz_groupversion_info.go +++ b/apis/dns/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/dns/v1alpha1/zz_generated_terraformed.go b/apis/dns/v1alpha1/zz_record_terraformed.go similarity index 61% rename from apis/dns/v1alpha1/zz_generated_terraformed.go rename to apis/dns/v1alpha1/zz_record_terraformed.go index 41684db..7baad1a 100755 --- a/apis/dns/v1alpha1/zz_generated_terraformed.go +++ b/apis/dns/v1alpha1/zz_record_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this Record @@ -69,6 +74,46 @@ func (tr *Record) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Record +func (tr *Record) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Record +func (tr *Record) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + // LateInitialize this Record using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Record) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/dns/v1alpha1/zz_record_types.go b/apis/dns/v1alpha1/zz_record_types.go index 0ef9924..eff1793 100755 --- a/apis/dns/v1alpha1/zz_record_types.go +++ b/apis/dns/v1alpha1/zz_record_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,7 +17,176 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type DataInitParameters struct { + Algorithm *float64 `json:"algorithm,omitempty" tf:"algorithm,omitempty"` + + Altitude *float64 `json:"altitude,omitempty" tf:"altitude,omitempty"` + + Certificate *string `json:"certificate,omitempty" tf:"certificate,omitempty"` + + Content *string `json:"content,omitempty" tf:"content,omitempty"` + + Digest *string `json:"digest,omitempty" tf:"digest,omitempty"` + + // The type of the record + DigestType *float64 `json:"digestType,omitempty" tf:"digest_type,omitempty"` + + Fingerprint *string `json:"fingerprint,omitempty" tf:"fingerprint,omitempty"` + + Flags *string `json:"flags,omitempty" tf:"flags,omitempty"` + + KeyTag *float64 `json:"keyTag,omitempty" tf:"key_tag,omitempty"` + + LatDegrees *float64 `json:"latDegrees,omitempty" tf:"lat_degrees,omitempty"` + + LatDirection *string `json:"latDirection,omitempty" tf:"lat_direction,omitempty"` + + LatMinutes *float64 `json:"latMinutes,omitempty" tf:"lat_minutes,omitempty"` + + LatSeconds *float64 `json:"latSeconds,omitempty" tf:"lat_seconds,omitempty"` + + LongDegrees *float64 `json:"longDegrees,omitempty" tf:"long_degrees,omitempty"` + + LongDirection *string `json:"longDirection,omitempty" tf:"long_direction,omitempty"` + + LongMinutes *float64 `json:"longMinutes,omitempty" tf:"long_minutes,omitempty"` + + LongSeconds *float64 `json:"longSeconds,omitempty" tf:"long_seconds,omitempty"` + + // The type of the record + MatchingType *float64 `json:"matchingType,omitempty" tf:"matching_type,omitempty"` + + // The name of the record + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + Order *float64 `json:"order,omitempty" tf:"order,omitempty"` + + Port *float64 `json:"port,omitempty" tf:"port,omitempty"` + + PrecisionHorz *float64 `json:"precisionHorz,omitempty" tf:"precision_horz,omitempty"` + + PrecisionVert *float64 `json:"precisionVert,omitempty" tf:"precision_vert,omitempty"` + + Preference *float64 `json:"preference,omitempty" tf:"preference,omitempty"` + + // The priority of the record + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + Proto *string `json:"proto,omitempty" tf:"proto,omitempty"` + + Protocol *float64 `json:"protocol,omitempty" tf:"protocol,omitempty"` + + PublicKey *string `json:"publicKey,omitempty" tf:"public_key,omitempty"` + + Regex *string `json:"regex,omitempty" tf:"regex,omitempty"` + + Replacement *string `json:"replacement,omitempty" tf:"replacement,omitempty"` + + Selector *float64 `json:"selector,omitempty" tf:"selector,omitempty"` + + Service *string `json:"service,omitempty" tf:"service,omitempty"` + + Size *float64 `json:"size,omitempty" tf:"size,omitempty"` + + Tag *string `json:"tag,omitempty" tf:"tag,omitempty"` + + Target *string `json:"target,omitempty" tf:"target,omitempty"` + + // The type of the record + Type *float64 `json:"type,omitempty" tf:"type,omitempty"` + + Usage *float64 `json:"usage,omitempty" tf:"usage,omitempty"` + + // The (string) value of the record. Either this or data must be specified + Value *string `json:"value,omitempty" tf:"value,omitempty"` + + Weight *float64 `json:"weight,omitempty" tf:"weight,omitempty"` +} + type DataObservation struct { + Algorithm *float64 `json:"algorithm,omitempty" tf:"algorithm,omitempty"` + + Altitude *float64 `json:"altitude,omitempty" tf:"altitude,omitempty"` + + Certificate *string `json:"certificate,omitempty" tf:"certificate,omitempty"` + + Content *string `json:"content,omitempty" tf:"content,omitempty"` + + Digest *string `json:"digest,omitempty" tf:"digest,omitempty"` + + // The type of the record + DigestType *float64 `json:"digestType,omitempty" tf:"digest_type,omitempty"` + + Fingerprint *string `json:"fingerprint,omitempty" tf:"fingerprint,omitempty"` + + Flags *string `json:"flags,omitempty" tf:"flags,omitempty"` + + KeyTag *float64 `json:"keyTag,omitempty" tf:"key_tag,omitempty"` + + LatDegrees *float64 `json:"latDegrees,omitempty" tf:"lat_degrees,omitempty"` + + LatDirection *string `json:"latDirection,omitempty" tf:"lat_direction,omitempty"` + + LatMinutes *float64 `json:"latMinutes,omitempty" tf:"lat_minutes,omitempty"` + + LatSeconds *float64 `json:"latSeconds,omitempty" tf:"lat_seconds,omitempty"` + + LongDegrees *float64 `json:"longDegrees,omitempty" tf:"long_degrees,omitempty"` + + LongDirection *string `json:"longDirection,omitempty" tf:"long_direction,omitempty"` + + LongMinutes *float64 `json:"longMinutes,omitempty" tf:"long_minutes,omitempty"` + + LongSeconds *float64 `json:"longSeconds,omitempty" tf:"long_seconds,omitempty"` + + // The type of the record + MatchingType *float64 `json:"matchingType,omitempty" tf:"matching_type,omitempty"` + + // The name of the record + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + Order *float64 `json:"order,omitempty" tf:"order,omitempty"` + + Port *float64 `json:"port,omitempty" tf:"port,omitempty"` + + PrecisionHorz *float64 `json:"precisionHorz,omitempty" tf:"precision_horz,omitempty"` + + PrecisionVert *float64 `json:"precisionVert,omitempty" tf:"precision_vert,omitempty"` + + Preference *float64 `json:"preference,omitempty" tf:"preference,omitempty"` + + // The priority of the record + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + Proto *string `json:"proto,omitempty" tf:"proto,omitempty"` + + Protocol *float64 `json:"protocol,omitempty" tf:"protocol,omitempty"` + + PublicKey *string `json:"publicKey,omitempty" tf:"public_key,omitempty"` + + Regex *string `json:"regex,omitempty" tf:"regex,omitempty"` + + Replacement *string `json:"replacement,omitempty" tf:"replacement,omitempty"` + + Selector *float64 `json:"selector,omitempty" tf:"selector,omitempty"` + + Service *string `json:"service,omitempty" tf:"service,omitempty"` + + Size *float64 `json:"size,omitempty" tf:"size,omitempty"` + + Tag *string `json:"tag,omitempty" tf:"tag,omitempty"` + + Target *string `json:"target,omitempty" tf:"target,omitempty"` + + // The type of the record + Type *float64 `json:"type,omitempty" tf:"type,omitempty"` + + Usage *float64 `json:"usage,omitempty" tf:"usage,omitempty"` + + // The (string) value of the record. Either this or data must be specified + Value *string `json:"value,omitempty" tf:"value,omitempty"` + + Weight *float64 `json:"weight,omitempty" tf:"weight,omitempty"` } type DataParameters struct { @@ -33,6 +206,7 @@ type DataParameters struct { // +kubebuilder:validation:Optional Digest *string `json:"digest,omitempty" tf:"digest,omitempty"` + // The type of the record // +kubebuilder:validation:Optional DigestType *float64 `json:"digestType,omitempty" tf:"digest_type,omitempty"` @@ -69,9 +243,11 @@ type DataParameters struct { // +kubebuilder:validation:Optional LongSeconds *float64 `json:"longSeconds,omitempty" tf:"long_seconds,omitempty"` + // The type of the record // +kubebuilder:validation:Optional MatchingType *float64 `json:"matchingType,omitempty" tf:"matching_type,omitempty"` + // The name of the record // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` @@ -90,6 +266,7 @@ type DataParameters struct { // +kubebuilder:validation:Optional Preference *float64 `json:"preference,omitempty" tf:"preference,omitempty"` + // The priority of the record // +kubebuilder:validation:Optional Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` @@ -123,12 +300,14 @@ type DataParameters struct { // +kubebuilder:validation:Optional Target *string `json:"target,omitempty" tf:"target,omitempty"` + // The type of the record // +kubebuilder:validation:Optional Type *float64 `json:"type,omitempty" tf:"type,omitempty"` // +kubebuilder:validation:Optional Usage *float64 `json:"usage,omitempty" tf:"usage,omitempty"` + // The (string) value of the record. Either this or data must be specified // +kubebuilder:validation:Optional Value *string `json:"value,omitempty" tf:"value,omitempty"` @@ -136,51 +315,146 @@ type DataParameters struct { Weight *float64 `json:"weight,omitempty" tf:"weight,omitempty"` } +type RecordInitParameters struct { + + // false by default. This configuration is not recommended for most environments. + // Defaults to `false`. + AllowOverwrite *bool `json:"allowOverwrite,omitempty" tf:"allow_overwrite,omitempty"` + + // Map of attributes that constitute the record value. Primarily used for LOC and SRV record types. Either this or value must be specified + // Conflicts with `value`. + Data []DataInitParameters `json:"data,omitempty" tf:"data,omitempty"` + + // The name of the record + // **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The priority of the record + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // Whether the record gets Cloudflare's origin protection; defaults to false. + Proxied *bool `json:"proxied,omitempty" tf:"proxied,omitempty"` + + // The TTL of the record (automatic: '1') + TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` + + // The type of the record + // **Modifying this attribute will force creation of a new resource.** + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // The (string) value of the record. Either this or data must be specified + // Conflicts with `data`. + Value *string `json:"value,omitempty" tf:"value,omitempty"` + + // The DNS zone ID to add the record to + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type RecordObservation struct { + + // false by default. This configuration is not recommended for most environments. + // Defaults to `false`. + AllowOverwrite *bool `json:"allowOverwrite,omitempty" tf:"allow_overwrite,omitempty"` + + // The RFC3339 timestamp of when the record was created CreatedOn *string `json:"createdOn,omitempty" tf:"created_on,omitempty"` + // Map of attributes that constitute the record value. Primarily used for LOC and SRV record types. Either this or value must be specified + // Conflicts with `value`. + Data []DataObservation `json:"data,omitempty" tf:"data,omitempty"` + + // The FQDN of the record Hostname *string `json:"hostname,omitempty" tf:"hostname,omitempty"` + // The record ID ID *string `json:"id,omitempty" tf:"id,omitempty"` + // A key-value map of string metadata Cloudflare associates with the record + // +mapType=granular Metadata map[string]*string `json:"metadata,omitempty" tf:"metadata,omitempty"` + // The RFC3339 timestamp of when the record was last modified ModifiedOn *string `json:"modifiedOn,omitempty" tf:"modified_on,omitempty"` + // The name of the record + // **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The priority of the record + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // Shows whether this record can be proxied, must be true if setting proxied=true Proxiable *bool `json:"proxiable,omitempty" tf:"proxiable,omitempty"` + + // Whether the record gets Cloudflare's origin protection; defaults to false. + Proxied *bool `json:"proxied,omitempty" tf:"proxied,omitempty"` + + // The TTL of the record (automatic: '1') + TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` + + // The type of the record + // **Modifying this attribute will force creation of a new resource.** + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // The (string) value of the record. Either this or data must be specified + // Conflicts with `data`. + Value *string `json:"value,omitempty" tf:"value,omitempty"` + + // The DNS zone ID to add the record to + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type RecordParameters struct { + // false by default. This configuration is not recommended for most environments. // Defaults to `false`. // +kubebuilder:validation:Optional AllowOverwrite *bool `json:"allowOverwrite,omitempty" tf:"allow_overwrite,omitempty"` + // Map of attributes that constitute the record value. Primarily used for LOC and SRV record types. Either this or value must be specified // Conflicts with `value`. // +kubebuilder:validation:Optional Data []DataParameters `json:"data,omitempty" tf:"data,omitempty"` + // The name of the record // **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // The priority of the record // +kubebuilder:validation:Optional Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + // Whether the record gets Cloudflare's origin protection; defaults to false. // +kubebuilder:validation:Optional Proxied *bool `json:"proxied,omitempty" tf:"proxied,omitempty"` + // The TTL of the record (automatic: '1') // +kubebuilder:validation:Optional TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` + // The type of the record // **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Type *string `json:"type" tf:"type,omitempty"` + // +kubebuilder:validation:Optional + Type *string `json:"type,omitempty" tf:"type,omitempty"` + // The (string) value of the record. Either this or data must be specified // Conflicts with `data`. // +kubebuilder:validation:Optional Value *string `json:"value,omitempty" tf:"value,omitempty"` + // The DNS zone ID to add the record to // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -199,6 +473,17 @@ type RecordParameters struct { type RecordSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RecordParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RecordInitParameters `json:"initProvider,omitempty"` } // RecordStatus defines the observed state of Record. @@ -208,19 +493,22 @@ type RecordStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Record is the Schema for the Records API. +// Record is the Schema for the Records API. Provides a Cloudflare record resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Record struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RecordSpec `json:"spec"` - Status RecordStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.type) || (has(self.initProvider) && has(self.initProvider.type))",message="spec.forProvider.type is a required parameter" + Spec RecordSpec `json:"spec"` + Status RecordStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/emailrouting/v1alpha1/zz_address_terraformed.go b/apis/emailrouting/v1alpha1/zz_address_terraformed.go new file mode 100755 index 0000000..a3d1001 --- /dev/null +++ b/apis/emailrouting/v1alpha1/zz_address_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Address +func (mg *Address) GetTerraformResourceType() string { + return "cloudflare_email_routing_address" +} + +// GetConnectionDetailsMapping for this Address +func (tr *Address) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Address +func (tr *Address) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Address +func (tr *Address) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Address +func (tr *Address) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Address +func (tr *Address) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Address +func (tr *Address) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Address +func (tr *Address) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Address +func (tr *Address) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Address using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Address) LateInitialize(attrs []byte) (bool, error) { + params := &AddressParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Address) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/emailrouting/v1alpha1/zz_address_types.go b/apis/emailrouting/v1alpha1/zz_address_types.go index 9f63793..93e2be6 100755 --- a/apis/emailrouting/v1alpha1/zz_address_types.go +++ b/apis/emailrouting/v1alpha1/zz_address_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,25 +17,59 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type AddressInitParameters struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) The contact email address of the user. Modifying this attribute will force creation of a new resource. + // The contact email address of the user. **Modifying this attribute will force creation of a new resource.** + Email *string `json:"email,omitempty" tf:"email,omitempty"` +} + type AddressObservation struct { + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) The date and time the destination address has been created. // The date and time the destination address has been created. Created *string `json:"created,omitempty" tf:"created,omitempty"` + // (String) The contact email address of the user. Modifying this attribute will force creation of a new resource. + // The contact email address of the user. **Modifying this attribute will force creation of a new resource.** + Email *string `json:"email,omitempty" tf:"email,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (String) The date and time the destination address was last modified. // The date and time the destination address was last modified. Modified *string `json:"modified,omitempty" tf:"modified,omitempty"` + // (String) Destination address identifier. // Destination address identifier. Tag *string `json:"tag,omitempty" tf:"tag,omitempty"` + // (String) The date and time the destination address has been verified. Null means not verified yet. // The date and time the destination address has been verified. Null means not verified yet. Verified *string `json:"verified,omitempty" tf:"verified,omitempty"` } type AddressParameters struct { + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -45,15 +83,27 @@ type AddressParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) The contact email address of the user. Modifying this attribute will force creation of a new resource. // The contact email address of the user. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Email *string `json:"email" tf:"email,omitempty"` + // +kubebuilder:validation:Optional + Email *string `json:"email,omitempty" tf:"email,omitempty"` } // AddressSpec defines the desired state of Address type AddressSpec struct { v1.ResourceSpec `json:",inline"` ForProvider AddressParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider AddressInitParameters `json:"initProvider,omitempty"` } // AddressStatus defines the observed state of Address. @@ -63,19 +113,21 @@ type AddressStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Address is the Schema for the Addresss API. +// Address is the Schema for the Addresss API. Provides a resource for managing Email Routing Addresses. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Address struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec AddressSpec `json:"spec"` - Status AddressStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.email) || (has(self.initProvider) && has(self.initProvider.email))",message="spec.forProvider.email is a required parameter" + Spec AddressSpec `json:"spec"` + Status AddressStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/emailrouting/v1alpha1/zz_catchall_terraformed.go b/apis/emailrouting/v1alpha1/zz_catchall_terraformed.go new file mode 100755 index 0000000..c2a4c8e --- /dev/null +++ b/apis/emailrouting/v1alpha1/zz_catchall_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this CatchAll +func (mg *CatchAll) GetTerraformResourceType() string { + return "cloudflare_email_routing_catch_all" +} + +// GetConnectionDetailsMapping for this CatchAll +func (tr *CatchAll) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this CatchAll +func (tr *CatchAll) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this CatchAll +func (tr *CatchAll) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this CatchAll +func (tr *CatchAll) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this CatchAll +func (tr *CatchAll) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this CatchAll +func (tr *CatchAll) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this CatchAll +func (tr *CatchAll) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this CatchAll +func (tr *CatchAll) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this CatchAll using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *CatchAll) LateInitialize(attrs []byte) (bool, error) { + params := &CatchAllParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *CatchAll) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/emailrouting/v1alpha1/zz_catchall_types.go b/apis/emailrouting/v1alpha1/zz_catchall_types.go index 2806b78..36744b0 100755 --- a/apis/emailrouting/v1alpha1/zz_catchall_types.go +++ b/apis/emailrouting/v1alpha1/zz_catchall_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,45 +17,126 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ActionInitParameters struct { + + // (String) Type of supported action. Available values: drop, forward, worker. + // Type of supported action. Available values: `drop`, `forward`, `worker`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (List of String) A list with items in the following form. + // A list with items in the following form. + Value []*string `json:"value,omitempty" tf:"value,omitempty"` +} + type ActionObservation struct { + + // (String) Type of supported action. Available values: drop, forward, worker. + // Type of supported action. Available values: `drop`, `forward`, `worker`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (List of String) A list with items in the following form. + // A list with items in the following form. + Value []*string `json:"value,omitempty" tf:"value,omitempty"` } type ActionParameters struct { + // (String) Type of supported action. Available values: drop, forward, worker. // Type of supported action. Available values: `drop`, `forward`, `worker`. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Type *string `json:"type" tf:"type,omitempty"` + // (List of String) A list with items in the following form. // A list with items in the following form. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Value []*string `json:"value" tf:"value,omitempty"` } +type CatchAllInitParameters struct { + + // (Block Set, Min: 1) List actions patterns. (see below for nested schema) + // List actions patterns. + Action []ActionInitParameters `json:"action,omitempty" tf:"action,omitempty"` + + // (Boolean) Routing rule status. + // Routing rule status. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema) + // Matching patterns to forward to your actions. + Matcher []MatcherInitParameters `json:"matcher,omitempty" tf:"matcher,omitempty"` + + // (String) Routing rule name. + // Routing rule name. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The zone identifier to target for the resource. + // The zone identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type CatchAllObservation struct { + + // (Block Set, Min: 1) List actions patterns. (see below for nested schema) + // List actions patterns. + Action []ActionObservation `json:"action,omitempty" tf:"action,omitempty"` + + // (Boolean) Routing rule status. + // Routing rule status. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema) + // Matching patterns to forward to your actions. + Matcher []MatcherObservation `json:"matcher,omitempty" tf:"matcher,omitempty"` + + // (String) Routing rule name. + // Routing rule name. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) Routing rule identifier. // Routing rule identifier. Tag *string `json:"tag,omitempty" tf:"tag,omitempty"` + + // (String) The zone identifier to target for the resource. + // The zone identifier to target for the resource. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type CatchAllParameters struct { + // (Block Set, Min: 1) List actions patterns. (see below for nested schema) // List actions patterns. - // +kubebuilder:validation:Required - Action []ActionParameters `json:"action" tf:"action,omitempty"` + // +kubebuilder:validation:Optional + Action []ActionParameters `json:"action,omitempty" tf:"action,omitempty"` + // (Boolean) Routing rule status. // Routing rule status. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // (Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema) // Matching patterns to forward to your actions. - // +kubebuilder:validation:Required - Matcher []MatcherParameters `json:"matcher" tf:"matcher,omitempty"` + // +kubebuilder:validation:Optional + Matcher []MatcherParameters `json:"matcher,omitempty" tf:"matcher,omitempty"` + // (String) Routing rule name. // Routing rule name. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) The zone identifier to target for the resource. // The zone identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -66,13 +151,25 @@ type CatchAllParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type MatcherInitParameters struct { + + // (String) Type of supported action. Available values: drop, forward, worker. + // Type of matcher. Available values: `all`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type MatcherObservation struct { + + // (String) Type of supported action. Available values: drop, forward, worker. + // Type of matcher. Available values: `all`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` } type MatcherParameters struct { + // (String) Type of supported action. Available values: drop, forward, worker. // Type of matcher. Available values: `all`. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Type *string `json:"type" tf:"type,omitempty"` } @@ -80,6 +177,17 @@ type MatcherParameters struct { type CatchAllSpec struct { v1.ResourceSpec `json:",inline"` ForProvider CatchAllParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider CatchAllInitParameters `json:"initProvider,omitempty"` } // CatchAllStatus defines the observed state of CatchAll. @@ -89,19 +197,23 @@ type CatchAllStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// CatchAll is the Schema for the CatchAlls API. +// CatchAll is the Schema for the CatchAlls API. Provides a resource for managing Email Routing Addresses catch all behaviour. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type CatchAll struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec CatchAllSpec `json:"spec"` - Status CatchAllStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.action) || (has(self.initProvider) && has(self.initProvider.action))",message="spec.forProvider.action is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.matcher) || (has(self.initProvider) && has(self.initProvider.matcher))",message="spec.forProvider.matcher is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec CatchAllSpec `json:"spec"` + Status CatchAllStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/emailrouting/v1alpha1/zz_generated.conversion_hubs.go b/apis/emailrouting/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..b3bf31c --- /dev/null +++ b/apis/emailrouting/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,23 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Address) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *CatchAll) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Rule) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Settings) Hub() {} diff --git a/apis/emailrouting/v1alpha1/zz_generated.deepcopy.go b/apis/emailrouting/v1alpha1/zz_generated.deepcopy.go index 2089dbb..6d3efb2 100644 --- a/apis/emailrouting/v1alpha1/zz_generated.deepcopy.go +++ b/apis/emailrouting/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -14,9 +13,56 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActionInitParameters) DeepCopyInto(out *ActionInitParameters) { + *out = *in + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionInitParameters. +func (in *ActionInitParameters) DeepCopy() *ActionInitParameters { + if in == nil { + return nil + } + out := new(ActionInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ActionObservation) DeepCopyInto(out *ActionObservation) { *out = *in + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionObservation. @@ -87,6 +133,41 @@ func (in *Address) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AddressInitParameters) DeepCopyInto(out *AddressInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AddressInitParameters. +func (in *AddressInitParameters) DeepCopy() *AddressInitParameters { + if in == nil { + return nil + } + out := new(AddressInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AddressList) DeepCopyInto(out *AddressList) { *out = *in @@ -122,11 +203,21 @@ func (in *AddressList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AddressObservation) DeepCopyInto(out *AddressObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } if in.Created != nil { in, out := &in.Created, &out.Created *out = new(string) **out = **in } + if in.Email != nil { + in, out := &in.Email, &out.Email + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) @@ -199,6 +290,7 @@ func (in *AddressSpec) DeepCopyInto(out *AddressSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AddressSpec. @@ -255,6 +347,60 @@ func (in *CatchAll) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CatchAllInitParameters) DeepCopyInto(out *CatchAllInitParameters) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = make([]ActionInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Matcher != nil { + in, out := &in.Matcher, &out.Matcher + *out = make([]MatcherInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CatchAllInitParameters. +func (in *CatchAllInitParameters) DeepCopy() *CatchAllInitParameters { + if in == nil { + return nil + } + out := new(CatchAllInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CatchAllList) DeepCopyInto(out *CatchAllList) { *out = *in @@ -290,16 +436,45 @@ func (in *CatchAllList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CatchAllObservation) DeepCopyInto(out *CatchAllObservation) { *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = make([]ActionObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Matcher != nil { + in, out := &in.Matcher, &out.Matcher + *out = make([]MatcherObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } if in.Tag != nil { in, out := &in.Tag, &out.Tag *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CatchAllObservation. @@ -371,6 +546,7 @@ func (in *CatchAllSpec) DeepCopyInto(out *CatchAllSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CatchAllSpec. @@ -400,9 +576,34 @@ func (in *CatchAllStatus) DeepCopy() *CatchAllStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatcherInitParameters) DeepCopyInto(out *MatcherInitParameters) { + *out = *in + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatcherInitParameters. +func (in *MatcherInitParameters) DeepCopy() *MatcherInitParameters { + if in == nil { + return nil + } + out := new(MatcherInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MatcherObservation) DeepCopyInto(out *MatcherObservation) { *out = *in + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatcherObservation. @@ -462,9 +663,56 @@ func (in *Rule) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RuleActionInitParameters) DeepCopyInto(out *RuleActionInitParameters) { + *out = *in + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleActionInitParameters. +func (in *RuleActionInitParameters) DeepCopy() *RuleActionInitParameters { + if in == nil { + return nil + } + out := new(RuleActionInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleActionObservation) DeepCopyInto(out *RuleActionObservation) { *out = *in + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleActionObservation. @@ -508,6 +756,65 @@ func (in *RuleActionParameters) DeepCopy() *RuleActionParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RuleInitParameters) DeepCopyInto(out *RuleInitParameters) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = make([]RuleActionInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Matcher != nil { + in, out := &in.Matcher, &out.Matcher + *out = make([]RuleMatcherInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleInitParameters. +func (in *RuleInitParameters) DeepCopy() *RuleInitParameters { + if in == nil { + return nil + } + out := new(RuleInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleList) DeepCopyInto(out *RuleList) { *out = *in @@ -540,9 +847,54 @@ func (in *RuleList) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RuleMatcherInitParameters) DeepCopyInto(out *RuleMatcherInitParameters) { + *out = *in + if in.Field != nil { + in, out := &in.Field, &out.Field + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleMatcherInitParameters. +func (in *RuleMatcherInitParameters) DeepCopy() *RuleMatcherInitParameters { + if in == nil { + return nil + } + out := new(RuleMatcherInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleMatcherObservation) DeepCopyInto(out *RuleMatcherObservation) { *out = *in + if in.Field != nil { + in, out := &in.Field, &out.Field + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleMatcherObservation. @@ -588,16 +940,50 @@ func (in *RuleMatcherParameters) DeepCopy() *RuleMatcherParameters { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleObservation) DeepCopyInto(out *RuleObservation) { *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = make([]RuleActionObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Matcher != nil { + in, out := &in.Matcher, &out.Matcher + *out = make([]RuleMatcherObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } if in.Tag != nil { in, out := &in.Tag, &out.Tag *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleObservation. @@ -674,6 +1060,7 @@ func (in *RuleSpec) DeepCopyInto(out *RuleSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleSpec. @@ -730,6 +1117,46 @@ func (in *Settings) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SettingsInitParameters) DeepCopyInto(out *SettingsInitParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.SkipWizard != nil { + in, out := &in.SkipWizard, &out.SkipWizard + *out = new(bool) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsInitParameters. +func (in *SettingsInitParameters) DeepCopy() *SettingsInitParameters { + if in == nil { + return nil + } + out := new(SettingsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SettingsList) DeepCopyInto(out *SettingsList) { *out = *in @@ -770,6 +1197,11 @@ func (in *SettingsObservation) DeepCopyInto(out *SettingsObservation) { *out = new(string) **out = **in } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) @@ -785,6 +1217,11 @@ func (in *SettingsObservation) DeepCopyInto(out *SettingsObservation) { *out = new(string) **out = **in } + if in.SkipWizard != nil { + in, out := &in.SkipWizard, &out.SkipWizard + *out = new(bool) + **out = **in + } if in.Status != nil { in, out := &in.Status, &out.Status *out = new(string) @@ -795,6 +1232,11 @@ func (in *SettingsObservation) DeepCopyInto(out *SettingsObservation) { *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsObservation. @@ -852,6 +1294,7 @@ func (in *SettingsSpec) DeepCopyInto(out *SettingsSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsSpec. diff --git a/apis/emailrouting/v1alpha1/zz_generated.managed.go b/apis/emailrouting/v1alpha1/zz_generated.managed.go index d40dee5..2989f86 100644 --- a/apis/emailrouting/v1alpha1/zz_generated.managed.go +++ b/apis/emailrouting/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Address) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Address. +func (mg *Address) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Address. func (mg *Address) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Address. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Address) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Address. func (mg *Address) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Address) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Address. +func (mg *Address) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Address. func (mg *Address) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Address. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Address) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Address. func (mg *Address) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *CatchAll) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this CatchAll. +func (mg *CatchAll) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this CatchAll. func (mg *CatchAll) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this CatchAll. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *CatchAll) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this CatchAll. func (mg *CatchAll) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *CatchAll) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this CatchAll. +func (mg *CatchAll) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this CatchAll. func (mg *CatchAll) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this CatchAll. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *CatchAll) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this CatchAll. func (mg *CatchAll) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -149,19 +137,16 @@ func (mg *Rule) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Rule. +func (mg *Rule) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Rule. func (mg *Rule) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Rule. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Rule) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Rule. func (mg *Rule) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -182,19 +167,16 @@ func (mg *Rule) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Rule. +func (mg *Rule) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Rule. func (mg *Rule) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Rule. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Rule) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Rule. func (mg *Rule) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -215,19 +197,16 @@ func (mg *Settings) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Settings. +func (mg *Settings) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Settings. func (mg *Settings) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Settings. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Settings) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Settings. func (mg *Settings) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -248,19 +227,16 @@ func (mg *Settings) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Settings. +func (mg *Settings) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Settings. func (mg *Settings) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Settings. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Settings) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Settings. func (mg *Settings) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/emailrouting/v1alpha1/zz_generated.resolvers.go b/apis/emailrouting/v1alpha1/zz_generated.resolvers.go index a5475da..5920a77 100644 --- a/apis/emailrouting/v1alpha1/zz_generated.resolvers.go +++ b/apis/emailrouting/v1alpha1/zz_generated.resolvers.go @@ -37,6 +37,22 @@ func (mg *Address) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -63,6 +79,22 @@ func (mg *CatchAll) ResolveReferences(ctx context.Context, c client.Reader) erro mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -89,6 +121,22 @@ func (mg *Rule) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -115,5 +163,21 @@ func (mg *Settings) ResolveReferences(ctx context.Context, c client.Reader) erro mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/emailrouting/v1alpha1/zz_generated_terraformed.go b/apis/emailrouting/v1alpha1/zz_generated_terraformed.go deleted file mode 100755 index 68bf9f2..0000000 --- a/apis/emailrouting/v1alpha1/zz_generated_terraformed.go +++ /dev/null @@ -1,310 +0,0 @@ -/* -Copyright 2022 Upbound Inc. -*/ - -// Code generated by upjet. DO NOT EDIT. - -package v1alpha1 - -import ( - "github.com/pkg/errors" - - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" -) - -// GetTerraformResourceType returns Terraform resource type for this Address -func (mg *Address) GetTerraformResourceType() string { - return "cloudflare_email_routing_address" -} - -// GetConnectionDetailsMapping for this Address -func (tr *Address) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Address -func (tr *Address) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Address -func (tr *Address) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Address -func (tr *Address) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Address -func (tr *Address) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Address -func (tr *Address) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Address using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Address) LateInitialize(attrs []byte) (bool, error) { - params := &AddressParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Address) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this CatchAll -func (mg *CatchAll) GetTerraformResourceType() string { - return "cloudflare_email_routing_catch_all" -} - -// GetConnectionDetailsMapping for this CatchAll -func (tr *CatchAll) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this CatchAll -func (tr *CatchAll) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this CatchAll -func (tr *CatchAll) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this CatchAll -func (tr *CatchAll) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this CatchAll -func (tr *CatchAll) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this CatchAll -func (tr *CatchAll) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this CatchAll using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *CatchAll) LateInitialize(attrs []byte) (bool, error) { - params := &CatchAllParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *CatchAll) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Rule -func (mg *Rule) GetTerraformResourceType() string { - return "cloudflare_email_routing_rule" -} - -// GetConnectionDetailsMapping for this Rule -func (tr *Rule) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Rule -func (tr *Rule) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Rule -func (tr *Rule) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Rule -func (tr *Rule) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Rule -func (tr *Rule) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Rule -func (tr *Rule) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Rule using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Rule) LateInitialize(attrs []byte) (bool, error) { - params := &RuleParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Rule) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Settings -func (mg *Settings) GetTerraformResourceType() string { - return "cloudflare_email_routing_settings" -} - -// GetConnectionDetailsMapping for this Settings -func (tr *Settings) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Settings -func (tr *Settings) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Settings -func (tr *Settings) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Settings -func (tr *Settings) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Settings -func (tr *Settings) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Settings -func (tr *Settings) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Settings using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Settings) LateInitialize(attrs []byte) (bool, error) { - params := &SettingsParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Settings) GetTerraformSchemaVersion() int { - return 0 -} diff --git a/apis/emailrouting/v1alpha1/zz_groupversion_info.go b/apis/emailrouting/v1alpha1/zz_groupversion_info.go index c708b76..dc7e38a 100755 --- a/apis/emailrouting/v1alpha1/zz_groupversion_info.go +++ b/apis/emailrouting/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/emailrouting/v1alpha1/zz_rule_terraformed.go b/apis/emailrouting/v1alpha1/zz_rule_terraformed.go new file mode 100755 index 0000000..b63158c --- /dev/null +++ b/apis/emailrouting/v1alpha1/zz_rule_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Rule +func (mg *Rule) GetTerraformResourceType() string { + return "cloudflare_email_routing_rule" +} + +// GetConnectionDetailsMapping for this Rule +func (tr *Rule) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Rule +func (tr *Rule) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Rule +func (tr *Rule) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Rule +func (tr *Rule) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Rule +func (tr *Rule) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Rule +func (tr *Rule) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Rule +func (tr *Rule) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Rule +func (tr *Rule) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Rule using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Rule) LateInitialize(attrs []byte) (bool, error) { + params := &RuleParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Rule) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/emailrouting/v1alpha1/zz_rule_types.go b/apis/emailrouting/v1alpha1/zz_rule_types.go index 8cabeb6..9cc9d97 100755 --- a/apis/emailrouting/v1alpha1/zz_rule_types.go +++ b/apis/emailrouting/v1alpha1/zz_rule_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,67 +17,187 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type RuleActionInitParameters struct { + + // (String) Type of supported action. + // Type of supported action. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (List of String) An array with items in the following form. + // An array with items in the following form. + Value []*string `json:"value,omitempty" tf:"value,omitempty"` +} + type RuleActionObservation struct { + + // (String) Type of supported action. + // Type of supported action. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (List of String) An array with items in the following form. + // An array with items in the following form. + Value []*string `json:"value,omitempty" tf:"value,omitempty"` } type RuleActionParameters struct { + // (String) Type of supported action. // Type of supported action. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Type *string `json:"type" tf:"type,omitempty"` + // (List of String) An array with items in the following form. // An array with items in the following form. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Value []*string `json:"value" tf:"value,omitempty"` } +type RuleInitParameters struct { + + // (Block Set, Min: 1) List actions patterns. (see below for nested schema) + // List actions patterns. + Action []RuleActionInitParameters `json:"action,omitempty" tf:"action,omitempty"` + + // (Boolean) Routing rule status. + // Routing rule status. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema) + // Matching patterns to forward to your actions. + Matcher []RuleMatcherInitParameters `json:"matcher,omitempty" tf:"matcher,omitempty"` + + // (String) Routing rule name. + // Routing rule name. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Number) Priority of the routing rule. + // Priority of the routing rule. + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // (String) The zone identifier to target for the resource. + // The zone identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + +type RuleMatcherInitParameters struct { + + // (String) Field for type matcher. + // Field for type matcher. + Field *string `json:"field,omitempty" tf:"field,omitempty"` + + // (String) Type of supported action. + // Type of matcher. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (List of String) An array with items in the following form. + // Value for matcher. + Value *string `json:"value,omitempty" tf:"value,omitempty"` +} + type RuleMatcherObservation struct { + + // (String) Field for type matcher. + // Field for type matcher. + Field *string `json:"field,omitempty" tf:"field,omitempty"` + + // (String) Type of supported action. + // Type of matcher. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (List of String) An array with items in the following form. + // Value for matcher. + Value *string `json:"value,omitempty" tf:"value,omitempty"` } type RuleMatcherParameters struct { + // (String) Field for type matcher. // Field for type matcher. // +kubebuilder:validation:Optional Field *string `json:"field,omitempty" tf:"field,omitempty"` + // (String) Type of supported action. // Type of matcher. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Type *string `json:"type" tf:"type,omitempty"` + // (List of String) An array with items in the following form. // Value for matcher. // +kubebuilder:validation:Optional Value *string `json:"value,omitempty" tf:"value,omitempty"` } type RuleObservation struct { + + // (Block Set, Min: 1) List actions patterns. (see below for nested schema) + // List actions patterns. + Action []RuleActionObservation `json:"action,omitempty" tf:"action,omitempty"` + + // (Boolean) Routing rule status. + // Routing rule status. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema) + // Matching patterns to forward to your actions. + Matcher []RuleMatcherObservation `json:"matcher,omitempty" tf:"matcher,omitempty"` + + // (String) Routing rule name. + // Routing rule name. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Number) Priority of the routing rule. + // Priority of the routing rule. + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // (String) Routing rule identifier. // Routing rule identifier. Tag *string `json:"tag,omitempty" tf:"tag,omitempty"` + + // (String) The zone identifier to target for the resource. + // The zone identifier to target for the resource. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type RuleParameters struct { + // (Block Set, Min: 1) List actions patterns. (see below for nested schema) // List actions patterns. - // +kubebuilder:validation:Required - Action []RuleActionParameters `json:"action" tf:"action,omitempty"` + // +kubebuilder:validation:Optional + Action []RuleActionParameters `json:"action,omitempty" tf:"action,omitempty"` + // (Boolean) Routing rule status. // Routing rule status. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // (Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema) // Matching patterns to forward to your actions. - // +kubebuilder:validation:Required - Matcher []RuleMatcherParameters `json:"matcher" tf:"matcher,omitempty"` + // +kubebuilder:validation:Optional + Matcher []RuleMatcherParameters `json:"matcher,omitempty" tf:"matcher,omitempty"` + // (String) Routing rule name. // Routing rule name. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (Number) Priority of the routing rule. // Priority of the routing rule. // +kubebuilder:validation:Optional Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + // (String) The zone identifier to target for the resource. // The zone identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -92,6 +216,17 @@ type RuleParameters struct { type RuleSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RuleParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RuleInitParameters `json:"initProvider,omitempty"` } // RuleStatus defines the observed state of Rule. @@ -101,19 +236,23 @@ type RuleStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Rule is the Schema for the Rules API. +// Rule is the Schema for the Rules API. Provides a resource for managing Email Routing rules. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Rule struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RuleSpec `json:"spec"` - Status RuleStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.action) || (has(self.initProvider) && has(self.initProvider.action))",message="spec.forProvider.action is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.matcher) || (has(self.initProvider) && has(self.initProvider.matcher))",message="spec.forProvider.matcher is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec RuleSpec `json:"spec"` + Status RuleStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/emailrouting/v1alpha1/zz_settings_terraformed.go b/apis/emailrouting/v1alpha1/zz_settings_terraformed.go new file mode 100755 index 0000000..56f6831 --- /dev/null +++ b/apis/emailrouting/v1alpha1/zz_settings_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Settings +func (mg *Settings) GetTerraformResourceType() string { + return "cloudflare_email_routing_settings" +} + +// GetConnectionDetailsMapping for this Settings +func (tr *Settings) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Settings +func (tr *Settings) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Settings +func (tr *Settings) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Settings +func (tr *Settings) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Settings +func (tr *Settings) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Settings +func (tr *Settings) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Settings +func (tr *Settings) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Settings +func (tr *Settings) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Settings using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Settings) LateInitialize(attrs []byte) (bool, error) { + params := &SettingsParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Settings) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/emailrouting/v1alpha1/zz_settings_types.go b/apis/emailrouting/v1alpha1/zz_settings_types.go index 4051a3e..b8c12df 100755 --- a/apis/emailrouting/v1alpha1/zz_settings_types.go +++ b/apis/emailrouting/v1alpha1/zz_settings_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,36 +17,81 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type SettingsInitParameters struct { + + // (Boolean) State of the zone settings for Email Routing. Modifying this attribute will force creation of a new resource. + // State of the zone settings for Email Routing. **Modifying this attribute will force creation of a new resource.** + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (Boolean) Flag to check if the user skipped the configuration wizard. + // Flag to check if the user skipped the configuration wizard. + SkipWizard *bool `json:"skipWizard,omitempty" tf:"skip_wizard,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type SettingsObservation struct { + // (String) The date and time the settings have been created. // The date and time the settings have been created. Created *string `json:"created,omitempty" tf:"created,omitempty"` + // (Boolean) State of the zone settings for Email Routing. Modifying this attribute will force creation of a new resource. + // State of the zone settings for Email Routing. **Modifying this attribute will force creation of a new resource.** + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (String) The date and time the settings have been modified. // The date and time the settings have been modified. Modified *string `json:"modified,omitempty" tf:"modified,omitempty"` + // (String) Domain of your zone. // Domain of your zone. Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (Boolean) Flag to check if the user skipped the configuration wizard. + // Flag to check if the user skipped the configuration wizard. + SkipWizard *bool `json:"skipWizard,omitempty" tf:"skip_wizard,omitempty"` + + // (String) Show the state of your account, and the type or configuration error. // Show the state of your account, and the type or configuration error. Status *string `json:"status,omitempty" tf:"status,omitempty"` + // (String) Email Routing settings identifier. // Email Routing settings identifier. Tag *string `json:"tag,omitempty" tf:"tag,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type SettingsParameters struct { + // (Boolean) State of the zone settings for Email Routing. Modifying this attribute will force creation of a new resource. // State of the zone settings for Email Routing. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Enabled *bool `json:"enabled" tf:"enabled,omitempty"` + // +kubebuilder:validation:Optional + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // (Boolean) Flag to check if the user skipped the configuration wizard. // Flag to check if the user skipped the configuration wizard. // +kubebuilder:validation:Optional SkipWizard *bool `json:"skipWizard,omitempty" tf:"skip_wizard,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -61,6 +110,17 @@ type SettingsParameters struct { type SettingsSpec struct { v1.ResourceSpec `json:",inline"` ForProvider SettingsParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider SettingsInitParameters `json:"initProvider,omitempty"` } // SettingsStatus defines the observed state of Settings. @@ -70,19 +130,21 @@ type SettingsStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Settings is the Schema for the Settingss API. +// Settings is the Schema for the Settingss API. Provides a resource for managing Email Routing settings. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Settings struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec SettingsSpec `json:"spec"` - Status SettingsStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.enabled) || (has(self.initProvider) && has(self.initProvider.enabled))",message="spec.forProvider.enabled is a required parameter" + Spec SettingsSpec `json:"spec"` + Status SettingsStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/filters/v1alpha1/zz_generated_terraformed.go b/apis/filters/v1alpha1/zz_filter_terraformed.go similarity index 60% rename from apis/filters/v1alpha1/zz_generated_terraformed.go rename to apis/filters/v1alpha1/zz_filter_terraformed.go index 08933a7..f2f21ef 100755 --- a/apis/filters/v1alpha1/zz_generated_terraformed.go +++ b/apis/filters/v1alpha1/zz_filter_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this Filter @@ -69,6 +74,46 @@ func (tr *Filter) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Filter +func (tr *Filter) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Filter +func (tr *Filter) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + // LateInitialize this Filter using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Filter) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/filters/v1alpha1/zz_filter_types.go b/apis/filters/v1alpha1/zz_filter_types.go index e40ce33..5a3b87f 100755 --- a/apis/filters/v1alpha1/zz_filter_types.go +++ b/apis/filters/v1alpha1/zz_filter_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,28 +17,87 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type FilterInitParameters struct { + + // (String) A note that you can use to describe the purpose of the filter. + // A note that you can use to describe the purpose of the filter. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The filter expression to be used. + // The filter expression to be used. + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (Boolean) Whether this filter is currently paused. + // Whether this filter is currently paused. + Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + + // (String) Short reference tag to quickly select related rules. + // Short reference tag to quickly select related rules. + Ref *string `json:"ref,omitempty" tf:"ref,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type FilterObservation struct { + + // (String) A note that you can use to describe the purpose of the filter. + // A note that you can use to describe the purpose of the filter. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The filter expression to be used. + // The filter expression to be used. + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Boolean) Whether this filter is currently paused. + // Whether this filter is currently paused. + Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + + // (String) Short reference tag to quickly select related rules. + // Short reference tag to quickly select related rules. + Ref *string `json:"ref,omitempty" tf:"ref,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type FilterParameters struct { + // (String) A note that you can use to describe the purpose of the filter. // A note that you can use to describe the purpose of the filter. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (String) The filter expression to be used. // The filter expression to be used. - // +kubebuilder:validation:Required - Expression *string `json:"expression" tf:"expression,omitempty"` + // +kubebuilder:validation:Optional + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + // (Boolean) Whether this filter is currently paused. // Whether this filter is currently paused. // +kubebuilder:validation:Optional Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + // (String) Short reference tag to quickly select related rules. // Short reference tag to quickly select related rules. // +kubebuilder:validation:Optional Ref *string `json:"ref,omitempty" tf:"ref,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -53,6 +116,17 @@ type FilterParameters struct { type FilterSpec struct { v1.ResourceSpec `json:",inline"` ForProvider FilterParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider FilterInitParameters `json:"initProvider,omitempty"` } // FilterStatus defines the observed state of Filter. @@ -62,19 +136,21 @@ type FilterStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Filter is the Schema for the Filters API. +// Filter is the Schema for the Filters API. Filter expressions that can be referenced across multiple features, e.g. Firewall Rules. See what is a filter https://developers.cloudflare.com/firewall/api/cf-filters/what-is-a-filter/ for more details and available fields and operators. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Filter struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec FilterSpec `json:"spec"` - Status FilterStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.expression) || (has(self.initProvider) && has(self.initProvider.expression))",message="spec.forProvider.expression is a required parameter" + Spec FilterSpec `json:"spec"` + Status FilterStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/filters/v1alpha1/zz_generated.conversion_hubs.go b/apis/filters/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..cc66adb --- /dev/null +++ b/apis/filters/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,14 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Filter) Hub() {} diff --git a/apis/filters/v1alpha1/zz_generated.deepcopy.go b/apis/filters/v1alpha1/zz_generated.deepcopy.go index 40e41ab..dbd5ef8 100644 --- a/apis/filters/v1alpha1/zz_generated.deepcopy.go +++ b/apis/filters/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,56 @@ func (in *Filter) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FilterInitParameters) DeepCopyInto(out *FilterInitParameters) { + *out = *in + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } + if in.Paused != nil { + in, out := &in.Paused, &out.Paused + *out = new(bool) + **out = **in + } + if in.Ref != nil { + in, out := &in.Ref, &out.Ref + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FilterInitParameters. +func (in *FilterInitParameters) DeepCopy() *FilterInitParameters { + if in == nil { + return nil + } + out := new(FilterInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FilterList) DeepCopyInto(out *FilterList) { *out = *in @@ -76,11 +125,36 @@ func (in *FilterList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FilterObservation) DeepCopyInto(out *FilterObservation) { *out = *in + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Paused != nil { + in, out := &in.Paused, &out.Paused + *out = new(bool) + **out = **in + } + if in.Ref != nil { + in, out := &in.Ref, &out.Ref + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FilterObservation. @@ -148,6 +222,7 @@ func (in *FilterSpec) DeepCopyInto(out *FilterSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FilterSpec. diff --git a/apis/filters/v1alpha1/zz_generated.managed.go b/apis/filters/v1alpha1/zz_generated.managed.go index 183d98e..9980492 100644 --- a/apis/filters/v1alpha1/zz_generated.managed.go +++ b/apis/filters/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Filter) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Filter. +func (mg *Filter) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Filter. func (mg *Filter) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Filter. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Filter) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Filter. func (mg *Filter) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Filter) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Filter. +func (mg *Filter) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Filter. func (mg *Filter) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Filter. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Filter) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Filter. func (mg *Filter) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/filters/v1alpha1/zz_generated.resolvers.go b/apis/filters/v1alpha1/zz_generated.resolvers.go index ba51f41..114555c 100644 --- a/apis/filters/v1alpha1/zz_generated.resolvers.go +++ b/apis/filters/v1alpha1/zz_generated.resolvers.go @@ -36,5 +36,21 @@ func (mg *Filter) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/filters/v1alpha1/zz_groupversion_info.go b/apis/filters/v1alpha1/zz_groupversion_info.go index ff281d3..b3b0cb2 100755 --- a/apis/filters/v1alpha1/zz_groupversion_info.go +++ b/apis/filters/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/firewall/v1alpha1/zz_generated.conversion_hubs.go b/apis/firewall/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..837d20a --- /dev/null +++ b/apis/firewall/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,14 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Rule) Hub() {} diff --git a/apis/firewall/v1alpha1/zz_generated.deepcopy.go b/apis/firewall/v1alpha1/zz_generated.deepcopy.go index 79c36f6..e73ff11 100644 --- a/apis/firewall/v1alpha1/zz_generated.deepcopy.go +++ b/apis/firewall/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,82 @@ func (in *Rule) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RuleInitParameters) DeepCopyInto(out *RuleInitParameters) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.FilterID != nil { + in, out := &in.FilterID, &out.FilterID + *out = new(string) + **out = **in + } + if in.FilterIDRef != nil { + in, out := &in.FilterIDRef, &out.FilterIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.FilterIDSelector != nil { + in, out := &in.FilterIDSelector, &out.FilterIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Paused != nil { + in, out := &in.Paused, &out.Paused + *out = new(bool) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.Products != nil { + in, out := &in.Products, &out.Products + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleInitParameters. +func (in *RuleInitParameters) DeepCopy() *RuleInitParameters { + if in == nil { + return nil + } + out := new(RuleInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleList) DeepCopyInto(out *RuleList) { *out = *in @@ -76,11 +151,52 @@ func (in *RuleList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleObservation) DeepCopyInto(out *RuleObservation) { *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.FilterID != nil { + in, out := &in.FilterID, &out.FilterID + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Paused != nil { + in, out := &in.Paused, &out.Paused + *out = new(bool) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.Products != nil { + in, out := &in.Products, &out.Products + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleObservation. @@ -174,6 +290,7 @@ func (in *RuleSpec) DeepCopyInto(out *RuleSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleSpec. diff --git a/apis/firewall/v1alpha1/zz_generated.managed.go b/apis/firewall/v1alpha1/zz_generated.managed.go index f1963bb..140b6ca 100644 --- a/apis/firewall/v1alpha1/zz_generated.managed.go +++ b/apis/firewall/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Rule) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Rule. +func (mg *Rule) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Rule. func (mg *Rule) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Rule. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Rule) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Rule. func (mg *Rule) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Rule) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Rule. +func (mg *Rule) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Rule. func (mg *Rule) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Rule. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Rule) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Rule. func (mg *Rule) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/firewall/v1alpha1/zz_generated.resolvers.go b/apis/firewall/v1alpha1/zz_generated.resolvers.go index 8905e7e..10096d9 100644 --- a/apis/firewall/v1alpha1/zz_generated.resolvers.go +++ b/apis/firewall/v1alpha1/zz_generated.resolvers.go @@ -53,5 +53,37 @@ func (mg *Rule) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.FilterID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.FilterIDRef, + Selector: mg.Spec.InitProvider.FilterIDSelector, + To: reference.To{ + List: &v1alpha1.FilterList{}, + Managed: &v1alpha1.Filter{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.FilterID") + } + mg.Spec.InitProvider.FilterID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.FilterIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/firewall/v1alpha1/zz_groupversion_info.go b/apis/firewall/v1alpha1/zz_groupversion_info.go index 2286a49..8253e34 100755 --- a/apis/firewall/v1alpha1/zz_groupversion_info.go +++ b/apis/firewall/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/firewall/v1alpha1/zz_generated_terraformed.go b/apis/firewall/v1alpha1/zz_rule_terraformed.go similarity index 60% rename from apis/firewall/v1alpha1/zz_generated_terraformed.go rename to apis/firewall/v1alpha1/zz_rule_terraformed.go index e7eb5ce..f360dec 100755 --- a/apis/firewall/v1alpha1/zz_generated_terraformed.go +++ b/apis/firewall/v1alpha1/zz_rule_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this Rule @@ -69,6 +74,46 @@ func (tr *Rule) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Rule +func (tr *Rule) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Rule +func (tr *Rule) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + // LateInitialize this Rule using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Rule) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/firewall/v1alpha1/zz_rule_types.go b/apis/firewall/v1alpha1/zz_rule_types.go index 0cd2cf5..43f5496 100755 --- a/apis/firewall/v1alpha1/zz_rule_types.go +++ b/apis/firewall/v1alpha1/zz_rule_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,20 +17,104 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type RuleInitParameters struct { + + // (String) The action to apply to a matched request. Available values: block, challenge, allow, js_challenge, managed_challenge, log, bypass. + // The action to apply to a matched request. Available values: `block`, `challenge`, `allow`, `js_challenge`, `managed_challenge`, `log`, `bypass`. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // (String) A description of the rule to help identify it. + // A description of the rule to help identify it. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The identifier of the Filter to use for determining if the Firewall Rule should be triggered. + // The identifier of the Filter to use for determining if the Firewall Rule should be triggered. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/filters/v1alpha1.Filter + FilterID *string `json:"filterId,omitempty" tf:"filter_id,omitempty"` + + // Reference to a Filter in filters to populate filterId. + // +kubebuilder:validation:Optional + FilterIDRef *v1.Reference `json:"filterIdRef,omitempty" tf:"-"` + + // Selector for a Filter in filters to populate filterId. + // +kubebuilder:validation:Optional + FilterIDSelector *v1.Selector `json:"filterIdSelector,omitempty" tf:"-"` + + // (Boolean) Whether this filter based firewall rule is currently paused. + // Whether this filter based firewall rule is currently paused. + Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + + // (Number) The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. + // The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // (Set of String) List of products to bypass for a request when the bypass action is used. Available values: zoneLockdown, uaBlock, bic, hot, securityLevel, rateLimit, waf. + // List of products to bypass for a request when the bypass action is used. Available values: `zoneLockdown`, `uaBlock`, `bic`, `hot`, `securityLevel`, `rateLimit`, `waf`. + // +listType=set + Products []*string `json:"products,omitempty" tf:"products,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type RuleObservation struct { + + // (String) The action to apply to a matched request. Available values: block, challenge, allow, js_challenge, managed_challenge, log, bypass. + // The action to apply to a matched request. Available values: `block`, `challenge`, `allow`, `js_challenge`, `managed_challenge`, `log`, `bypass`. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // (String) A description of the rule to help identify it. + // A description of the rule to help identify it. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The identifier of the Filter to use for determining if the Firewall Rule should be triggered. + // The identifier of the Filter to use for determining if the Firewall Rule should be triggered. + FilterID *string `json:"filterId,omitempty" tf:"filter_id,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Boolean) Whether this filter based firewall rule is currently paused. + // Whether this filter based firewall rule is currently paused. + Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + + // (Number) The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. + // The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // (Set of String) List of products to bypass for a request when the bypass action is used. Available values: zoneLockdown, uaBlock, bic, hot, securityLevel, rateLimit, waf. + // List of products to bypass for a request when the bypass action is used. Available values: `zoneLockdown`, `uaBlock`, `bic`, `hot`, `securityLevel`, `rateLimit`, `waf`. + // +listType=set + Products []*string `json:"products,omitempty" tf:"products,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type RuleParameters struct { + // (String) The action to apply to a matched request. Available values: block, challenge, allow, js_challenge, managed_challenge, log, bypass. // The action to apply to a matched request. Available values: `block`, `challenge`, `allow`, `js_challenge`, `managed_challenge`, `log`, `bypass`. - // +kubebuilder:validation:Required - Action *string `json:"action" tf:"action,omitempty"` + // +kubebuilder:validation:Optional + Action *string `json:"action,omitempty" tf:"action,omitempty"` + // (String) A description of the rule to help identify it. // A description of the rule to help identify it. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (String) The identifier of the Filter to use for determining if the Firewall Rule should be triggered. // The identifier of the Filter to use for determining if the Firewall Rule should be triggered. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/filters/v1alpha1.Filter // +kubebuilder:validation:Optional @@ -40,18 +128,23 @@ type RuleParameters struct { // +kubebuilder:validation:Optional FilterIDSelector *v1.Selector `json:"filterIdSelector,omitempty" tf:"-"` + // (Boolean) Whether this filter based firewall rule is currently paused. // Whether this filter based firewall rule is currently paused. // +kubebuilder:validation:Optional Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + // (Number) The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. // The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. // +kubebuilder:validation:Optional Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + // (Set of String) List of products to bypass for a request when the bypass action is used. Available values: zoneLockdown, uaBlock, bic, hot, securityLevel, rateLimit, waf. // List of products to bypass for a request when the bypass action is used. Available values: `zoneLockdown`, `uaBlock`, `bic`, `hot`, `securityLevel`, `rateLimit`, `waf`. // +kubebuilder:validation:Optional + // +listType=set Products []*string `json:"products,omitempty" tf:"products,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -70,6 +163,17 @@ type RuleParameters struct { type RuleSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RuleParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RuleInitParameters `json:"initProvider,omitempty"` } // RuleStatus defines the observed state of Rule. @@ -79,19 +183,21 @@ type RuleStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Rule is the Schema for the Rules API. +// Rule is the Schema for the Rules API. Define Firewall rules using filter expressions for more control over how traffic is matched to the rule. A filter expression permits selecting traffic by multiple criteria allowing greater freedom in rule creation. Filter expressions needs to be created first before using Firewall Rule. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Rule struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RuleSpec `json:"spec"` - Status RuleStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.action) || (has(self.initProvider) && has(self.initProvider.action))",message="spec.forProvider.action is a required parameter" + Spec RuleSpec `json:"spec"` + Status RuleStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/generate.go b/apis/generate.go index 7dcd77d..233d170 100644 --- a/apis/generate.go +++ b/apis/generate.go @@ -19,7 +19,7 @@ Copyright 2021 Upbound Inc. //go:generate rm -rf ../examples-generated // Generate documentation from Terraform docs. -//go:generate go run github.com/upbound/upjet/cmd/scraper -n ${TERRAFORM_PROVIDER_SOURCE} -r ../.work/${TERRAFORM_PROVIDER_SOURCE}/${TERRAFORM_DOCS_PATH} -o ../config/provider-metadata.yaml +//go:generate go run github.com/crossplane/upjet/cmd/scraper -n ${TERRAFORM_PROVIDER_SOURCE} -r ../.work/${TERRAFORM_PROVIDER_SOURCE}/${TERRAFORM_DOCS_PATH} -o ../config/provider-metadata.yaml // Run Upjet generator //go:generate go run ../cmd/generator/main.go .. diff --git a/apis/lists/v1alpha1/zz_generated.conversion_hubs.go b/apis/lists/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..2550114 --- /dev/null +++ b/apis/lists/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,17 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *IPList) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *List) Hub() {} diff --git a/apis/lists/v1alpha1/zz_generated.deepcopy.go b/apis/lists/v1alpha1/zz_generated.deepcopy.go index 1cf9612..febc973 100644 --- a/apis/lists/v1alpha1/zz_generated.deepcopy.go +++ b/apis/lists/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,58 @@ func (in *IPList) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPListInitParameters) DeepCopyInto(out *IPListInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Item != nil { + in, out := &in.Item, &out.Item + *out = make([]ItemInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPListInitParameters. +func (in *IPListInitParameters) DeepCopy() *IPListInitParameters { + if in == nil { + return nil + } + out := new(IPListInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPListList) DeepCopyInto(out *IPListList) { *out = *in @@ -76,11 +127,38 @@ func (in *IPListList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPListObservation) DeepCopyInto(out *IPListObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Item != nil { + in, out := &in.Item, &out.Item + *out = make([]ItemObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPListObservation. @@ -150,6 +228,7 @@ func (in *IPListSpec) DeepCopyInto(out *IPListSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPListSpec. @@ -179,9 +258,44 @@ func (in *IPListStatus) DeepCopy() *IPListStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ItemInitParameters) DeepCopyInto(out *ItemInitParameters) { + *out = *in + if in.Comment != nil { + in, out := &in.Comment, &out.Comment + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ItemInitParameters. +func (in *ItemInitParameters) DeepCopy() *ItemInitParameters { + if in == nil { + return nil + } + out := new(ItemInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ItemObservation) DeepCopyInto(out *ItemObservation) { *out = *in + if in.Comment != nil { + in, out := &in.Comment, &out.Comment + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ItemObservation. @@ -246,9 +360,100 @@ func (in *List) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ListInitParameters) DeepCopyInto(out *ListInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Item != nil { + in, out := &in.Item, &out.Item + *out = make([]ListItemInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListInitParameters. +func (in *ListInitParameters) DeepCopy() *ListInitParameters { + if in == nil { + return nil + } + out := new(ListInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ListItemInitParameters) DeepCopyInto(out *ListItemInitParameters) { + *out = *in + if in.Comment != nil { + in, out := &in.Comment, &out.Comment + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = make([]ValueInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListItemInitParameters. +func (in *ListItemInitParameters) DeepCopy() *ListItemInitParameters { + if in == nil { + return nil + } + out := new(ListItemInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ListItemObservation) DeepCopyInto(out *ListItemObservation) { *out = *in + if in.Comment != nil { + in, out := &in.Comment, &out.Comment + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = make([]ValueObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListItemObservation. @@ -323,11 +528,38 @@ func (in *ListList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ListObservation) DeepCopyInto(out *ListObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Item != nil { + in, out := &in.Item, &out.Item + *out = make([]ListItemObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListObservation. @@ -397,6 +629,7 @@ func (in *ListSpec) DeepCopyInto(out *ListSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListSpec. @@ -426,9 +659,94 @@ func (in *ListStatus) DeepCopy() *ListStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RedirectInitParameters) DeepCopyInto(out *RedirectInitParameters) { + *out = *in + if in.IncludeSubdomains != nil { + in, out := &in.IncludeSubdomains, &out.IncludeSubdomains + *out = new(string) + **out = **in + } + if in.PreservePathSuffix != nil { + in, out := &in.PreservePathSuffix, &out.PreservePathSuffix + *out = new(string) + **out = **in + } + if in.PreserveQueryString != nil { + in, out := &in.PreserveQueryString, &out.PreserveQueryString + *out = new(string) + **out = **in + } + if in.SourceURL != nil { + in, out := &in.SourceURL, &out.SourceURL + *out = new(string) + **out = **in + } + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } + if in.SubpathMatching != nil { + in, out := &in.SubpathMatching, &out.SubpathMatching + *out = new(string) + **out = **in + } + if in.TargetURL != nil { + in, out := &in.TargetURL, &out.TargetURL + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RedirectInitParameters. +func (in *RedirectInitParameters) DeepCopy() *RedirectInitParameters { + if in == nil { + return nil + } + out := new(RedirectInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RedirectObservation) DeepCopyInto(out *RedirectObservation) { *out = *in + if in.IncludeSubdomains != nil { + in, out := &in.IncludeSubdomains, &out.IncludeSubdomains + *out = new(string) + **out = **in + } + if in.PreservePathSuffix != nil { + in, out := &in.PreservePathSuffix, &out.PreservePathSuffix + *out = new(string) + **out = **in + } + if in.PreserveQueryString != nil { + in, out := &in.PreserveQueryString, &out.PreserveQueryString + *out = new(string) + **out = **in + } + if in.SourceURL != nil { + in, out := &in.SourceURL, &out.SourceURL + *out = new(string) + **out = **in + } + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } + if in.SubpathMatching != nil { + in, out := &in.SubpathMatching, &out.SubpathMatching + *out = new(string) + **out = **in + } + if in.TargetURL != nil { + in, out := &in.TargetURL, &out.TargetURL + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RedirectObservation. @@ -491,9 +809,48 @@ func (in *RedirectParameters) DeepCopy() *RedirectParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ValueInitParameters) DeepCopyInto(out *ValueInitParameters) { + *out = *in + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = new(string) + **out = **in + } + if in.Redirect != nil { + in, out := &in.Redirect, &out.Redirect + *out = make([]RedirectInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValueInitParameters. +func (in *ValueInitParameters) DeepCopy() *ValueInitParameters { + if in == nil { + return nil + } + out := new(ValueInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ValueObservation) DeepCopyInto(out *ValueObservation) { *out = *in + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = new(string) + **out = **in + } + if in.Redirect != nil { + in, out := &in.Redirect, &out.Redirect + *out = make([]RedirectObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValueObservation. diff --git a/apis/lists/v1alpha1/zz_generated.managed.go b/apis/lists/v1alpha1/zz_generated.managed.go index a37f71c..36fe5c7 100644 --- a/apis/lists/v1alpha1/zz_generated.managed.go +++ b/apis/lists/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *IPList) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this IPList. +func (mg *IPList) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this IPList. func (mg *IPList) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this IPList. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *IPList) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this IPList. func (mg *IPList) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *IPList) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this IPList. +func (mg *IPList) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this IPList. func (mg *IPList) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this IPList. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *IPList) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this IPList. func (mg *IPList) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *List) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this List. +func (mg *List) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this List. func (mg *List) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this List. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *List) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this List. func (mg *List) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *List) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this List. +func (mg *List) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this List. func (mg *List) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this List. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *List) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this List. func (mg *List) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/lists/v1alpha1/zz_generated.resolvers.go b/apis/lists/v1alpha1/zz_generated.resolvers.go index be65d3a..80788e2 100644 --- a/apis/lists/v1alpha1/zz_generated.resolvers.go +++ b/apis/lists/v1alpha1/zz_generated.resolvers.go @@ -36,6 +36,22 @@ func (mg *IPList) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -62,5 +78,21 @@ func (mg *List) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/lists/v1alpha1/zz_groupversion_info.go b/apis/lists/v1alpha1/zz_groupversion_info.go index b50be2c..0cc9ead 100755 --- a/apis/lists/v1alpha1/zz_groupversion_info.go +++ b/apis/lists/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/lists/v1alpha1/zz_generated_terraformed.go b/apis/lists/v1alpha1/zz_iplist_terraformed.go similarity index 54% rename from apis/lists/v1alpha1/zz_generated_terraformed.go rename to apis/lists/v1alpha1/zz_iplist_terraformed.go index 6a0f2ec..d3358ad 100755 --- a/apis/lists/v1alpha1/zz_generated_terraformed.go +++ b/apis/lists/v1alpha1/zz_iplist_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this IPList @@ -69,84 +74,50 @@ func (tr *IPList) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } -// LateInitialize this IPList using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *IPList) LateInitialize(attrs []byte) (bool, error) { - params := &IPListParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *IPList) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this List -func (mg *List) GetTerraformResourceType() string { - return "cloudflare_list" -} - -// GetConnectionDetailsMapping for this List -func (tr *List) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this List -func (tr *List) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) +// GetInitParameters of this IPList +func (tr *IPList) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) if err != nil { return nil, err } base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) + return base, json.TFParser.Unmarshal(p, &base) } -// SetObservation for this List -func (tr *List) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) +// GetInitParameters of this IPList +func (tr *IPList) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() if err != nil { - return err + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this List -func (tr *List) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" + if !shouldMergeInitProvider { + return params, nil } - return *tr.Status.AtProvider.ID -} -// GetParameters of this List -func (tr *List) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + initParams, err := tr.GetInitParameters() if err != nil { - return nil, err + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} -// SetParameters for this List -func (tr *List) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) if err != nil { - return err + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) + + return params, nil } -// LateInitialize this List using its observed tfState. +// LateInitialize this IPList using its observed tfState. // returns True if there are any spec changes for the resource. -func (tr *List) LateInitialize(attrs []byte) (bool, error) { - params := &ListParameters{} +func (tr *IPList) LateInitialize(attrs []byte) (bool, error) { + params := &IPListParameters{} if err := json.TFParser.Unmarshal(attrs, params); err != nil { return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") } @@ -157,6 +128,6 @@ func (tr *List) LateInitialize(attrs []byte) (bool, error) { } // GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *List) GetTerraformSchemaVersion() int { +func (tr *IPList) GetTerraformSchemaVersion() int { return 0 } diff --git a/apis/lists/v1alpha1/zz_iplist_types.go b/apis/lists/v1alpha1/zz_iplist_types.go index 5b919c9..71aca74 100755 --- a/apis/lists/v1alpha1/zz_iplist_types.go +++ b/apis/lists/v1alpha1/zz_iplist_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,58 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type IPListInitParameters struct { + + // The ID of the account where the IP List is being created. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // A note that can be used to annotate the List. Maximum Length: 500 + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + Item []ItemInitParameters `json:"item,omitempty" tf:"item,omitempty"` + + // The kind of values in the List. Valid values: ip. + Kind *string `json:"kind,omitempty" tf:"kind,omitempty"` + + // The name of the list (used in filter expressions). Valid pattern: ^[a-zA-Z0-9_]+$. Maximum Length: 50 + // **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type IPListObservation struct { + + // The ID of the account where the IP List is being created. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // A note that can be used to annotate the List. Maximum Length: 500 + Description *string `json:"description,omitempty" tf:"description,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + Item []ItemObservation `json:"item,omitempty" tf:"item,omitempty"` + + // The kind of values in the List. Valid values: ip. + Kind *string `json:"kind,omitempty" tf:"kind,omitempty"` + + // The name of the list (used in filter expressions). Valid pattern: ^[a-zA-Z0-9_]+$. Maximum Length: 50 + // **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type IPListParameters struct { + // The ID of the account where the IP List is being created. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,29 +82,49 @@ type IPListParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // A note that can be used to annotate the List. Maximum Length: 500 // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` // +kubebuilder:validation:Optional Item []ItemParameters `json:"item,omitempty" tf:"item,omitempty"` - // +kubebuilder:validation:Required - Kind *string `json:"kind" tf:"kind,omitempty"` + // The kind of values in the List. Valid values: ip. + // +kubebuilder:validation:Optional + Kind *string `json:"kind,omitempty" tf:"kind,omitempty"` + // The name of the list (used in filter expressions). Valid pattern: ^[a-zA-Z0-9_]+$. Maximum Length: 50 // **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + +type ItemInitParameters struct { + + // A note that can be used to annotate the item. + Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` + + // The IPv4 address, IPv4 CIDR or IPv6 CIDR. IPv6 CIDRs are limited to a maximum of /64. + Value *string `json:"value,omitempty" tf:"value,omitempty"` } type ItemObservation struct { + + // A note that can be used to annotate the item. + Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` + + // The IPv4 address, IPv4 CIDR or IPv6 CIDR. IPv6 CIDRs are limited to a maximum of /64. + Value *string `json:"value,omitempty" tf:"value,omitempty"` } type ItemParameters struct { + // A note that can be used to annotate the item. // +kubebuilder:validation:Optional Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` - // +kubebuilder:validation:Required + // The IPv4 address, IPv4 CIDR or IPv6 CIDR. IPv6 CIDRs are limited to a maximum of /64. + // +kubebuilder:validation:Optional Value *string `json:"value" tf:"value,omitempty"` } @@ -62,6 +132,17 @@ type ItemParameters struct { type IPListSpec struct { v1.ResourceSpec `json:",inline"` ForProvider IPListParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider IPListInitParameters `json:"initProvider,omitempty"` } // IPListStatus defines the observed state of IPList. @@ -71,19 +152,22 @@ type IPListStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// IPList is the Schema for the IPLists API. +// IPList is the Schema for the IPLists API. Provides IP Lists to be used in Firewall Rules across all zones within the same account. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type IPList struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec IPListSpec `json:"spec"` - Status IPListStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.kind) || (has(self.initProvider) && has(self.initProvider.kind))",message="spec.forProvider.kind is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec IPListSpec `json:"spec"` + Status IPListStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/lists/v1alpha1/zz_list_terraformed.go b/apis/lists/v1alpha1/zz_list_terraformed.go new file mode 100755 index 0000000..f8483c2 --- /dev/null +++ b/apis/lists/v1alpha1/zz_list_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this List +func (mg *List) GetTerraformResourceType() string { + return "cloudflare_list" +} + +// GetConnectionDetailsMapping for this List +func (tr *List) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this List +func (tr *List) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this List +func (tr *List) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this List +func (tr *List) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this List +func (tr *List) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this List +func (tr *List) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this List +func (tr *List) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this List +func (tr *List) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this List using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *List) LateInitialize(attrs []byte) (bool, error) { + params := &ListParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *List) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/lists/v1alpha1/zz_list_types.go b/apis/lists/v1alpha1/zz_list_types.go index e4ec988..87b9190 100755 --- a/apis/lists/v1alpha1/zz_list_types.go +++ b/apis/lists/v1alpha1/zz_list_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,25 +17,97 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ListInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) An optional description of the list. + // An optional description of the list. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Block Set) (see below for nested schema) + Item []ListItemInitParameters `json:"item,omitempty" tf:"item,omitempty"` + + // (String) The type of items the list will contain. + // The type of items the list will contain. + Kind *string `json:"kind,omitempty" tf:"kind,omitempty"` + + // (String) The name of the list. Modifying this attribute will force creation of a new resource. + // The name of the list. **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + +type ListItemInitParameters struct { + + // (String) An optional comment for the item. + // An optional comment for the item. + Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` + + // (Block List, Min: 1, Max: 1) (see below for nested schema) + Value []ValueInitParameters `json:"value,omitempty" tf:"value,omitempty"` +} + type ListItemObservation struct { + + // (String) An optional comment for the item. + // An optional comment for the item. + Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` + + // (Block List, Min: 1, Max: 1) (see below for nested schema) + Value []ValueObservation `json:"value,omitempty" tf:"value,omitempty"` } type ListItemParameters struct { + // (String) An optional comment for the item. // An optional comment for the item. // +kubebuilder:validation:Optional Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` - // +kubebuilder:validation:Required + // (Block List, Min: 1, Max: 1) (see below for nested schema) + // +kubebuilder:validation:Optional Value []ValueParameters `json:"value" tf:"value,omitempty"` } type ListObservation struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) An optional description of the list. + // An optional description of the list. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Block Set) (see below for nested schema) + Item []ListItemObservation `json:"item,omitempty" tf:"item,omitempty"` + + // (String) The type of items the list will contain. + // The type of items the list will contain. + Kind *string `json:"kind,omitempty" tf:"kind,omitempty"` + + // (String) The name of the list. Modifying this attribute will force creation of a new resource. + // The name of the list. **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type ListParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -45,64 +121,151 @@ type ListParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) An optional description of the list. // An optional description of the list. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (Block Set) (see below for nested schema) // +kubebuilder:validation:Optional Item []ListItemParameters `json:"item,omitempty" tf:"item,omitempty"` + // (String) The type of items the list will contain. // The type of items the list will contain. - // +kubebuilder:validation:Required - Kind *string `json:"kind" tf:"kind,omitempty"` + // +kubebuilder:validation:Optional + Kind *string `json:"kind,omitempty" tf:"kind,omitempty"` + // (String) The name of the list. Modifying this attribute will force creation of a new resource. // The name of the list. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + +type RedirectInitParameters struct { + + // (String) Whether the redirect also matches subdomains of the source url. Available values: disabled, enabled. + // Whether the redirect also matches subdomains of the source url. Available values: `disabled`, `enabled`. + IncludeSubdomains *string `json:"includeSubdomains,omitempty" tf:"include_subdomains,omitempty"` + + // (String) Whether to preserve the path suffix when doing subpath matching. Available values: disabled, enabled. + // Whether to preserve the path suffix when doing subpath matching. Available values: `disabled`, `enabled`. + PreservePathSuffix *string `json:"preservePathSuffix,omitempty" tf:"preserve_path_suffix,omitempty"` + + // (String) Whether the redirect target url should keep the query string of the request's url. Available values: disabled, enabled. + // Whether the redirect target url should keep the query string of the request's url. Available values: `disabled`, `enabled`. + PreserveQueryString *string `json:"preserveQueryString,omitempty" tf:"preserve_query_string,omitempty"` + + // (String) The source url of the redirect. + // The source url of the redirect. + SourceURL *string `json:"sourceUrl,omitempty" tf:"source_url,omitempty"` + + // (Number) The status code to be used when redirecting a request. + // The status code to be used when redirecting a request. + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + + // (String) Whether the redirect also matches subpaths of the source url. Available values: disabled, enabled. + // Whether the redirect also matches subpaths of the source url. Available values: `disabled`, `enabled`. + SubpathMatching *string `json:"subpathMatching,omitempty" tf:"subpath_matching,omitempty"` + + // (String) The target url of the redirect. + // The target url of the redirect. + TargetURL *string `json:"targetUrl,omitempty" tf:"target_url,omitempty"` } type RedirectObservation struct { + + // (String) Whether the redirect also matches subdomains of the source url. Available values: disabled, enabled. + // Whether the redirect also matches subdomains of the source url. Available values: `disabled`, `enabled`. + IncludeSubdomains *string `json:"includeSubdomains,omitempty" tf:"include_subdomains,omitempty"` + + // (String) Whether to preserve the path suffix when doing subpath matching. Available values: disabled, enabled. + // Whether to preserve the path suffix when doing subpath matching. Available values: `disabled`, `enabled`. + PreservePathSuffix *string `json:"preservePathSuffix,omitempty" tf:"preserve_path_suffix,omitempty"` + + // (String) Whether the redirect target url should keep the query string of the request's url. Available values: disabled, enabled. + // Whether the redirect target url should keep the query string of the request's url. Available values: `disabled`, `enabled`. + PreserveQueryString *string `json:"preserveQueryString,omitempty" tf:"preserve_query_string,omitempty"` + + // (String) The source url of the redirect. + // The source url of the redirect. + SourceURL *string `json:"sourceUrl,omitempty" tf:"source_url,omitempty"` + + // (Number) The status code to be used when redirecting a request. + // The status code to be used when redirecting a request. + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + + // (String) Whether the redirect also matches subpaths of the source url. Available values: disabled, enabled. + // Whether the redirect also matches subpaths of the source url. Available values: `disabled`, `enabled`. + SubpathMatching *string `json:"subpathMatching,omitempty" tf:"subpath_matching,omitempty"` + + // (String) The target url of the redirect. + // The target url of the redirect. + TargetURL *string `json:"targetUrl,omitempty" tf:"target_url,omitempty"` } type RedirectParameters struct { + // (String) Whether the redirect also matches subdomains of the source url. Available values: disabled, enabled. // Whether the redirect also matches subdomains of the source url. Available values: `disabled`, `enabled`. // +kubebuilder:validation:Optional IncludeSubdomains *string `json:"includeSubdomains,omitempty" tf:"include_subdomains,omitempty"` + // (String) Whether to preserve the path suffix when doing subpath matching. Available values: disabled, enabled. // Whether to preserve the path suffix when doing subpath matching. Available values: `disabled`, `enabled`. // +kubebuilder:validation:Optional PreservePathSuffix *string `json:"preservePathSuffix,omitempty" tf:"preserve_path_suffix,omitempty"` + // (String) Whether the redirect target url should keep the query string of the request's url. Available values: disabled, enabled. // Whether the redirect target url should keep the query string of the request's url. Available values: `disabled`, `enabled`. // +kubebuilder:validation:Optional PreserveQueryString *string `json:"preserveQueryString,omitempty" tf:"preserve_query_string,omitempty"` + // (String) The source url of the redirect. // The source url of the redirect. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional SourceURL *string `json:"sourceUrl" tf:"source_url,omitempty"` + // (Number) The status code to be used when redirecting a request. // The status code to be used when redirecting a request. // +kubebuilder:validation:Optional StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + // (String) Whether the redirect also matches subpaths of the source url. Available values: disabled, enabled. // Whether the redirect also matches subpaths of the source url. Available values: `disabled`, `enabled`. // +kubebuilder:validation:Optional SubpathMatching *string `json:"subpathMatching,omitempty" tf:"subpath_matching,omitempty"` + // (String) The target url of the redirect. // The target url of the redirect. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional TargetURL *string `json:"targetUrl" tf:"target_url,omitempty"` } +type ValueInitParameters struct { + + // (String) + IP *string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (Block List) (see below for nested schema) + Redirect []RedirectInitParameters `json:"redirect,omitempty" tf:"redirect,omitempty"` +} + type ValueObservation struct { + + // (String) + IP *string `json:"ip,omitempty" tf:"ip,omitempty"` + + // (Block List) (see below for nested schema) + Redirect []RedirectObservation `json:"redirect,omitempty" tf:"redirect,omitempty"` } type ValueParameters struct { + // (String) // +kubebuilder:validation:Optional IP *string `json:"ip,omitempty" tf:"ip,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Redirect []RedirectParameters `json:"redirect,omitempty" tf:"redirect,omitempty"` } @@ -111,6 +274,17 @@ type ValueParameters struct { type ListSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ListParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ListInitParameters `json:"initProvider,omitempty"` } // ListStatus defines the observed state of List. @@ -120,19 +294,22 @@ type ListStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// List is the Schema for the Lists API. +// List is the Schema for the Lists API. Provides Lists (IPs, Redirects) to be used in Edge Rules Engine across all zones within the same account. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type List struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec ListSpec `json:"spec"` - Status ListStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.kind) || (has(self.initProvider) && has(self.initProvider.kind))",message="spec.forProvider.kind is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec ListSpec `json:"spec"` + Status ListStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/loadbalancer/v1alpha1/zz_generated.conversion_hubs.go b/apis/loadbalancer/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..cc6ed22 --- /dev/null +++ b/apis/loadbalancer/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,20 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *LoadBalancer) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Monitor) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Pool) Hub() {} diff --git a/apis/loadbalancer/v1alpha1/zz_generated.deepcopy.go b/apis/loadbalancer/v1alpha1/zz_generated.deepcopy.go index ad2849d..a45e340 100644 --- a/apis/loadbalancer/v1alpha1/zz_generated.deepcopy.go +++ b/apis/loadbalancer/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -14,9 +13,34 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AdaptiveRoutingInitParameters) DeepCopyInto(out *AdaptiveRoutingInitParameters) { + *out = *in + if in.FailoverAcrossPools != nil { + in, out := &in.FailoverAcrossPools, &out.FailoverAcrossPools + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdaptiveRoutingInitParameters. +func (in *AdaptiveRoutingInitParameters) DeepCopy() *AdaptiveRoutingInitParameters { + if in == nil { + return nil + } + out := new(AdaptiveRoutingInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AdaptiveRoutingObservation) DeepCopyInto(out *AdaptiveRoutingObservation) { *out = *in + if in.FailoverAcrossPools != nil { + in, out := &in.FailoverAcrossPools, &out.FailoverAcrossPools + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdaptiveRoutingObservation. @@ -49,9 +73,68 @@ func (in *AdaptiveRoutingParameters) DeepCopy() *AdaptiveRoutingParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CountryPoolsInitParameters) DeepCopyInto(out *CountryPoolsInitParameters) { + *out = *in + if in.Country != nil { + in, out := &in.Country, &out.Country + *out = new(string) + **out = **in + } + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PoolIdsRefs != nil { + in, out := &in.PoolIdsRefs, &out.PoolIdsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PoolIdsSelector != nil { + in, out := &in.PoolIdsSelector, &out.PoolIdsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CountryPoolsInitParameters. +func (in *CountryPoolsInitParameters) DeepCopy() *CountryPoolsInitParameters { + if in == nil { + return nil + } + out := new(CountryPoolsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CountryPoolsObservation) DeepCopyInto(out *CountryPoolsObservation) { *out = *in + if in.Country != nil { + in, out := &in.Country, &out.Country + *out = new(string) + **out = **in + } + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CountryPoolsObservation. @@ -107,9 +190,64 @@ func (in *CountryPoolsParameters) DeepCopy() *CountryPoolsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FixedResponseInitParameters) DeepCopyInto(out *FixedResponseInitParameters) { + *out = *in + if in.ContentType != nil { + in, out := &in.ContentType, &out.ContentType + *out = new(string) + **out = **in + } + if in.Location != nil { + in, out := &in.Location, &out.Location + *out = new(string) + **out = **in + } + if in.MessageBody != nil { + in, out := &in.MessageBody, &out.MessageBody + *out = new(string) + **out = **in + } + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FixedResponseInitParameters. +func (in *FixedResponseInitParameters) DeepCopy() *FixedResponseInitParameters { + if in == nil { + return nil + } + out := new(FixedResponseInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FixedResponseObservation) DeepCopyInto(out *FixedResponseObservation) { *out = *in + if in.ContentType != nil { + in, out := &in.ContentType, &out.ContentType + *out = new(string) + **out = **in + } + if in.Location != nil { + in, out := &in.Location, &out.Location + *out = new(string) + **out = **in + } + if in.MessageBody != nil { + in, out := &in.MessageBody, &out.MessageBody + *out = new(string) + **out = **in + } + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FixedResponseObservation. @@ -157,9 +295,56 @@ func (in *FixedResponseParameters) DeepCopy() *FixedResponseParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HeaderInitParameters) DeepCopyInto(out *HeaderInitParameters) { + *out = *in + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = new(string) + **out = **in + } + if in.Values != nil { + in, out := &in.Values, &out.Values + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeaderInitParameters. +func (in *HeaderInitParameters) DeepCopy() *HeaderInitParameters { + if in == nil { + return nil + } + out := new(HeaderInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HeaderObservation) DeepCopyInto(out *HeaderObservation) { *out = *in + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = new(string) + **out = **in + } + if in.Values != nil { + in, out := &in.Values, &out.Values + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeaderObservation. @@ -231,80 +416,18 @@ func (in *LoadBalancer) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LoadBalancerList) DeepCopyInto(out *LoadBalancerList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]LoadBalancer, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerList. -func (in *LoadBalancerList) DeepCopy() *LoadBalancerList { - if in == nil { - return nil - } - out := new(LoadBalancerList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *LoadBalancerList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LoadBalancerObservation) DeepCopyInto(out *LoadBalancerObservation) { - *out = *in - if in.CreatedOn != nil { - in, out := &in.CreatedOn, &out.CreatedOn - *out = new(string) - **out = **in - } - if in.ID != nil { - in, out := &in.ID, &out.ID - *out = new(string) - **out = **in - } - if in.ModifiedOn != nil { - in, out := &in.ModifiedOn, &out.ModifiedOn - *out = new(string) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerObservation. -func (in *LoadBalancerObservation) DeepCopy() *LoadBalancerObservation { - if in == nil { - return nil - } - out := new(LoadBalancerObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LoadBalancerParameters) DeepCopyInto(out *LoadBalancerParameters) { +func (in *LoadBalancerInitParameters) DeepCopyInto(out *LoadBalancerInitParameters) { *out = *in if in.AdaptiveRouting != nil { in, out := &in.AdaptiveRouting, &out.AdaptiveRouting - *out = make([]AdaptiveRoutingParameters, len(*in)) + *out = make([]AdaptiveRoutingInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } if in.CountryPools != nil { in, out := &in.CountryPools, &out.CountryPools - *out = make([]CountryPoolsParameters, len(*in)) + *out = make([]CountryPoolsInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -359,7 +482,7 @@ func (in *LoadBalancerParameters) DeepCopyInto(out *LoadBalancerParameters) { } if in.LocationStrategy != nil { in, out := &in.LocationStrategy, &out.LocationStrategy - *out = make([]LocationStrategyParameters, len(*in)) + *out = make([]LocationStrategyInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -371,7 +494,7 @@ func (in *LoadBalancerParameters) DeepCopyInto(out *LoadBalancerParameters) { } if in.PopPools != nil { in, out := &in.PopPools, &out.PopPools - *out = make([]PopPoolsParameters, len(*in)) + *out = make([]PopPoolsInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -383,21 +506,21 @@ func (in *LoadBalancerParameters) DeepCopyInto(out *LoadBalancerParameters) { } if in.RandomSteering != nil { in, out := &in.RandomSteering, &out.RandomSteering - *out = make([]RandomSteeringParameters, len(*in)) + *out = make([]RandomSteeringInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } if in.RegionPools != nil { in, out := &in.RegionPools, &out.RegionPools - *out = make([]RegionPoolsParameters, len(*in)) + *out = make([]RegionPoolsInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } if in.Rules != nil { in, out := &in.Rules, &out.Rules - *out = make([]RulesParameters, len(*in)) + *out = make([]RulesInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -415,7 +538,8 @@ func (in *LoadBalancerParameters) DeepCopyInto(out *LoadBalancerParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -454,21 +578,383 @@ func (in *LoadBalancerParameters) DeepCopyInto(out *LoadBalancerParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerParameters. -func (in *LoadBalancerParameters) DeepCopy() *LoadBalancerParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerInitParameters. +func (in *LoadBalancerInitParameters) DeepCopy() *LoadBalancerInitParameters { if in == nil { return nil } - out := new(LoadBalancerParameters) + out := new(LoadBalancerInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LoadBalancerSpec) DeepCopyInto(out *LoadBalancerSpec) { +func (in *LoadBalancerList) DeepCopyInto(out *LoadBalancerList) { *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]LoadBalancer, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerList. +func (in *LoadBalancerList) DeepCopy() *LoadBalancerList { + if in == nil { + return nil + } + out := new(LoadBalancerList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *LoadBalancerList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoadBalancerObservation) DeepCopyInto(out *LoadBalancerObservation) { + *out = *in + if in.AdaptiveRouting != nil { + in, out := &in.AdaptiveRouting, &out.AdaptiveRouting + *out = make([]AdaptiveRoutingObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CountryPools != nil { + in, out := &in.CountryPools, &out.CountryPools + *out = make([]CountryPoolsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CreatedOn != nil { + in, out := &in.CreatedOn, &out.CreatedOn + *out = new(string) + **out = **in + } + if in.DefaultPoolIds != nil { + in, out := &in.DefaultPoolIds, &out.DefaultPoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.FallbackPoolID != nil { + in, out := &in.FallbackPoolID, &out.FallbackPoolID + *out = new(string) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.LocationStrategy != nil { + in, out := &in.LocationStrategy, &out.LocationStrategy + *out = make([]LocationStrategyObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ModifiedOn != nil { + in, out := &in.ModifiedOn, &out.ModifiedOn + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.PopPools != nil { + in, out := &in.PopPools, &out.PopPools + *out = make([]PopPoolsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Proxied != nil { + in, out := &in.Proxied, &out.Proxied + *out = new(bool) + **out = **in + } + if in.RandomSteering != nil { + in, out := &in.RandomSteering, &out.RandomSteering + *out = make([]RandomSteeringObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RegionPools != nil { + in, out := &in.RegionPools, &out.RegionPools + *out = make([]RegionPoolsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]RulesObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SessionAffinity != nil { + in, out := &in.SessionAffinity, &out.SessionAffinity + *out = new(string) + **out = **in + } + if in.SessionAffinityAttributes != nil { + in, out := &in.SessionAffinityAttributes, &out.SessionAffinityAttributes + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.SessionAffinityTTL != nil { + in, out := &in.SessionAffinityTTL, &out.SessionAffinityTTL + *out = new(float64) + **out = **in + } + if in.SteeringPolicy != nil { + in, out := &in.SteeringPolicy, &out.SteeringPolicy + *out = new(string) + **out = **in + } + if in.TTL != nil { + in, out := &in.TTL, &out.TTL + *out = new(float64) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerObservation. +func (in *LoadBalancerObservation) DeepCopy() *LoadBalancerObservation { + if in == nil { + return nil + } + out := new(LoadBalancerObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoadBalancerParameters) DeepCopyInto(out *LoadBalancerParameters) { + *out = *in + if in.AdaptiveRouting != nil { + in, out := &in.AdaptiveRouting, &out.AdaptiveRouting + *out = make([]AdaptiveRoutingParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CountryPools != nil { + in, out := &in.CountryPools, &out.CountryPools + *out = make([]CountryPoolsParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DefaultPoolIds != nil { + in, out := &in.DefaultPoolIds, &out.DefaultPoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.DefaultPoolIdsRefs != nil { + in, out := &in.DefaultPoolIdsRefs, &out.DefaultPoolIdsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DefaultPoolIdsSelector != nil { + in, out := &in.DefaultPoolIdsSelector, &out.DefaultPoolIdsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.FallbackPoolID != nil { + in, out := &in.FallbackPoolID, &out.FallbackPoolID + *out = new(string) + **out = **in + } + if in.FallbackPoolIDRef != nil { + in, out := &in.FallbackPoolIDRef, &out.FallbackPoolIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.FallbackPoolIDSelector != nil { + in, out := &in.FallbackPoolIDSelector, &out.FallbackPoolIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.LocationStrategy != nil { + in, out := &in.LocationStrategy, &out.LocationStrategy + *out = make([]LocationStrategyParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.PopPools != nil { + in, out := &in.PopPools, &out.PopPools + *out = make([]PopPoolsParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Proxied != nil { + in, out := &in.Proxied, &out.Proxied + *out = new(bool) + **out = **in + } + if in.RandomSteering != nil { + in, out := &in.RandomSteering, &out.RandomSteering + *out = make([]RandomSteeringParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RegionPools != nil { + in, out := &in.RegionPools, &out.RegionPools + *out = make([]RegionPoolsParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]RulesParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SessionAffinity != nil { + in, out := &in.SessionAffinity, &out.SessionAffinity + *out = new(string) + **out = **in + } + if in.SessionAffinityAttributes != nil { + in, out := &in.SessionAffinityAttributes, &out.SessionAffinityAttributes + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.SessionAffinityTTL != nil { + in, out := &in.SessionAffinityTTL, &out.SessionAffinityTTL + *out = new(float64) + **out = **in + } + if in.SteeringPolicy != nil { + in, out := &in.SteeringPolicy, &out.SteeringPolicy + *out = new(string) + **out = **in + } + if in.TTL != nil { + in, out := &in.TTL, &out.TTL + *out = new(float64) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerParameters. +func (in *LoadBalancerParameters) DeepCopy() *LoadBalancerParameters { + if in == nil { + return nil + } + out := new(LoadBalancerParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoadBalancerSpec) DeepCopyInto(out *LoadBalancerSpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerSpec. @@ -476,403 +962,993 @@ func (in *LoadBalancerSpec) DeepCopy() *LoadBalancerSpec { if in == nil { return nil } - out := new(LoadBalancerSpec) + out := new(LoadBalancerSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoadBalancerStatus) DeepCopyInto(out *LoadBalancerStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerStatus. +func (in *LoadBalancerStatus) DeepCopy() *LoadBalancerStatus { + if in == nil { + return nil + } + out := new(LoadBalancerStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoadSheddingInitParameters) DeepCopyInto(out *LoadSheddingInitParameters) { + *out = *in + if in.DefaultPercent != nil { + in, out := &in.DefaultPercent, &out.DefaultPercent + *out = new(float64) + **out = **in + } + if in.DefaultPolicy != nil { + in, out := &in.DefaultPolicy, &out.DefaultPolicy + *out = new(string) + **out = **in + } + if in.SessionPercent != nil { + in, out := &in.SessionPercent, &out.SessionPercent + *out = new(float64) + **out = **in + } + if in.SessionPolicy != nil { + in, out := &in.SessionPolicy, &out.SessionPolicy + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadSheddingInitParameters. +func (in *LoadSheddingInitParameters) DeepCopy() *LoadSheddingInitParameters { + if in == nil { + return nil + } + out := new(LoadSheddingInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoadSheddingObservation) DeepCopyInto(out *LoadSheddingObservation) { + *out = *in + if in.DefaultPercent != nil { + in, out := &in.DefaultPercent, &out.DefaultPercent + *out = new(float64) + **out = **in + } + if in.DefaultPolicy != nil { + in, out := &in.DefaultPolicy, &out.DefaultPolicy + *out = new(string) + **out = **in + } + if in.SessionPercent != nil { + in, out := &in.SessionPercent, &out.SessionPercent + *out = new(float64) + **out = **in + } + if in.SessionPolicy != nil { + in, out := &in.SessionPolicy, &out.SessionPolicy + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadSheddingObservation. +func (in *LoadSheddingObservation) DeepCopy() *LoadSheddingObservation { + if in == nil { + return nil + } + out := new(LoadSheddingObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoadSheddingParameters) DeepCopyInto(out *LoadSheddingParameters) { + *out = *in + if in.DefaultPercent != nil { + in, out := &in.DefaultPercent, &out.DefaultPercent + *out = new(float64) + **out = **in + } + if in.DefaultPolicy != nil { + in, out := &in.DefaultPolicy, &out.DefaultPolicy + *out = new(string) + **out = **in + } + if in.SessionPercent != nil { + in, out := &in.SessionPercent, &out.SessionPercent + *out = new(float64) + **out = **in + } + if in.SessionPolicy != nil { + in, out := &in.SessionPolicy, &out.SessionPolicy + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadSheddingParameters. +func (in *LoadSheddingParameters) DeepCopy() *LoadSheddingParameters { + if in == nil { + return nil + } + out := new(LoadSheddingParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LocationStrategyInitParameters) DeepCopyInto(out *LocationStrategyInitParameters) { + *out = *in + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.PreferEcs != nil { + in, out := &in.PreferEcs, &out.PreferEcs + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocationStrategyInitParameters. +func (in *LocationStrategyInitParameters) DeepCopy() *LocationStrategyInitParameters { + if in == nil { + return nil + } + out := new(LocationStrategyInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LocationStrategyObservation) DeepCopyInto(out *LocationStrategyObservation) { + *out = *in + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.PreferEcs != nil { + in, out := &in.PreferEcs, &out.PreferEcs + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocationStrategyObservation. +func (in *LocationStrategyObservation) DeepCopy() *LocationStrategyObservation { + if in == nil { + return nil + } + out := new(LocationStrategyObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LocationStrategyParameters) DeepCopyInto(out *LocationStrategyParameters) { + *out = *in + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.PreferEcs != nil { + in, out := &in.PreferEcs, &out.PreferEcs + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocationStrategyParameters. +func (in *LocationStrategyParameters) DeepCopy() *LocationStrategyParameters { + if in == nil { + return nil + } + out := new(LocationStrategyParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Monitor) DeepCopyInto(out *Monitor) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Monitor. +func (in *Monitor) DeepCopy() *Monitor { + if in == nil { + return nil + } + out := new(Monitor) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Monitor) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MonitorInitParameters) DeepCopyInto(out *MonitorInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.AllowInsecure != nil { + in, out := &in.AllowInsecure, &out.AllowInsecure + *out = new(bool) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.ExpectedBody != nil { + in, out := &in.ExpectedBody, &out.ExpectedBody + *out = new(string) + **out = **in + } + if in.ExpectedCodes != nil { + in, out := &in.ExpectedCodes, &out.ExpectedCodes + *out = new(string) + **out = **in + } + if in.FollowRedirects != nil { + in, out := &in.FollowRedirects, &out.FollowRedirects + *out = new(bool) + **out = **in + } + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = make([]HeaderInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Interval != nil { + in, out := &in.Interval, &out.Interval + *out = new(float64) + **out = **in + } + if in.Method != nil { + in, out := &in.Method, &out.Method + *out = new(string) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(float64) + **out = **in + } + if in.ProbeZone != nil { + in, out := &in.ProbeZone, &out.ProbeZone + *out = new(string) + **out = **in + } + if in.Retries != nil { + in, out := &in.Retries, &out.Retries + *out = new(float64) + **out = **in + } + if in.Timeout != nil { + in, out := &in.Timeout, &out.Timeout + *out = new(float64) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorInitParameters. +func (in *MonitorInitParameters) DeepCopy() *MonitorInitParameters { + if in == nil { + return nil + } + out := new(MonitorInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MonitorList) DeepCopyInto(out *MonitorList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Monitor, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorList. +func (in *MonitorList) DeepCopy() *MonitorList { + if in == nil { + return nil + } + out := new(MonitorList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MonitorList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MonitorObservation) DeepCopyInto(out *MonitorObservation) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AllowInsecure != nil { + in, out := &in.AllowInsecure, &out.AllowInsecure + *out = new(bool) + **out = **in + } + if in.CreatedOn != nil { + in, out := &in.CreatedOn, &out.CreatedOn + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.ExpectedBody != nil { + in, out := &in.ExpectedBody, &out.ExpectedBody + *out = new(string) + **out = **in + } + if in.ExpectedCodes != nil { + in, out := &in.ExpectedCodes, &out.ExpectedCodes + *out = new(string) + **out = **in + } + if in.FollowRedirects != nil { + in, out := &in.FollowRedirects, &out.FollowRedirects + *out = new(bool) + **out = **in + } + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = make([]HeaderObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Interval != nil { + in, out := &in.Interval, &out.Interval + *out = new(float64) + **out = **in + } + if in.Method != nil { + in, out := &in.Method, &out.Method + *out = new(string) + **out = **in + } + if in.ModifiedOn != nil { + in, out := &in.ModifiedOn, &out.ModifiedOn + *out = new(string) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(float64) + **out = **in + } + if in.ProbeZone != nil { + in, out := &in.ProbeZone, &out.ProbeZone + *out = new(string) + **out = **in + } + if in.Retries != nil { + in, out := &in.Retries, &out.Retries + *out = new(float64) + **out = **in + } + if in.Timeout != nil { + in, out := &in.Timeout, &out.Timeout + *out = new(float64) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorObservation. +func (in *MonitorObservation) DeepCopy() *MonitorObservation { + if in == nil { + return nil + } + out := new(MonitorObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MonitorParameters) DeepCopyInto(out *MonitorParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.AllowInsecure != nil { + in, out := &in.AllowInsecure, &out.AllowInsecure + *out = new(bool) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.ExpectedBody != nil { + in, out := &in.ExpectedBody, &out.ExpectedBody + *out = new(string) + **out = **in + } + if in.ExpectedCodes != nil { + in, out := &in.ExpectedCodes, &out.ExpectedCodes + *out = new(string) + **out = **in + } + if in.FollowRedirects != nil { + in, out := &in.FollowRedirects, &out.FollowRedirects + *out = new(bool) + **out = **in + } + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = make([]HeaderParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Interval != nil { + in, out := &in.Interval, &out.Interval + *out = new(float64) + **out = **in + } + if in.Method != nil { + in, out := &in.Method, &out.Method + *out = new(string) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(float64) + **out = **in + } + if in.ProbeZone != nil { + in, out := &in.ProbeZone, &out.ProbeZone + *out = new(string) + **out = **in + } + if in.Retries != nil { + in, out := &in.Retries, &out.Retries + *out = new(float64) + **out = **in + } + if in.Timeout != nil { + in, out := &in.Timeout, &out.Timeout + *out = new(float64) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorParameters. +func (in *MonitorParameters) DeepCopy() *MonitorParameters { + if in == nil { + return nil + } + out := new(MonitorParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LoadBalancerStatus) DeepCopyInto(out *LoadBalancerStatus) { +func (in *MonitorSpec) DeepCopyInto(out *MonitorSpec) { *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerStatus. -func (in *LoadBalancerStatus) DeepCopy() *LoadBalancerStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorSpec. +func (in *MonitorSpec) DeepCopy() *MonitorSpec { if in == nil { return nil } - out := new(LoadBalancerStatus) + out := new(MonitorSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LoadSheddingObservation) DeepCopyInto(out *LoadSheddingObservation) { +func (in *MonitorStatus) DeepCopyInto(out *MonitorStatus) { *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadSheddingObservation. -func (in *LoadSheddingObservation) DeepCopy() *LoadSheddingObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorStatus. +func (in *MonitorStatus) DeepCopy() *MonitorStatus { if in == nil { return nil } - out := new(LoadSheddingObservation) + out := new(MonitorStatus) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LoadSheddingParameters) DeepCopyInto(out *LoadSheddingParameters) { +func (in *OriginSteeringInitParameters) DeepCopyInto(out *OriginSteeringInitParameters) { *out = *in - if in.DefaultPercent != nil { - in, out := &in.DefaultPercent, &out.DefaultPercent - *out = new(float64) - **out = **in - } - if in.DefaultPolicy != nil { - in, out := &in.DefaultPolicy, &out.DefaultPolicy - *out = new(string) - **out = **in - } - if in.SessionPercent != nil { - in, out := &in.SessionPercent, &out.SessionPercent - *out = new(float64) - **out = **in - } - if in.SessionPolicy != nil { - in, out := &in.SessionPolicy, &out.SessionPolicy + if in.Policy != nil { + in, out := &in.Policy, &out.Policy *out = new(string) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadSheddingParameters. -func (in *LoadSheddingParameters) DeepCopy() *LoadSheddingParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginSteeringInitParameters. +func (in *OriginSteeringInitParameters) DeepCopy() *OriginSteeringInitParameters { if in == nil { return nil } - out := new(LoadSheddingParameters) + out := new(OriginSteeringInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LocationStrategyObservation) DeepCopyInto(out *LocationStrategyObservation) { +func (in *OriginSteeringObservation) DeepCopyInto(out *OriginSteeringObservation) { *out = *in + if in.Policy != nil { + in, out := &in.Policy, &out.Policy + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocationStrategyObservation. -func (in *LocationStrategyObservation) DeepCopy() *LocationStrategyObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginSteeringObservation. +func (in *OriginSteeringObservation) DeepCopy() *OriginSteeringObservation { if in == nil { return nil } - out := new(LocationStrategyObservation) + out := new(OriginSteeringObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LocationStrategyParameters) DeepCopyInto(out *LocationStrategyParameters) { +func (in *OriginSteeringParameters) DeepCopyInto(out *OriginSteeringParameters) { *out = *in - if in.Mode != nil { - in, out := &in.Mode, &out.Mode - *out = new(string) - **out = **in - } - if in.PreferEcs != nil { - in, out := &in.PreferEcs, &out.PreferEcs + if in.Policy != nil { + in, out := &in.Policy, &out.Policy *out = new(string) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocationStrategyParameters. -func (in *LocationStrategyParameters) DeepCopy() *LocationStrategyParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginSteeringParameters. +func (in *OriginSteeringParameters) DeepCopy() *OriginSteeringParameters { if in == nil { return nil } - out := new(LocationStrategyParameters) + out := new(OriginSteeringParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Monitor) DeepCopyInto(out *Monitor) { +func (in *OriginsHeaderInitParameters) DeepCopyInto(out *OriginsHeaderInitParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = new(string) + **out = **in + } + if in.Values != nil { + in, out := &in.Values, &out.Values + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Monitor. -func (in *Monitor) DeepCopy() *Monitor { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginsHeaderInitParameters. +func (in *OriginsHeaderInitParameters) DeepCopy() *OriginsHeaderInitParameters { if in == nil { return nil } - out := new(Monitor) + out := new(OriginsHeaderInitParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Monitor) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MonitorList) DeepCopyInto(out *MonitorList) { +func (in *OriginsHeaderObservation) DeepCopyInto(out *OriginsHeaderObservation) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Monitor, len(*in)) + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = new(string) + **out = **in + } + if in.Values != nil { + in, out := &in.Values, &out.Values + *out = make([]*string, len(*in)) for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorList. -func (in *MonitorList) DeepCopy() *MonitorList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginsHeaderObservation. +func (in *OriginsHeaderObservation) DeepCopy() *OriginsHeaderObservation { if in == nil { return nil } - out := new(MonitorList) + out := new(OriginsHeaderObservation) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *MonitorList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MonitorObservation) DeepCopyInto(out *MonitorObservation) { +func (in *OriginsHeaderParameters) DeepCopyInto(out *OriginsHeaderParameters) { *out = *in - if in.CreatedOn != nil { - in, out := &in.CreatedOn, &out.CreatedOn - *out = new(string) - **out = **in - } - if in.ID != nil { - in, out := &in.ID, &out.ID + if in.Header != nil { + in, out := &in.Header, &out.Header *out = new(string) **out = **in } - if in.ModifiedOn != nil { - in, out := &in.ModifiedOn, &out.ModifiedOn - *out = new(string) - **out = **in + if in.Values != nil { + in, out := &in.Values, &out.Values + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorObservation. -func (in *MonitorObservation) DeepCopy() *MonitorObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginsHeaderParameters. +func (in *OriginsHeaderParameters) DeepCopy() *OriginsHeaderParameters { if in == nil { return nil } - out := new(MonitorObservation) + out := new(OriginsHeaderParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MonitorParameters) DeepCopyInto(out *MonitorParameters) { +func (in *OriginsInitParameters) DeepCopyInto(out *OriginsInitParameters) { *out = *in - if in.AccountID != nil { - in, out := &in.AccountID, &out.AccountID + if in.Address != nil { + in, out := &in.Address, &out.Address *out = new(string) **out = **in } - if in.AccountIDRef != nil { - in, out := &in.AccountIDRef, &out.AccountIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.AccountIDSelector != nil { - in, out := &in.AccountIDSelector, &out.AccountIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) - } - if in.AllowInsecure != nil { - in, out := &in.AllowInsecure, &out.AllowInsecure + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled *out = new(bool) **out = **in } - if in.Description != nil { - in, out := &in.Description, &out.Description + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = make([]OriginsHeaderInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name *out = new(string) **out = **in } - if in.ExpectedBody != nil { - in, out := &in.ExpectedBody, &out.ExpectedBody - *out = new(string) + if in.Weight != nil { + in, out := &in.Weight, &out.Weight + *out = new(float64) **out = **in } - if in.ExpectedCodes != nil { - in, out := &in.ExpectedCodes, &out.ExpectedCodes +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginsInitParameters. +func (in *OriginsInitParameters) DeepCopy() *OriginsInitParameters { + if in == nil { + return nil + } + out := new(OriginsInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OriginsObservation) DeepCopyInto(out *OriginsObservation) { + *out = *in + if in.Address != nil { + in, out := &in.Address, &out.Address *out = new(string) **out = **in } - if in.FollowRedirects != nil { - in, out := &in.FollowRedirects, &out.FollowRedirects + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled *out = new(bool) **out = **in } if in.Header != nil { in, out := &in.Header, &out.Header - *out = make([]HeaderParameters, len(*in)) + *out = make([]OriginsHeaderObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.Interval != nil { - in, out := &in.Interval, &out.Interval - *out = new(float64) - **out = **in - } - if in.Method != nil { - in, out := &in.Method, &out.Method - *out = new(string) - **out = **in - } - if in.Path != nil { - in, out := &in.Path, &out.Path - *out = new(string) - **out = **in - } - if in.Port != nil { - in, out := &in.Port, &out.Port - *out = new(float64) - **out = **in - } - if in.ProbeZone != nil { - in, out := &in.ProbeZone, &out.ProbeZone + if in.Name != nil { + in, out := &in.Name, &out.Name *out = new(string) **out = **in } - if in.Retries != nil { - in, out := &in.Retries, &out.Retries - *out = new(float64) - **out = **in - } - if in.Timeout != nil { - in, out := &in.Timeout, &out.Timeout + if in.Weight != nil { + in, out := &in.Weight, &out.Weight *out = new(float64) **out = **in } - if in.Type != nil { - in, out := &in.Type, &out.Type - *out = new(string) - **out = **in - } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorParameters. -func (in *MonitorParameters) DeepCopy() *MonitorParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginsObservation. +func (in *OriginsObservation) DeepCopy() *OriginsObservation { if in == nil { return nil } - out := new(MonitorParameters) + out := new(OriginsObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MonitorSpec) DeepCopyInto(out *MonitorSpec) { +func (in *OriginsParameters) DeepCopyInto(out *OriginsParameters) { *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) + if in.Address != nil { + in, out := &in.Address, &out.Address + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = make([]OriginsHeaderParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Weight != nil { + in, out := &in.Weight, &out.Weight + *out = new(float64) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorSpec. -func (in *MonitorSpec) DeepCopy() *MonitorSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginsParameters. +func (in *OriginsParameters) DeepCopy() *OriginsParameters { if in == nil { return nil } - out := new(MonitorSpec) + out := new(OriginsParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MonitorStatus) DeepCopyInto(out *MonitorStatus) { +func (in *OverridesAdaptiveRoutingInitParameters) DeepCopyInto(out *OverridesAdaptiveRoutingInitParameters) { *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) + if in.FailoverAcrossPools != nil { + in, out := &in.FailoverAcrossPools, &out.FailoverAcrossPools + *out = new(bool) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorStatus. -func (in *MonitorStatus) DeepCopy() *MonitorStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesAdaptiveRoutingInitParameters. +func (in *OverridesAdaptiveRoutingInitParameters) DeepCopy() *OverridesAdaptiveRoutingInitParameters { if in == nil { return nil } - out := new(MonitorStatus) + out := new(OverridesAdaptiveRoutingInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OriginSteeringObservation) DeepCopyInto(out *OriginSteeringObservation) { +func (in *OverridesAdaptiveRoutingObservation) DeepCopyInto(out *OverridesAdaptiveRoutingObservation) { *out = *in + if in.FailoverAcrossPools != nil { + in, out := &in.FailoverAcrossPools, &out.FailoverAcrossPools + *out = new(bool) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginSteeringObservation. -func (in *OriginSteeringObservation) DeepCopy() *OriginSteeringObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesAdaptiveRoutingObservation. +func (in *OverridesAdaptiveRoutingObservation) DeepCopy() *OverridesAdaptiveRoutingObservation { if in == nil { return nil } - out := new(OriginSteeringObservation) + out := new(OverridesAdaptiveRoutingObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OriginSteeringParameters) DeepCopyInto(out *OriginSteeringParameters) { +func (in *OverridesAdaptiveRoutingParameters) DeepCopyInto(out *OverridesAdaptiveRoutingParameters) { *out = *in - if in.Policy != nil { - in, out := &in.Policy, &out.Policy - *out = new(string) + if in.FailoverAcrossPools != nil { + in, out := &in.FailoverAcrossPools, &out.FailoverAcrossPools + *out = new(bool) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginSteeringParameters. -func (in *OriginSteeringParameters) DeepCopy() *OriginSteeringParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesAdaptiveRoutingParameters. +func (in *OverridesAdaptiveRoutingParameters) DeepCopy() *OverridesAdaptiveRoutingParameters { if in == nil { return nil } - out := new(OriginSteeringParameters) + out := new(OverridesAdaptiveRoutingParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OriginsHeaderObservation) DeepCopyInto(out *OriginsHeaderObservation) { +func (in *OverridesCountryPoolsInitParameters) DeepCopyInto(out *OverridesCountryPoolsInitParameters) { *out = *in + if in.Country != nil { + in, out := &in.Country, &out.Country + *out = new(string) + **out = **in + } + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginsHeaderObservation. -func (in *OriginsHeaderObservation) DeepCopy() *OriginsHeaderObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesCountryPoolsInitParameters. +func (in *OverridesCountryPoolsInitParameters) DeepCopy() *OverridesCountryPoolsInitParameters { if in == nil { return nil } - out := new(OriginsHeaderObservation) + out := new(OverridesCountryPoolsInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OriginsHeaderParameters) DeepCopyInto(out *OriginsHeaderParameters) { +func (in *OverridesCountryPoolsObservation) DeepCopyInto(out *OverridesCountryPoolsObservation) { *out = *in - if in.Header != nil { - in, out := &in.Header, &out.Header + if in.Country != nil { + in, out := &in.Country, &out.Country *out = new(string) **out = **in } - if in.Values != nil { - in, out := &in.Values, &out.Values + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -884,157 +1960,194 @@ func (in *OriginsHeaderParameters) DeepCopyInto(out *OriginsHeaderParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginsHeaderParameters. -func (in *OriginsHeaderParameters) DeepCopy() *OriginsHeaderParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesCountryPoolsObservation. +func (in *OverridesCountryPoolsObservation) DeepCopy() *OverridesCountryPoolsObservation { if in == nil { return nil } - out := new(OriginsHeaderParameters) + out := new(OverridesCountryPoolsObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OriginsObservation) DeepCopyInto(out *OriginsObservation) { +func (in *OverridesCountryPoolsParameters) DeepCopyInto(out *OverridesCountryPoolsParameters) { *out = *in + if in.Country != nil { + in, out := &in.Country, &out.Country + *out = new(string) + **out = **in + } + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginsObservation. -func (in *OriginsObservation) DeepCopy() *OriginsObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesCountryPoolsParameters. +func (in *OverridesCountryPoolsParameters) DeepCopy() *OverridesCountryPoolsParameters { if in == nil { return nil } - out := new(OriginsObservation) + out := new(OverridesCountryPoolsParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OriginsParameters) DeepCopyInto(out *OriginsParameters) { +func (in *OverridesInitParameters) DeepCopyInto(out *OverridesInitParameters) { *out = *in - if in.Address != nil { - in, out := &in.Address, &out.Address + if in.AdaptiveRouting != nil { + in, out := &in.AdaptiveRouting, &out.AdaptiveRouting + *out = make([]OverridesAdaptiveRoutingInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CountryPools != nil { + in, out := &in.CountryPools, &out.CountryPools + *out = make([]OverridesCountryPoolsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DefaultPools != nil { + in, out := &in.DefaultPools, &out.DefaultPools + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.FallbackPool != nil { + in, out := &in.FallbackPool, &out.FallbackPool + *out = new(string) + **out = **in + } + if in.LocationStrategy != nil { + in, out := &in.LocationStrategy, &out.LocationStrategy + *out = make([]OverridesLocationStrategyInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PopPools != nil { + in, out := &in.PopPools, &out.PopPools + *out = make([]OverridesPopPoolsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RandomSteering != nil { + in, out := &in.RandomSteering, &out.RandomSteering + *out = make([]OverridesRandomSteeringInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RegionPools != nil { + in, out := &in.RegionPools, &out.RegionPools + *out = make([]OverridesRegionPoolsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SessionAffinity != nil { + in, out := &in.SessionAffinity, &out.SessionAffinity *out = new(string) **out = **in } - if in.Enabled != nil { - in, out := &in.Enabled, &out.Enabled - *out = new(bool) + if in.SessionAffinityAttributes != nil { + in, out := &in.SessionAffinityAttributes, &out.SessionAffinityAttributes + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.SessionAffinityTTL != nil { + in, out := &in.SessionAffinityTTL, &out.SessionAffinityTTL + *out = new(float64) **out = **in } - if in.Header != nil { - in, out := &in.Header, &out.Header - *out = make([]OriginsHeaderParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Name != nil { - in, out := &in.Name, &out.Name + if in.SteeringPolicy != nil { + in, out := &in.SteeringPolicy, &out.SteeringPolicy *out = new(string) **out = **in } - if in.Weight != nil { - in, out := &in.Weight, &out.Weight + if in.TTL != nil { + in, out := &in.TTL, &out.TTL *out = new(float64) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginsParameters. -func (in *OriginsParameters) DeepCopy() *OriginsParameters { - if in == nil { - return nil - } - out := new(OriginsParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OverridesAdaptiveRoutingObservation) DeepCopyInto(out *OverridesAdaptiveRoutingObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesAdaptiveRoutingObservation. -func (in *OverridesAdaptiveRoutingObservation) DeepCopy() *OverridesAdaptiveRoutingObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesInitParameters. +func (in *OverridesInitParameters) DeepCopy() *OverridesInitParameters { if in == nil { return nil } - out := new(OverridesAdaptiveRoutingObservation) + out := new(OverridesInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OverridesAdaptiveRoutingParameters) DeepCopyInto(out *OverridesAdaptiveRoutingParameters) { +func (in *OverridesLocationStrategyInitParameters) DeepCopyInto(out *OverridesLocationStrategyInitParameters) { *out = *in - if in.FailoverAcrossPools != nil { - in, out := &in.FailoverAcrossPools, &out.FailoverAcrossPools - *out = new(bool) + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesAdaptiveRoutingParameters. -func (in *OverridesAdaptiveRoutingParameters) DeepCopy() *OverridesAdaptiveRoutingParameters { - if in == nil { - return nil + if in.PreferEcs != nil { + in, out := &in.PreferEcs, &out.PreferEcs + *out = new(string) + **out = **in } - out := new(OverridesAdaptiveRoutingParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OverridesCountryPoolsObservation) DeepCopyInto(out *OverridesCountryPoolsObservation) { - *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesCountryPoolsObservation. -func (in *OverridesCountryPoolsObservation) DeepCopy() *OverridesCountryPoolsObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesLocationStrategyInitParameters. +func (in *OverridesLocationStrategyInitParameters) DeepCopy() *OverridesLocationStrategyInitParameters { if in == nil { return nil } - out := new(OverridesCountryPoolsObservation) + out := new(OverridesLocationStrategyInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OverridesCountryPoolsParameters) DeepCopyInto(out *OverridesCountryPoolsParameters) { +func (in *OverridesLocationStrategyObservation) DeepCopyInto(out *OverridesLocationStrategyObservation) { *out = *in - if in.Country != nil { - in, out := &in.Country, &out.Country + if in.Mode != nil { + in, out := &in.Mode, &out.Mode *out = new(string) **out = **in } - if in.PoolIds != nil { - in, out := &in.PoolIds, &out.PoolIds - *out = make([]*string, len(*in)) - for i := range *in { - if (*in)[i] != nil { - in, out := &(*in)[i], &(*out)[i] - *out = new(string) - **out = **in - } - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesCountryPoolsParameters. -func (in *OverridesCountryPoolsParameters) DeepCopy() *OverridesCountryPoolsParameters { - if in == nil { - return nil + if in.PreferEcs != nil { + in, out := &in.PreferEcs, &out.PreferEcs + *out = new(string) + **out = **in } - out := new(OverridesCountryPoolsParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OverridesLocationStrategyObservation) DeepCopyInto(out *OverridesLocationStrategyObservation) { - *out = *in } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesLocationStrategyObservation. @@ -1075,6 +2188,100 @@ func (in *OverridesLocationStrategyParameters) DeepCopy() *OverridesLocationStra // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OverridesObservation) DeepCopyInto(out *OverridesObservation) { *out = *in + if in.AdaptiveRouting != nil { + in, out := &in.AdaptiveRouting, &out.AdaptiveRouting + *out = make([]OverridesAdaptiveRoutingObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CountryPools != nil { + in, out := &in.CountryPools, &out.CountryPools + *out = make([]OverridesCountryPoolsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DefaultPools != nil { + in, out := &in.DefaultPools, &out.DefaultPools + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.FallbackPool != nil { + in, out := &in.FallbackPool, &out.FallbackPool + *out = new(string) + **out = **in + } + if in.LocationStrategy != nil { + in, out := &in.LocationStrategy, &out.LocationStrategy + *out = make([]OverridesLocationStrategyObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PopPools != nil { + in, out := &in.PopPools, &out.PopPools + *out = make([]OverridesPopPoolsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RandomSteering != nil { + in, out := &in.RandomSteering, &out.RandomSteering + *out = make([]OverridesRandomSteeringObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RegionPools != nil { + in, out := &in.RegionPools, &out.RegionPools + *out = make([]OverridesRegionPoolsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SessionAffinity != nil { + in, out := &in.SessionAffinity, &out.SessionAffinity + *out = new(string) + **out = **in + } + if in.SessionAffinityAttributes != nil { + in, out := &in.SessionAffinityAttributes, &out.SessionAffinityAttributes + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.SessionAffinityTTL != nil { + in, out := &in.SessionAffinityTTL, &out.SessionAffinityTTL + *out = new(float64) + **out = **in + } + if in.SteeringPolicy != nil { + in, out := &in.SteeringPolicy, &out.SteeringPolicy + *out = new(string) + **out = **in + } + if in.TTL != nil { + in, out := &in.TTL, &out.TTL + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesObservation. @@ -1161,7 +2368,8 @@ func (in *OverridesParameters) DeepCopyInto(out *OverridesParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -1195,9 +2403,56 @@ func (in *OverridesParameters) DeepCopy() *OverridesParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OverridesPopPoolsInitParameters) DeepCopyInto(out *OverridesPopPoolsInitParameters) { + *out = *in + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Pop != nil { + in, out := &in.Pop, &out.Pop + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesPopPoolsInitParameters. +func (in *OverridesPopPoolsInitParameters) DeepCopy() *OverridesPopPoolsInitParameters { + if in == nil { + return nil + } + out := new(OverridesPopPoolsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OverridesPopPoolsObservation) DeepCopyInto(out *OverridesPopPoolsObservation) { *out = *in + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Pop != nil { + in, out := &in.Pop, &out.Pop + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesPopPoolsObservation. @@ -1224,19 +2479,55 @@ func (in *OverridesPopPoolsParameters) DeepCopyInto(out *OverridesPopPoolsParame } } } - if in.Pop != nil { - in, out := &in.Pop, &out.Pop - *out = new(string) - **out = **in - } + if in.Pop != nil { + in, out := &in.Pop, &out.Pop + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesPopPoolsParameters. +func (in *OverridesPopPoolsParameters) DeepCopy() *OverridesPopPoolsParameters { + if in == nil { + return nil + } + out := new(OverridesPopPoolsParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OverridesRandomSteeringInitParameters) DeepCopyInto(out *OverridesRandomSteeringInitParameters) { + *out = *in + if in.DefaultWeight != nil { + in, out := &in.DefaultWeight, &out.DefaultWeight + *out = new(float64) + **out = **in + } + if in.PoolWeights != nil { + in, out := &in.PoolWeights, &out.PoolWeights + *out = make(map[string]*float64, len(*in)) + for key, val := range *in { + var outVal *float64 + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(float64) + **out = **in + } + (*out)[key] = outVal + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesPopPoolsParameters. -func (in *OverridesPopPoolsParameters) DeepCopy() *OverridesPopPoolsParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesRandomSteeringInitParameters. +func (in *OverridesRandomSteeringInitParameters) DeepCopy() *OverridesRandomSteeringInitParameters { if in == nil { return nil } - out := new(OverridesPopPoolsParameters) + out := new(OverridesRandomSteeringInitParameters) in.DeepCopyInto(out) return out } @@ -1244,6 +2535,27 @@ func (in *OverridesPopPoolsParameters) DeepCopy() *OverridesPopPoolsParameters { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OverridesRandomSteeringObservation) DeepCopyInto(out *OverridesRandomSteeringObservation) { *out = *in + if in.DefaultWeight != nil { + in, out := &in.DefaultWeight, &out.DefaultWeight + *out = new(float64) + **out = **in + } + if in.PoolWeights != nil { + in, out := &in.PoolWeights, &out.PoolWeights + *out = make(map[string]*float64, len(*in)) + for key, val := range *in { + var outVal *float64 + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(float64) + **out = **in + } + (*out)[key] = outVal + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesRandomSteeringObservation. @@ -1272,7 +2584,8 @@ func (in *OverridesRandomSteeringParameters) DeepCopyInto(out *OverridesRandomSt if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(float64) **out = **in } @@ -1291,9 +2604,56 @@ func (in *OverridesRandomSteeringParameters) DeepCopy() *OverridesRandomSteering return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OverridesRegionPoolsInitParameters) DeepCopyInto(out *OverridesRegionPoolsInitParameters) { + *out = *in + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Region != nil { + in, out := &in.Region, &out.Region + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesRegionPoolsInitParameters. +func (in *OverridesRegionPoolsInitParameters) DeepCopy() *OverridesRegionPoolsInitParameters { + if in == nil { + return nil + } + out := new(OverridesRegionPoolsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OverridesRegionPoolsObservation) DeepCopyInto(out *OverridesRegionPoolsObservation) { *out = *in + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Region != nil { + in, out := &in.Region, &out.Region + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesRegionPoolsObservation. @@ -1364,6 +2724,118 @@ func (in *Pool) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PoolInitParameters) DeepCopyInto(out *PoolInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.CheckRegions != nil { + in, out := &in.CheckRegions, &out.CheckRegions + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Latitude != nil { + in, out := &in.Latitude, &out.Latitude + *out = new(float64) + **out = **in + } + if in.LoadShedding != nil { + in, out := &in.LoadShedding, &out.LoadShedding + *out = make([]LoadSheddingInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Longitude != nil { + in, out := &in.Longitude, &out.Longitude + *out = new(float64) + **out = **in + } + if in.MinimumOrigins != nil { + in, out := &in.MinimumOrigins, &out.MinimumOrigins + *out = new(float64) + **out = **in + } + if in.Monitor != nil { + in, out := &in.Monitor, &out.Monitor + *out = new(string) + **out = **in + } + if in.MonitorRef != nil { + in, out := &in.MonitorRef, &out.MonitorRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.MonitorSelector != nil { + in, out := &in.MonitorSelector, &out.MonitorSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.NotificationEmail != nil { + in, out := &in.NotificationEmail, &out.NotificationEmail + *out = new(string) + **out = **in + } + if in.OriginSteering != nil { + in, out := &in.OriginSteering, &out.OriginSteering + *out = make([]OriginSteeringInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Origins != nil { + in, out := &in.Origins, &out.Origins + *out = make([]OriginsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PoolInitParameters. +func (in *PoolInitParameters) DeepCopy() *PoolInitParameters { + if in == nil { + return nil + } + out := new(PoolInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PoolList) DeepCopyInto(out *PoolList) { *out = *in @@ -1399,21 +2871,98 @@ func (in *PoolList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PoolObservation) DeepCopyInto(out *PoolObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.CheckRegions != nil { + in, out := &in.CheckRegions, &out.CheckRegions + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } if in.CreatedOn != nil { in, out := &in.CreatedOn, &out.CreatedOn *out = new(string) **out = **in } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Latitude != nil { + in, out := &in.Latitude, &out.Latitude + *out = new(float64) + **out = **in + } + if in.LoadShedding != nil { + in, out := &in.LoadShedding, &out.LoadShedding + *out = make([]LoadSheddingObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Longitude != nil { + in, out := &in.Longitude, &out.Longitude + *out = new(float64) + **out = **in + } + if in.MinimumOrigins != nil { + in, out := &in.MinimumOrigins, &out.MinimumOrigins + *out = new(float64) + **out = **in + } if in.ModifiedOn != nil { in, out := &in.ModifiedOn, &out.ModifiedOn *out = new(string) **out = **in } + if in.Monitor != nil { + in, out := &in.Monitor, &out.Monitor + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.NotificationEmail != nil { + in, out := &in.NotificationEmail, &out.NotificationEmail + *out = new(string) + **out = **in + } + if in.OriginSteering != nil { + in, out := &in.OriginSteering, &out.OriginSteering + *out = make([]OriginSteeringObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Origins != nil { + in, out := &in.Origins, &out.Origins + *out = make([]OriginsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PoolObservation. @@ -1543,6 +3092,7 @@ func (in *PoolSpec) DeepCopyInto(out *PoolSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PoolSpec. @@ -1572,9 +3122,68 @@ func (in *PoolStatus) DeepCopy() *PoolStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PopPoolsInitParameters) DeepCopyInto(out *PopPoolsInitParameters) { + *out = *in + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PoolIdsRefs != nil { + in, out := &in.PoolIdsRefs, &out.PoolIdsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PoolIdsSelector != nil { + in, out := &in.PoolIdsSelector, &out.PoolIdsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Pop != nil { + in, out := &in.Pop, &out.Pop + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PopPoolsInitParameters. +func (in *PopPoolsInitParameters) DeepCopy() *PopPoolsInitParameters { + if in == nil { + return nil + } + out := new(PopPoolsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PopPoolsObservation) DeepCopyInto(out *PopPoolsObservation) { *out = *in + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Pop != nil { + in, out := &in.Pop, &out.Pop + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PopPoolsObservation. @@ -1630,9 +3239,66 @@ func (in *PopPoolsParameters) DeepCopy() *PopPoolsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RandomSteeringInitParameters) DeepCopyInto(out *RandomSteeringInitParameters) { + *out = *in + if in.DefaultWeight != nil { + in, out := &in.DefaultWeight, &out.DefaultWeight + *out = new(float64) + **out = **in + } + if in.PoolWeights != nil { + in, out := &in.PoolWeights, &out.PoolWeights + *out = make(map[string]*float64, len(*in)) + for key, val := range *in { + var outVal *float64 + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(float64) + **out = **in + } + (*out)[key] = outVal + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RandomSteeringInitParameters. +func (in *RandomSteeringInitParameters) DeepCopy() *RandomSteeringInitParameters { + if in == nil { + return nil + } + out := new(RandomSteeringInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RandomSteeringObservation) DeepCopyInto(out *RandomSteeringObservation) { *out = *in + if in.DefaultWeight != nil { + in, out := &in.DefaultWeight, &out.DefaultWeight + *out = new(float64) + **out = **in + } + if in.PoolWeights != nil { + in, out := &in.PoolWeights, &out.PoolWeights + *out = make(map[string]*float64, len(*in)) + for key, val := range *in { + var outVal *float64 + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(float64) + **out = **in + } + (*out)[key] = outVal + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RandomSteeringObservation. @@ -1661,7 +3327,8 @@ func (in *RandomSteeringParameters) DeepCopyInto(out *RandomSteeringParameters) if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(float64) **out = **in } @@ -1680,9 +3347,68 @@ func (in *RandomSteeringParameters) DeepCopy() *RandomSteeringParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RegionPoolsInitParameters) DeepCopyInto(out *RegionPoolsInitParameters) { + *out = *in + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PoolIdsRefs != nil { + in, out := &in.PoolIdsRefs, &out.PoolIdsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PoolIdsSelector != nil { + in, out := &in.PoolIdsSelector, &out.PoolIdsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Region != nil { + in, out := &in.Region, &out.Region + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RegionPoolsInitParameters. +func (in *RegionPoolsInitParameters) DeepCopy() *RegionPoolsInitParameters { + if in == nil { + return nil + } + out := new(RegionPoolsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RegionPoolsObservation) DeepCopyInto(out *RegionPoolsObservation) { *out = *in + if in.PoolIds != nil { + in, out := &in.PoolIds, &out.PoolIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Region != nil { + in, out := &in.Region, &out.Region + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RegionPoolsObservation. @@ -1738,9 +3464,102 @@ func (in *RegionPoolsParameters) DeepCopy() *RegionPoolsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RulesInitParameters) DeepCopyInto(out *RulesInitParameters) { + *out = *in + if in.Condition != nil { + in, out := &in.Condition, &out.Condition + *out = new(string) + **out = **in + } + if in.Disabled != nil { + in, out := &in.Disabled, &out.Disabled + *out = new(bool) + **out = **in + } + if in.FixedResponse != nil { + in, out := &in.FixedResponse, &out.FixedResponse + *out = make([]FixedResponseInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Overrides != nil { + in, out := &in.Overrides, &out.Overrides + *out = make([]OverridesInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.Terminates != nil { + in, out := &in.Terminates, &out.Terminates + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesInitParameters. +func (in *RulesInitParameters) DeepCopy() *RulesInitParameters { + if in == nil { + return nil + } + out := new(RulesInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RulesObservation) DeepCopyInto(out *RulesObservation) { *out = *in + if in.Condition != nil { + in, out := &in.Condition, &out.Condition + *out = new(string) + **out = **in + } + if in.Disabled != nil { + in, out := &in.Disabled, &out.Disabled + *out = new(bool) + **out = **in + } + if in.FixedResponse != nil { + in, out := &in.FixedResponse, &out.FixedResponse + *out = make([]FixedResponseObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Overrides != nil { + in, out := &in.Overrides, &out.Overrides + *out = make([]OverridesObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.Terminates != nil { + in, out := &in.Terminates, &out.Terminates + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesObservation. diff --git a/apis/loadbalancer/v1alpha1/zz_generated.managed.go b/apis/loadbalancer/v1alpha1/zz_generated.managed.go index 909c4e1..795bbf9 100644 --- a/apis/loadbalancer/v1alpha1/zz_generated.managed.go +++ b/apis/loadbalancer/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *LoadBalancer) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this LoadBalancer. +func (mg *LoadBalancer) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this LoadBalancer. func (mg *LoadBalancer) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this LoadBalancer. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *LoadBalancer) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this LoadBalancer. func (mg *LoadBalancer) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *LoadBalancer) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this LoadBalancer. +func (mg *LoadBalancer) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this LoadBalancer. func (mg *LoadBalancer) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this LoadBalancer. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *LoadBalancer) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this LoadBalancer. func (mg *LoadBalancer) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *Monitor) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Monitor. +func (mg *Monitor) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Monitor. func (mg *Monitor) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Monitor. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Monitor) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Monitor. func (mg *Monitor) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *Monitor) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Monitor. +func (mg *Monitor) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Monitor. func (mg *Monitor) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Monitor. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Monitor) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Monitor. func (mg *Monitor) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -149,19 +137,16 @@ func (mg *Pool) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Pool. +func (mg *Pool) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Pool. func (mg *Pool) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Pool. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Pool) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Pool. func (mg *Pool) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -182,19 +167,16 @@ func (mg *Pool) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Pool. +func (mg *Pool) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Pool. func (mg *Pool) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Pool. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Pool) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Pool. func (mg *Pool) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/loadbalancer/v1alpha1/zz_generated.resolvers.go b/apis/loadbalancer/v1alpha1/zz_generated.resolvers.go index d1864b7..4acc0a3 100644 --- a/apis/loadbalancer/v1alpha1/zz_generated.resolvers.go +++ b/apis/loadbalancer/v1alpha1/zz_generated.resolvers.go @@ -124,6 +124,108 @@ func (mg *LoadBalancer) ResolveReferences(ctx context.Context, c client.Reader) mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + for i3 := 0; i3 < len(mg.Spec.InitProvider.CountryPools); i3++ { + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.CountryPools[i3].PoolIds), + Extract: reference.ExternalName(), + References: mg.Spec.InitProvider.CountryPools[i3].PoolIdsRefs, + Selector: mg.Spec.InitProvider.CountryPools[i3].PoolIdsSelector, + To: reference.To{ + List: &PoolList{}, + Managed: &Pool{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.CountryPools[i3].PoolIds") + } + mg.Spec.InitProvider.CountryPools[i3].PoolIds = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.CountryPools[i3].PoolIdsRefs = mrsp.ResolvedReferences + + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.DefaultPoolIds), + Extract: reference.ExternalName(), + References: mg.Spec.InitProvider.DefaultPoolIdsRefs, + Selector: mg.Spec.InitProvider.DefaultPoolIdsSelector, + To: reference.To{ + List: &PoolList{}, + Managed: &Pool{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.DefaultPoolIds") + } + mg.Spec.InitProvider.DefaultPoolIds = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.DefaultPoolIdsRefs = mrsp.ResolvedReferences + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.FallbackPoolID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.FallbackPoolIDRef, + Selector: mg.Spec.InitProvider.FallbackPoolIDSelector, + To: reference.To{ + List: &PoolList{}, + Managed: &Pool{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.FallbackPoolID") + } + mg.Spec.InitProvider.FallbackPoolID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.FallbackPoolIDRef = rsp.ResolvedReference + + for i3 := 0; i3 < len(mg.Spec.InitProvider.PopPools); i3++ { + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.PopPools[i3].PoolIds), + Extract: reference.ExternalName(), + References: mg.Spec.InitProvider.PopPools[i3].PoolIdsRefs, + Selector: mg.Spec.InitProvider.PopPools[i3].PoolIdsSelector, + To: reference.To{ + List: &PoolList{}, + Managed: &Pool{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.PopPools[i3].PoolIds") + } + mg.Spec.InitProvider.PopPools[i3].PoolIds = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.PopPools[i3].PoolIdsRefs = mrsp.ResolvedReferences + + } + for i3 := 0; i3 < len(mg.Spec.InitProvider.RegionPools); i3++ { + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.RegionPools[i3].PoolIds), + Extract: reference.ExternalName(), + References: mg.Spec.InitProvider.RegionPools[i3].PoolIdsRefs, + Selector: mg.Spec.InitProvider.RegionPools[i3].PoolIdsSelector, + To: reference.To{ + List: &PoolList{}, + Managed: &Pool{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.RegionPools[i3].PoolIds") + } + mg.Spec.InitProvider.RegionPools[i3].PoolIds = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.RegionPools[i3].PoolIdsRefs = mrsp.ResolvedReferences + + } + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -150,6 +252,22 @@ func (mg *Monitor) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha11.AccountList{}, + Managed: &v1alpha11.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -192,5 +310,37 @@ func (mg *Pool) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.Monitor = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.MonitorRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha11.AccountList{}, + Managed: &v1alpha11.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.Monitor), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.MonitorRef, + Selector: mg.Spec.InitProvider.MonitorSelector, + To: reference.To{ + List: &MonitorList{}, + Managed: &Monitor{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Monitor") + } + mg.Spec.InitProvider.Monitor = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.MonitorRef = rsp.ResolvedReference + return nil } diff --git a/apis/loadbalancer/v1alpha1/zz_generated_terraformed.go b/apis/loadbalancer/v1alpha1/zz_generated_terraformed.go deleted file mode 100755 index 6157ea2..0000000 --- a/apis/loadbalancer/v1alpha1/zz_generated_terraformed.go +++ /dev/null @@ -1,236 +0,0 @@ -/* -Copyright 2022 Upbound Inc. -*/ - -// Code generated by upjet. DO NOT EDIT. - -package v1alpha1 - -import ( - "github.com/pkg/errors" - - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" -) - -// GetTerraformResourceType returns Terraform resource type for this LoadBalancer -func (mg *LoadBalancer) GetTerraformResourceType() string { - return "cloudflare_load_balancer" -} - -// GetConnectionDetailsMapping for this LoadBalancer -func (tr *LoadBalancer) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this LoadBalancer -func (tr *LoadBalancer) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this LoadBalancer -func (tr *LoadBalancer) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this LoadBalancer -func (tr *LoadBalancer) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this LoadBalancer -func (tr *LoadBalancer) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this LoadBalancer -func (tr *LoadBalancer) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this LoadBalancer using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *LoadBalancer) LateInitialize(attrs []byte) (bool, error) { - params := &LoadBalancerParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *LoadBalancer) GetTerraformSchemaVersion() int { - return 1 -} - -// GetTerraformResourceType returns Terraform resource type for this Monitor -func (mg *Monitor) GetTerraformResourceType() string { - return "cloudflare_load_balancer_monitor" -} - -// GetConnectionDetailsMapping for this Monitor -func (tr *Monitor) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Monitor -func (tr *Monitor) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Monitor -func (tr *Monitor) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Monitor -func (tr *Monitor) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Monitor -func (tr *Monitor) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Monitor -func (tr *Monitor) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Monitor using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Monitor) LateInitialize(attrs []byte) (bool, error) { - params := &MonitorParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Monitor) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Pool -func (mg *Pool) GetTerraformResourceType() string { - return "cloudflare_load_balancer_pool" -} - -// GetConnectionDetailsMapping for this Pool -func (tr *Pool) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Pool -func (tr *Pool) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Pool -func (tr *Pool) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Pool -func (tr *Pool) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Pool -func (tr *Pool) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Pool -func (tr *Pool) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Pool using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Pool) LateInitialize(attrs []byte) (bool, error) { - params := &PoolParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Pool) GetTerraformSchemaVersion() int { - return 0 -} diff --git a/apis/loadbalancer/v1alpha1/zz_groupversion_info.go b/apis/loadbalancer/v1alpha1/zz_groupversion_info.go index 351784c..e53e39b 100755 --- a/apis/loadbalancer/v1alpha1/zz_groupversion_info.go +++ b/apis/loadbalancer/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/loadbalancer/v1alpha1/zz_loadbalancer_terraformed.go b/apis/loadbalancer/v1alpha1/zz_loadbalancer_terraformed.go new file mode 100755 index 0000000..c145677 --- /dev/null +++ b/apis/loadbalancer/v1alpha1/zz_loadbalancer_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this LoadBalancer +func (mg *LoadBalancer) GetTerraformResourceType() string { + return "cloudflare_load_balancer" +} + +// GetConnectionDetailsMapping for this LoadBalancer +func (tr *LoadBalancer) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this LoadBalancer +func (tr *LoadBalancer) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this LoadBalancer +func (tr *LoadBalancer) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this LoadBalancer +func (tr *LoadBalancer) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this LoadBalancer +func (tr *LoadBalancer) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this LoadBalancer +func (tr *LoadBalancer) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this LoadBalancer +func (tr *LoadBalancer) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this LoadBalancer +func (tr *LoadBalancer) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this LoadBalancer using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *LoadBalancer) LateInitialize(attrs []byte) (bool, error) { + params := &LoadBalancerParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *LoadBalancer) GetTerraformSchemaVersion() int { + return 1 +} diff --git a/apis/loadbalancer/v1alpha1/zz_loadbalancer_types.go b/apis/loadbalancer/v1alpha1/zz_loadbalancer_types.go index e863875..a0c56d6 100755 --- a/apis/loadbalancer/v1alpha1/zz_loadbalancer_types.go +++ b/apis/loadbalancer/v1alpha1/zz_loadbalancer_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,25 +17,67 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type AdaptiveRoutingInitParameters struct { + + // downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. + // Extends zero-downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set `false`, zero-downtime failover will only occur between origins within the same pool. Defaults to `false`. + FailoverAcrossPools *bool `json:"failoverAcrossPools,omitempty" tf:"failover_across_pools,omitempty"` +} + type AdaptiveRoutingObservation struct { + + // downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. + // Extends zero-downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set `false`, zero-downtime failover will only occur between origins within the same pool. Defaults to `false`. + FailoverAcrossPools *bool `json:"failoverAcrossPools,omitempty" tf:"failover_across_pools,omitempty"` } type AdaptiveRoutingParameters struct { + // downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. // Extends zero-downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set `false`, zero-downtime failover will only occur between origins within the same pool. Defaults to `false`. // +kubebuilder:validation:Optional FailoverAcrossPools *bool `json:"failoverAcrossPools,omitempty" tf:"failover_across_pools,omitempty"` } +type CountryPoolsInitParameters struct { + + // (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. + // A country code which can be determined with the Load Balancing Regions API described [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/). Multiple entries should not be specified with the same country. + Country *string `json:"country,omitempty" tf:"country,omitempty"` + + // (List of String) A list of pool IDs in failover priority to use in the given country. + // A list of pool IDs in failover priority to use in the given country. + // +crossplane:generate:reference:type=Pool + PoolIds []*string `json:"poolIds,omitempty" tf:"pool_ids,omitempty"` + + // References to Pool to populate poolIds. + // +kubebuilder:validation:Optional + PoolIdsRefs []v1.Reference `json:"poolIdsRefs,omitempty" tf:"-"` + + // Selector for a list of Pool to populate poolIds. + // +kubebuilder:validation:Optional + PoolIdsSelector *v1.Selector `json:"poolIdsSelector,omitempty" tf:"-"` +} + type CountryPoolsObservation struct { + + // (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. + // A country code which can be determined with the Load Balancing Regions API described [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/). Multiple entries should not be specified with the same country. + Country *string `json:"country,omitempty" tf:"country,omitempty"` + + // (List of String) A list of pool IDs in failover priority to use in the given country. + // A list of pool IDs in failover priority to use in the given country. + PoolIds []*string `json:"poolIds,omitempty" tf:"pool_ids,omitempty"` } type CountryPoolsParameters struct { + // (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. // A country code which can be determined with the Load Balancing Regions API described [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/). Multiple entries should not be specified with the same country. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Country *string `json:"country" tf:"country,omitempty"` + // (List of String) A list of pool IDs in failover priority to use in the given country. // A list of pool IDs in failover priority to use in the given country. // +crossplane:generate:reference:type=Pool // +kubebuilder:validation:Optional @@ -46,49 +92,278 @@ type CountryPoolsParameters struct { PoolIdsSelector *v1.Selector `json:"poolIdsSelector,omitempty" tf:"-"` } +type FixedResponseInitParameters struct { + + // type header for this fixed response. + // The value of the HTTP context-type header for this fixed response. + ContentType *string `json:"contentType,omitempty" tf:"content_type,omitempty"` + + // (String) The value of the HTTP location header for this fixed response. + // The value of the HTTP location header for this fixed response. + Location *string `json:"location,omitempty" tf:"location,omitempty"` + + // (String) The text used as the html body for this fixed response. + // The text used as the html body for this fixed response. + MessageBody *string `json:"messageBody,omitempty" tf:"message_body,omitempty"` + + // (Number) The HTTP status code used for this fixed response. + // The HTTP status code used for this fixed response. + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` +} + type FixedResponseObservation struct { + + // type header for this fixed response. + // The value of the HTTP context-type header for this fixed response. + ContentType *string `json:"contentType,omitempty" tf:"content_type,omitempty"` + + // (String) The value of the HTTP location header for this fixed response. + // The value of the HTTP location header for this fixed response. + Location *string `json:"location,omitempty" tf:"location,omitempty"` + + // (String) The text used as the html body for this fixed response. + // The text used as the html body for this fixed response. + MessageBody *string `json:"messageBody,omitempty" tf:"message_body,omitempty"` + + // (Number) The HTTP status code used for this fixed response. + // The HTTP status code used for this fixed response. + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` } type FixedResponseParameters struct { + // type header for this fixed response. // The value of the HTTP context-type header for this fixed response. // +kubebuilder:validation:Optional ContentType *string `json:"contentType,omitempty" tf:"content_type,omitempty"` + // (String) The value of the HTTP location header for this fixed response. // The value of the HTTP location header for this fixed response. // +kubebuilder:validation:Optional Location *string `json:"location,omitempty" tf:"location,omitempty"` + // (String) The text used as the html body for this fixed response. // The text used as the html body for this fixed response. // +kubebuilder:validation:Optional MessageBody *string `json:"messageBody,omitempty" tf:"message_body,omitempty"` + // (Number) The HTTP status code used for this fixed response. // The HTTP status code used for this fixed response. // +kubebuilder:validation:Optional StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` } +type LoadBalancerInitParameters struct { + + // (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) + // Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. + AdaptiveRouting []AdaptiveRoutingInitParameters `json:"adaptiveRouting,omitempty" tf:"adaptive_routing,omitempty"` + + // (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) + // A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. + CountryPools []CountryPoolsInitParameters `json:"countryPools,omitempty" tf:"country_pools,omitempty"` + + // (List of String) A list of pool IDs ordered by their failover priority. Used whenever pop_pools/country_pools/region_pools are not defined. + // A list of pool IDs ordered by their failover priority. Used whenever [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) are not defined. + // +crossplane:generate:reference:type=Pool + DefaultPoolIds []*string `json:"defaultPoolIds,omitempty" tf:"default_pool_ids,omitempty"` + + // References to Pool to populate defaultPoolIds. + // +kubebuilder:validation:Optional + DefaultPoolIdsRefs []v1.Reference `json:"defaultPoolIdsRefs,omitempty" tf:"-"` + + // Selector for a list of Pool to populate defaultPoolIds. + // +kubebuilder:validation:Optional + DefaultPoolIdsSelector *v1.Selector `json:"defaultPoolIdsSelector,omitempty" tf:"-"` + + // (String) Free text description. + // Free text description. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Boolean) Enable or disable the load balancer. Defaults to true. + // Enable or disable the load balancer. Defaults to `true`. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The pool ID to use when all other pools are detected as unhealthy. + // The pool ID to use when all other pools are detected as unhealthy. + // +crossplane:generate:reference:type=Pool + FallbackPoolID *string `json:"fallbackPoolId,omitempty" tf:"fallback_pool_id,omitempty"` + + // Reference to a Pool to populate fallbackPoolId. + // +kubebuilder:validation:Optional + FallbackPoolIDRef *v1.Reference `json:"fallbackPoolIdRef,omitempty" tf:"-"` + + // Selector for a Pool to populate fallbackPoolId. + // +kubebuilder:validation:Optional + FallbackPoolIDSelector *v1.Selector `json:"fallbackPoolIdSelector,omitempty" tf:"-"` + + // based steering for non-proxied requests. (see below for nested schema) + // Controls location-based steering for non-proxied requests. + LocationStrategy []LocationStrategyInitParameters `json:"locationStrategy,omitempty" tf:"location_strategy,omitempty"` + + // (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + // The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) + // A set containing mappings of Cloudflare Point-of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. + PopPools []PopPoolsInitParameters `json:"popPools,omitempty" tf:"pop_pools,omitempty"` + + // (Boolean) Whether the hostname gets Cloudflare's origin protection. Defaults to false. Conflicts with ttl. + // Whether the hostname gets Cloudflare's origin protection. Defaults to `false`. Conflicts with `ttl`. + Proxied *bool `json:"proxied,omitempty" tf:"proxied,omitempty"` + + // (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) + // Configures pool weights for random steering. When the [`steering_policy="random"`](#steering_policy), a random pool is selected with probability proportional to these pool weights. + RandomSteering []RandomSteeringInitParameters `json:"randomSteering,omitempty" tf:"random_steering,omitempty"` + + // (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) + // A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. + RegionPools []RegionPoolsInitParameters `json:"regionPools,omitempty" tf:"region_pools,omitempty"` + + // (Block List) A list of rules for this load balancer to execute. (see below for nested schema) + // A list of rules for this load balancer to execute. + Rules []RulesInitParameters `json:"rules,omitempty" tf:"rules,omitempty"` + + // (String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client's IP address. Available values: "", none, cookie, ip_cookie. Defaults to none. + // Specifies the type of session affinity the load balancer should use unless specified as `none` or `""` (default). With value `cookie`, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value `ip_cookie` behaves the same as `cookie` except the initial origin selection is stable and based on the client's IP address. Available values: `""`, `none`, `cookie`, `ip_cookie`. Defaults to `none`. + SessionAffinity *string `json:"sessionAffinity,omitempty" tf:"session_affinity,omitempty"` + + // (Map of String) See session_affinity_attributes. + // See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). + // +mapType=granular + SessionAffinityAttributes map[string]*string `json:"sessionAffinityAttributes,omitempty" tf:"session_affinity_attributes,omitempty"` + + // (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. + // Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of `82800` (23 hours) will be used unless [`session_affinity_ttl`](#session_affinity_ttl) is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between `1800` and `604800`. + SessionAffinityTTL *float64 `json:"sessionAffinityTtl,omitempty" tf:"session_affinity_ttl,omitempty"` + + // proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "". + // The method the load balancer uses to determine the route to your origin. Value `off` uses [`default_pool_ids`](#default_pool_ids). Value `geo` uses [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools). For non-proxied requests, the [`country`](#country) for [`country_pools`](#country_pools) is determined by [`location_strategy`](#location_strategy). Value `random` selects a pool randomly. Value `dynamic_latency` uses round trip time to select the closest pool in [`default_pool_ids`](#default_pool_ids) (requires pool health checks). Value `proximity` uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by [`location_strategy`](#location_strategy) for non-proxied requests. Value `""` maps to `geo` if you use [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) otherwise `off`. Available values: `off`, `geo`, `dynamic_latency`, `random`, `proximity`, `""` Defaults to `""`. + SteeringPolicy *string `json:"steeringPolicy,omitempty" tf:"steering_policy,omitempty"` + + // (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. + // Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to `30`. Conflicts with `proxied`. + TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` + + // (String) The zone ID to add the load balancer to. Modifying this attribute will force creation of a new resource. + // The zone ID to add the load balancer to. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type LoadBalancerObservation struct { + // (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) + // Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. + AdaptiveRouting []AdaptiveRoutingObservation `json:"adaptiveRouting,omitempty" tf:"adaptive_routing,omitempty"` + + // (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) + // A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. + CountryPools []CountryPoolsObservation `json:"countryPools,omitempty" tf:"country_pools,omitempty"` + + // (String) The RFC3339 timestamp of when the load balancer was created. // The RFC3339 timestamp of when the load balancer was created. CreatedOn *string `json:"createdOn,omitempty" tf:"created_on,omitempty"` + // (List of String) A list of pool IDs ordered by their failover priority. Used whenever pop_pools/country_pools/region_pools are not defined. + // A list of pool IDs ordered by their failover priority. Used whenever [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) are not defined. + DefaultPoolIds []*string `json:"defaultPoolIds,omitempty" tf:"default_pool_ids,omitempty"` + + // (String) Free text description. + // Free text description. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Boolean) Enable or disable the load balancer. Defaults to true. + // Enable or disable the load balancer. Defaults to `true`. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The pool ID to use when all other pools are detected as unhealthy. + // The pool ID to use when all other pools are detected as unhealthy. + FallbackPoolID *string `json:"fallbackPoolId,omitempty" tf:"fallback_pool_id,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // based steering for non-proxied requests. (see below for nested schema) + // Controls location-based steering for non-proxied requests. + LocationStrategy []LocationStrategyObservation `json:"locationStrategy,omitempty" tf:"location_strategy,omitempty"` + + // (String) The RFC3339 timestamp of when the load balancer was last modified. // The RFC3339 timestamp of when the load balancer was last modified. ModifiedOn *string `json:"modifiedOn,omitempty" tf:"modified_on,omitempty"` + + // (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + // The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) + // A set containing mappings of Cloudflare Point-of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. + PopPools []PopPoolsObservation `json:"popPools,omitempty" tf:"pop_pools,omitempty"` + + // (Boolean) Whether the hostname gets Cloudflare's origin protection. Defaults to false. Conflicts with ttl. + // Whether the hostname gets Cloudflare's origin protection. Defaults to `false`. Conflicts with `ttl`. + Proxied *bool `json:"proxied,omitempty" tf:"proxied,omitempty"` + + // (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) + // Configures pool weights for random steering. When the [`steering_policy="random"`](#steering_policy), a random pool is selected with probability proportional to these pool weights. + RandomSteering []RandomSteeringObservation `json:"randomSteering,omitempty" tf:"random_steering,omitempty"` + + // (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) + // A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. + RegionPools []RegionPoolsObservation `json:"regionPools,omitempty" tf:"region_pools,omitempty"` + + // (Block List) A list of rules for this load balancer to execute. (see below for nested schema) + // A list of rules for this load balancer to execute. + Rules []RulesObservation `json:"rules,omitempty" tf:"rules,omitempty"` + + // (String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client's IP address. Available values: "", none, cookie, ip_cookie. Defaults to none. + // Specifies the type of session affinity the load balancer should use unless specified as `none` or `""` (default). With value `cookie`, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value `ip_cookie` behaves the same as `cookie` except the initial origin selection is stable and based on the client's IP address. Available values: `""`, `none`, `cookie`, `ip_cookie`. Defaults to `none`. + SessionAffinity *string `json:"sessionAffinity,omitempty" tf:"session_affinity,omitempty"` + + // (Map of String) See session_affinity_attributes. + // See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). + // +mapType=granular + SessionAffinityAttributes map[string]*string `json:"sessionAffinityAttributes,omitempty" tf:"session_affinity_attributes,omitempty"` + + // (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. + // Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of `82800` (23 hours) will be used unless [`session_affinity_ttl`](#session_affinity_ttl) is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between `1800` and `604800`. + SessionAffinityTTL *float64 `json:"sessionAffinityTtl,omitempty" tf:"session_affinity_ttl,omitempty"` + + // proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "". + // The method the load balancer uses to determine the route to your origin. Value `off` uses [`default_pool_ids`](#default_pool_ids). Value `geo` uses [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools). For non-proxied requests, the [`country`](#country) for [`country_pools`](#country_pools) is determined by [`location_strategy`](#location_strategy). Value `random` selects a pool randomly. Value `dynamic_latency` uses round trip time to select the closest pool in [`default_pool_ids`](#default_pool_ids) (requires pool health checks). Value `proximity` uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by [`location_strategy`](#location_strategy) for non-proxied requests. Value `""` maps to `geo` if you use [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) otherwise `off`. Available values: `off`, `geo`, `dynamic_latency`, `random`, `proximity`, `""` Defaults to `""`. + SteeringPolicy *string `json:"steeringPolicy,omitempty" tf:"steering_policy,omitempty"` + + // (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. + // Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to `30`. Conflicts with `proxied`. + TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` + + // (String) The zone ID to add the load balancer to. Modifying this attribute will force creation of a new resource. + // The zone ID to add the load balancer to. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type LoadBalancerParameters struct { + // (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) // Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. // +kubebuilder:validation:Optional AdaptiveRouting []AdaptiveRoutingParameters `json:"adaptiveRouting,omitempty" tf:"adaptive_routing,omitempty"` + // (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) // A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. // +kubebuilder:validation:Optional CountryPools []CountryPoolsParameters `json:"countryPools,omitempty" tf:"country_pools,omitempty"` + // (List of String) A list of pool IDs ordered by their failover priority. Used whenever pop_pools/country_pools/region_pools are not defined. // A list of pool IDs ordered by their failover priority. Used whenever [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) are not defined. // +crossplane:generate:reference:type=Pool // +kubebuilder:validation:Optional @@ -102,14 +377,17 @@ type LoadBalancerParameters struct { // +kubebuilder:validation:Optional DefaultPoolIdsSelector *v1.Selector `json:"defaultPoolIdsSelector,omitempty" tf:"-"` + // (String) Free text description. // Free text description. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (Boolean) Enable or disable the load balancer. Defaults to true. // Enable or disable the load balancer. Defaults to `true`. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // (String) The pool ID to use when all other pools are detected as unhealthy. // The pool ID to use when all other pools are detected as unhealthy. // +crossplane:generate:reference:type=Pool // +kubebuilder:validation:Optional @@ -123,54 +401,68 @@ type LoadBalancerParameters struct { // +kubebuilder:validation:Optional FallbackPoolIDSelector *v1.Selector `json:"fallbackPoolIdSelector,omitempty" tf:"-"` + // based steering for non-proxied requests. (see below for nested schema) // Controls location-based steering for non-proxied requests. // +kubebuilder:validation:Optional LocationStrategy []LocationStrategyParameters `json:"locationStrategy,omitempty" tf:"location_strategy,omitempty"` + // (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. // The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) // A set containing mappings of Cloudflare Point-of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. // +kubebuilder:validation:Optional PopPools []PopPoolsParameters `json:"popPools,omitempty" tf:"pop_pools,omitempty"` + // (Boolean) Whether the hostname gets Cloudflare's origin protection. Defaults to false. Conflicts with ttl. // Whether the hostname gets Cloudflare's origin protection. Defaults to `false`. Conflicts with `ttl`. // +kubebuilder:validation:Optional Proxied *bool `json:"proxied,omitempty" tf:"proxied,omitempty"` + // (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) // Configures pool weights for random steering. When the [`steering_policy="random"`](#steering_policy), a random pool is selected with probability proportional to these pool weights. // +kubebuilder:validation:Optional RandomSteering []RandomSteeringParameters `json:"randomSteering,omitempty" tf:"random_steering,omitempty"` + // (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) // A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. // +kubebuilder:validation:Optional RegionPools []RegionPoolsParameters `json:"regionPools,omitempty" tf:"region_pools,omitempty"` + // (Block List) A list of rules for this load balancer to execute. (see below for nested schema) // A list of rules for this load balancer to execute. // +kubebuilder:validation:Optional Rules []RulesParameters `json:"rules,omitempty" tf:"rules,omitempty"` + // (String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client's IP address. Available values: "", none, cookie, ip_cookie. Defaults to none. // Specifies the type of session affinity the load balancer should use unless specified as `none` or `""` (default). With value `cookie`, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value `ip_cookie` behaves the same as `cookie` except the initial origin selection is stable and based on the client's IP address. Available values: `""`, `none`, `cookie`, `ip_cookie`. Defaults to `none`. // +kubebuilder:validation:Optional SessionAffinity *string `json:"sessionAffinity,omitempty" tf:"session_affinity,omitempty"` + // (Map of String) See session_affinity_attributes. // See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). // +kubebuilder:validation:Optional + // +mapType=granular SessionAffinityAttributes map[string]*string `json:"sessionAffinityAttributes,omitempty" tf:"session_affinity_attributes,omitempty"` + // (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. // Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of `82800` (23 hours) will be used unless [`session_affinity_ttl`](#session_affinity_ttl) is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between `1800` and `604800`. // +kubebuilder:validation:Optional SessionAffinityTTL *float64 `json:"sessionAffinityTtl,omitempty" tf:"session_affinity_ttl,omitempty"` + // proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "". // The method the load balancer uses to determine the route to your origin. Value `off` uses [`default_pool_ids`](#default_pool_ids). Value `geo` uses [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools). For non-proxied requests, the [`country`](#country) for [`country_pools`](#country_pools) is determined by [`location_strategy`](#location_strategy). Value `random` selects a pool randomly. Value `dynamic_latency` uses round trip time to select the closest pool in [`default_pool_ids`](#default_pool_ids) (requires pool health checks). Value `proximity` uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by [`location_strategy`](#location_strategy) for non-proxied requests. Value `""` maps to `geo` if you use [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) otherwise `off`. Available values: `off`, `geo`, `dynamic_latency`, `random`, `proximity`, `""` Defaults to `""`. // +kubebuilder:validation:Optional SteeringPolicy *string `json:"steeringPolicy,omitempty" tf:"steering_policy,omitempty"` + // (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. // Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to `30`. Conflicts with `proxied`. // +kubebuilder:validation:Optional TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` + // (String) The zone ID to add the load balancer to. Modifying this attribute will force creation of a new resource. // The zone ID to add the load balancer to. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -185,163 +477,456 @@ type LoadBalancerParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type LocationStrategyInitParameters struct { + + // (String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop. + // Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value `pop` will use the Cloudflare PoP location. Value `resolver_ip` will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: `pop`, `resolver_ip`. Defaults to `pop`. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // (String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity. + // Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value `always` will always prefer ECS, `never` will never prefer ECS, `proximity` will prefer ECS only when [`steering_policy="proximity"`](#steering_policy), and `geo` will prefer ECS only when [`steering_policy="geo"`](#steering_policy). Available values: `always`, `never`, `proximity`, `geo`. Defaults to `proximity`. + PreferEcs *string `json:"preferEcs,omitempty" tf:"prefer_ecs,omitempty"` +} + type LocationStrategyObservation struct { + + // (String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop. + // Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value `pop` will use the Cloudflare PoP location. Value `resolver_ip` will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: `pop`, `resolver_ip`. Defaults to `pop`. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // (String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity. + // Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value `always` will always prefer ECS, `never` will never prefer ECS, `proximity` will prefer ECS only when [`steering_policy="proximity"`](#steering_policy), and `geo` will prefer ECS only when [`steering_policy="geo"`](#steering_policy). Available values: `always`, `never`, `proximity`, `geo`. Defaults to `proximity`. + PreferEcs *string `json:"preferEcs,omitempty" tf:"prefer_ecs,omitempty"` } type LocationStrategyParameters struct { + // (String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop. // Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value `pop` will use the Cloudflare PoP location. Value `resolver_ip` will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: `pop`, `resolver_ip`. Defaults to `pop`. // +kubebuilder:validation:Optional Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + // (String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity. // Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value `always` will always prefer ECS, `never` will never prefer ECS, `proximity` will prefer ECS only when [`steering_policy="proximity"`](#steering_policy), and `geo` will prefer ECS only when [`steering_policy="geo"`](#steering_policy). Available values: `always`, `never`, `proximity`, `geo`. Defaults to `proximity`. // +kubebuilder:validation:Optional PreferEcs *string `json:"preferEcs,omitempty" tf:"prefer_ecs,omitempty"` } +type OverridesAdaptiveRoutingInitParameters struct { + + // downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. + // See [`failover_across_pools`](#failover_across_pools). + FailoverAcrossPools *bool `json:"failoverAcrossPools,omitempty" tf:"failover_across_pools,omitempty"` +} + type OverridesAdaptiveRoutingObservation struct { + + // downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. + // See [`failover_across_pools`](#failover_across_pools). + FailoverAcrossPools *bool `json:"failoverAcrossPools,omitempty" tf:"failover_across_pools,omitempty"` } type OverridesAdaptiveRoutingParameters struct { + // downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. // See [`failover_across_pools`](#failover_across_pools). // +kubebuilder:validation:Optional FailoverAcrossPools *bool `json:"failoverAcrossPools,omitempty" tf:"failover_across_pools,omitempty"` } +type OverridesCountryPoolsInitParameters struct { + + // (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. + // See [`country`](#country). + Country *string `json:"country,omitempty" tf:"country,omitempty"` + + // (List of String) A list of pool IDs in failover priority to use in the given country. + // See [`pool_ids`](#pool_ids). + PoolIds []*string `json:"poolIds,omitempty" tf:"pool_ids,omitempty"` +} + type OverridesCountryPoolsObservation struct { + + // (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. + // See [`country`](#country). + Country *string `json:"country,omitempty" tf:"country,omitempty"` + + // (List of String) A list of pool IDs in failover priority to use in the given country. + // See [`pool_ids`](#pool_ids). + PoolIds []*string `json:"poolIds,omitempty" tf:"pool_ids,omitempty"` } type OverridesCountryPoolsParameters struct { + // (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. // See [`country`](#country). - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Country *string `json:"country" tf:"country,omitempty"` + // (List of String) A list of pool IDs in failover priority to use in the given country. // See [`pool_ids`](#pool_ids). - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional PoolIds []*string `json:"poolIds" tf:"pool_ids,omitempty"` } +type OverridesInitParameters struct { + + // (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) + // See [`adaptive_routing`](#adaptive_routing). + AdaptiveRouting []OverridesAdaptiveRoutingInitParameters `json:"adaptiveRouting,omitempty" tf:"adaptive_routing,omitempty"` + + // (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) + // See [`country_pools`](#country_pools). + CountryPools []OverridesCountryPoolsInitParameters `json:"countryPools,omitempty" tf:"country_pools,omitempty"` + + // (List of String) See default_pool_ids. + // See [`default_pool_ids`](#default_pool_ids). + DefaultPools []*string `json:"defaultPools,omitempty" tf:"default_pools,omitempty"` + + // (String) See fallback_pool_id. + // See [`fallback_pool_id`](#fallback_pool_id). + FallbackPool *string `json:"fallbackPool,omitempty" tf:"fallback_pool,omitempty"` + + // based steering for non-proxied requests. (see below for nested schema) + // See [`location_strategy`](#location_strategy). + LocationStrategy []OverridesLocationStrategyInitParameters `json:"locationStrategy,omitempty" tf:"location_strategy,omitempty"` + + // of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) + // See [`pop_pools`](#pop_pools). + PopPools []OverridesPopPoolsInitParameters `json:"popPools,omitempty" tf:"pop_pools,omitempty"` + + // (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) + // See [`random_steering`](#random_steering). + RandomSteering []OverridesRandomSteeringInitParameters `json:"randomSteering,omitempty" tf:"random_steering,omitempty"` + + // (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) + // See [`region_pools`](#region_pools). + RegionPools []OverridesRegionPoolsInitParameters `json:"regionPools,omitempty" tf:"region_pools,omitempty"` + + // (String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client's IP address. Available values: "", none, cookie, ip_cookie. Defaults to none. + // See [`session_affinity`](#session_affinity). + SessionAffinity *string `json:"sessionAffinity,omitempty" tf:"session_affinity,omitempty"` + + // (Map of String) See session_affinity_attributes. + // See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). Note that the property [`drain_duration`](#drain_duration) is not currently supported as a rule override. + // +mapType=granular + SessionAffinityAttributes map[string]*string `json:"sessionAffinityAttributes,omitempty" tf:"session_affinity_attributes,omitempty"` + + // (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. + // See [`session_affinity_ttl`](#session_affinity_ttl). + SessionAffinityTTL *float64 `json:"sessionAffinityTtl,omitempty" tf:"session_affinity_ttl,omitempty"` + + // proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "". + // See [`steering_policy`](#steering_policy). + SteeringPolicy *string `json:"steeringPolicy,omitempty" tf:"steering_policy,omitempty"` + + // (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. + // See [`ttl`](#ttl). + TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` +} + +type OverridesLocationStrategyInitParameters struct { + + // (String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop. + // See [`mode`](#mode). + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // (String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity. + // See [`prefer_ecs`](#prefer_ecs). + PreferEcs *string `json:"preferEcs,omitempty" tf:"prefer_ecs,omitempty"` +} + type OverridesLocationStrategyObservation struct { + + // (String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop. + // See [`mode`](#mode). + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // (String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity. + // See [`prefer_ecs`](#prefer_ecs). + PreferEcs *string `json:"preferEcs,omitempty" tf:"prefer_ecs,omitempty"` } type OverridesLocationStrategyParameters struct { + // (String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop. // See [`mode`](#mode). // +kubebuilder:validation:Optional Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + // (String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity. // See [`prefer_ecs`](#prefer_ecs). // +kubebuilder:validation:Optional PreferEcs *string `json:"preferEcs,omitempty" tf:"prefer_ecs,omitempty"` } type OverridesObservation struct { + + // (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) + // See [`adaptive_routing`](#adaptive_routing). + AdaptiveRouting []OverridesAdaptiveRoutingObservation `json:"adaptiveRouting,omitempty" tf:"adaptive_routing,omitempty"` + + // (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) + // See [`country_pools`](#country_pools). + CountryPools []OverridesCountryPoolsObservation `json:"countryPools,omitempty" tf:"country_pools,omitempty"` + + // (List of String) See default_pool_ids. + // See [`default_pool_ids`](#default_pool_ids). + DefaultPools []*string `json:"defaultPools,omitempty" tf:"default_pools,omitempty"` + + // (String) See fallback_pool_id. + // See [`fallback_pool_id`](#fallback_pool_id). + FallbackPool *string `json:"fallbackPool,omitempty" tf:"fallback_pool,omitempty"` + + // based steering for non-proxied requests. (see below for nested schema) + // See [`location_strategy`](#location_strategy). + LocationStrategy []OverridesLocationStrategyObservation `json:"locationStrategy,omitempty" tf:"location_strategy,omitempty"` + + // of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) + // See [`pop_pools`](#pop_pools). + PopPools []OverridesPopPoolsObservation `json:"popPools,omitempty" tf:"pop_pools,omitempty"` + + // (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) + // See [`random_steering`](#random_steering). + RandomSteering []OverridesRandomSteeringObservation `json:"randomSteering,omitempty" tf:"random_steering,omitempty"` + + // (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) + // See [`region_pools`](#region_pools). + RegionPools []OverridesRegionPoolsObservation `json:"regionPools,omitempty" tf:"region_pools,omitempty"` + + // (String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client's IP address. Available values: "", none, cookie, ip_cookie. Defaults to none. + // See [`session_affinity`](#session_affinity). + SessionAffinity *string `json:"sessionAffinity,omitempty" tf:"session_affinity,omitempty"` + + // (Map of String) See session_affinity_attributes. + // See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). Note that the property [`drain_duration`](#drain_duration) is not currently supported as a rule override. + // +mapType=granular + SessionAffinityAttributes map[string]*string `json:"sessionAffinityAttributes,omitempty" tf:"session_affinity_attributes,omitempty"` + + // (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. + // See [`session_affinity_ttl`](#session_affinity_ttl). + SessionAffinityTTL *float64 `json:"sessionAffinityTtl,omitempty" tf:"session_affinity_ttl,omitempty"` + + // proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "". + // See [`steering_policy`](#steering_policy). + SteeringPolicy *string `json:"steeringPolicy,omitempty" tf:"steering_policy,omitempty"` + + // (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. + // See [`ttl`](#ttl). + TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` } type OverridesParameters struct { + // (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) // See [`adaptive_routing`](#adaptive_routing). // +kubebuilder:validation:Optional AdaptiveRouting []OverridesAdaptiveRoutingParameters `json:"adaptiveRouting,omitempty" tf:"adaptive_routing,omitempty"` + // (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) // See [`country_pools`](#country_pools). // +kubebuilder:validation:Optional CountryPools []OverridesCountryPoolsParameters `json:"countryPools,omitempty" tf:"country_pools,omitempty"` + // (List of String) See default_pool_ids. // See [`default_pool_ids`](#default_pool_ids). // +kubebuilder:validation:Optional DefaultPools []*string `json:"defaultPools,omitempty" tf:"default_pools,omitempty"` + // (String) See fallback_pool_id. // See [`fallback_pool_id`](#fallback_pool_id). // +kubebuilder:validation:Optional FallbackPool *string `json:"fallbackPool,omitempty" tf:"fallback_pool,omitempty"` + // based steering for non-proxied requests. (see below for nested schema) // See [`location_strategy`](#location_strategy). // +kubebuilder:validation:Optional LocationStrategy []OverridesLocationStrategyParameters `json:"locationStrategy,omitempty" tf:"location_strategy,omitempty"` + // of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) // See [`pop_pools`](#pop_pools). // +kubebuilder:validation:Optional PopPools []OverridesPopPoolsParameters `json:"popPools,omitempty" tf:"pop_pools,omitempty"` + // (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) // See [`random_steering`](#random_steering). // +kubebuilder:validation:Optional RandomSteering []OverridesRandomSteeringParameters `json:"randomSteering,omitempty" tf:"random_steering,omitempty"` + // (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) // See [`region_pools`](#region_pools). // +kubebuilder:validation:Optional RegionPools []OverridesRegionPoolsParameters `json:"regionPools,omitempty" tf:"region_pools,omitempty"` + // (String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client's IP address. Available values: "", none, cookie, ip_cookie. Defaults to none. // See [`session_affinity`](#session_affinity). // +kubebuilder:validation:Optional SessionAffinity *string `json:"sessionAffinity,omitempty" tf:"session_affinity,omitempty"` + // (Map of String) See session_affinity_attributes. // See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). Note that the property [`drain_duration`](#drain_duration) is not currently supported as a rule override. // +kubebuilder:validation:Optional + // +mapType=granular SessionAffinityAttributes map[string]*string `json:"sessionAffinityAttributes,omitempty" tf:"session_affinity_attributes,omitempty"` + // (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. // See [`session_affinity_ttl`](#session_affinity_ttl). // +kubebuilder:validation:Optional SessionAffinityTTL *float64 `json:"sessionAffinityTtl,omitempty" tf:"session_affinity_ttl,omitempty"` + // proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "". // See [`steering_policy`](#steering_policy). // +kubebuilder:validation:Optional SteeringPolicy *string `json:"steeringPolicy,omitempty" tf:"steering_policy,omitempty"` + // (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. // See [`ttl`](#ttl). // +kubebuilder:validation:Optional TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` } +type OverridesPopPoolsInitParameters struct { + + // (List of String) A list of pool IDs in failover priority to use in the given country. + // See [`pool_ids`](#pool_ids). + PoolIds []*string `json:"poolIds,omitempty" tf:"pool_ids,omitempty"` + + // letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. + // See [`pop`](#pop). + Pop *string `json:"pop,omitempty" tf:"pop,omitempty"` +} + type OverridesPopPoolsObservation struct { + + // (List of String) A list of pool IDs in failover priority to use in the given country. + // See [`pool_ids`](#pool_ids). + PoolIds []*string `json:"poolIds,omitempty" tf:"pool_ids,omitempty"` + + // letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. + // See [`pop`](#pop). + Pop *string `json:"pop,omitempty" tf:"pop,omitempty"` } type OverridesPopPoolsParameters struct { + // (List of String) A list of pool IDs in failover priority to use in the given country. // See [`pool_ids`](#pool_ids). - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional PoolIds []*string `json:"poolIds" tf:"pool_ids,omitempty"` + // letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. // See [`pop`](#pop). - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Pop *string `json:"pop" tf:"pop,omitempty"` } +type OverridesRandomSteeringInitParameters struct { + + // (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. + // See [`default_weight`](#default_weight). + DefaultWeight *float64 `json:"defaultWeight,omitempty" tf:"default_weight,omitempty"` + + // (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + // See [`pool_weights`](#pool_weights). + // +mapType=granular + PoolWeights map[string]*float64 `json:"poolWeights,omitempty" tf:"pool_weights,omitempty"` +} + type OverridesRandomSteeringObservation struct { + + // (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. + // See [`default_weight`](#default_weight). + DefaultWeight *float64 `json:"defaultWeight,omitempty" tf:"default_weight,omitempty"` + + // (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + // See [`pool_weights`](#pool_weights). + // +mapType=granular + PoolWeights map[string]*float64 `json:"poolWeights,omitempty" tf:"pool_weights,omitempty"` } type OverridesRandomSteeringParameters struct { + // (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. // See [`default_weight`](#default_weight). // +kubebuilder:validation:Optional DefaultWeight *float64 `json:"defaultWeight,omitempty" tf:"default_weight,omitempty"` + // (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. // See [`pool_weights`](#pool_weights). // +kubebuilder:validation:Optional + // +mapType=granular PoolWeights map[string]*float64 `json:"poolWeights,omitempty" tf:"pool_weights,omitempty"` } +type OverridesRegionPoolsInitParameters struct { + + // (List of String) A list of pool IDs in failover priority to use in the given country. + // See [`pool_ids`](#pool_ids). + PoolIds []*string `json:"poolIds,omitempty" tf:"pool_ids,omitempty"` + + // (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. + // See [`region`](#region). + Region *string `json:"region,omitempty" tf:"region,omitempty"` +} + type OverridesRegionPoolsObservation struct { + + // (List of String) A list of pool IDs in failover priority to use in the given country. + // See [`pool_ids`](#pool_ids). + PoolIds []*string `json:"poolIds,omitempty" tf:"pool_ids,omitempty"` + + // (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. + // See [`region`](#region). + Region *string `json:"region,omitempty" tf:"region,omitempty"` } type OverridesRegionPoolsParameters struct { + // (List of String) A list of pool IDs in failover priority to use in the given country. // See [`pool_ids`](#pool_ids). - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional PoolIds []*string `json:"poolIds" tf:"pool_ids,omitempty"` + // (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. // See [`region`](#region). - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Region *string `json:"region" tf:"region,omitempty"` } +type PopPoolsInitParameters struct { + + // (List of String) A list of pool IDs in failover priority to use in the given country. + // A list of pool IDs in failover priority to use for traffic reaching the given PoP. + // +crossplane:generate:reference:type=Pool + PoolIds []*string `json:"poolIds,omitempty" tf:"pool_ids,omitempty"` + + // References to Pool to populate poolIds. + // +kubebuilder:validation:Optional + PoolIdsRefs []v1.Reference `json:"poolIdsRefs,omitempty" tf:"-"` + + // Selector for a list of Pool to populate poolIds. + // +kubebuilder:validation:Optional + PoolIdsSelector *v1.Selector `json:"poolIdsSelector,omitempty" tf:"-"` + + // letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. + // A 3-letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the [status page](https://www.cloudflarestatus.com/). Multiple entries should not be specified with the same PoP. + Pop *string `json:"pop,omitempty" tf:"pop,omitempty"` +} + type PopPoolsObservation struct { + + // (List of String) A list of pool IDs in failover priority to use in the given country. + // A list of pool IDs in failover priority to use for traffic reaching the given PoP. + PoolIds []*string `json:"poolIds,omitempty" tf:"pool_ids,omitempty"` + + // letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. + // A 3-letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the [status page](https://www.cloudflarestatus.com/). Multiple entries should not be specified with the same PoP. + Pop *string `json:"pop,omitempty" tf:"pop,omitempty"` } type PopPoolsParameters struct { + // (List of String) A list of pool IDs in failover priority to use in the given country. // A list of pool IDs in failover priority to use for traffic reaching the given PoP. // +crossplane:generate:reference:type=Pool // +kubebuilder:validation:Optional @@ -355,30 +940,84 @@ type PopPoolsParameters struct { // +kubebuilder:validation:Optional PoolIdsSelector *v1.Selector `json:"poolIdsSelector,omitempty" tf:"-"` + // letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. // A 3-letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the [status page](https://www.cloudflarestatus.com/). Multiple entries should not be specified with the same PoP. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Pop *string `json:"pop" tf:"pop,omitempty"` } +type RandomSteeringInitParameters struct { + + // (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. + // The default weight for pools in the load balancer that are not specified in the [`pool_weights`](#pool_weights) map. + DefaultWeight *float64 `json:"defaultWeight,omitempty" tf:"default_weight,omitempty"` + + // (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + // A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + // +mapType=granular + PoolWeights map[string]*float64 `json:"poolWeights,omitempty" tf:"pool_weights,omitempty"` +} + type RandomSteeringObservation struct { + + // (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. + // The default weight for pools in the load balancer that are not specified in the [`pool_weights`](#pool_weights) map. + DefaultWeight *float64 `json:"defaultWeight,omitempty" tf:"default_weight,omitempty"` + + // (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + // A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + // +mapType=granular + PoolWeights map[string]*float64 `json:"poolWeights,omitempty" tf:"pool_weights,omitempty"` } type RandomSteeringParameters struct { + // (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. // The default weight for pools in the load balancer that are not specified in the [`pool_weights`](#pool_weights) map. // +kubebuilder:validation:Optional DefaultWeight *float64 `json:"defaultWeight,omitempty" tf:"default_weight,omitempty"` + // (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. // A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. // +kubebuilder:validation:Optional + // +mapType=granular PoolWeights map[string]*float64 `json:"poolWeights,omitempty" tf:"pool_weights,omitempty"` } +type RegionPoolsInitParameters struct { + + // (List of String) A list of pool IDs in failover priority to use in the given country. + // A list of pool IDs in failover priority to use in the given region. + // +crossplane:generate:reference:type=Pool + PoolIds []*string `json:"poolIds,omitempty" tf:"pool_ids,omitempty"` + + // References to Pool to populate poolIds. + // +kubebuilder:validation:Optional + PoolIdsRefs []v1.Reference `json:"poolIdsRefs,omitempty" tf:"-"` + + // Selector for a list of Pool to populate poolIds. + // +kubebuilder:validation:Optional + PoolIdsSelector *v1.Selector `json:"poolIdsSelector,omitempty" tf:"-"` + + // (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. + // A region code which must be in the list defined [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/#list-of-load-balancer-regions). Multiple entries should not be specified with the same region. + Region *string `json:"region,omitempty" tf:"region,omitempty"` +} + type RegionPoolsObservation struct { + + // (List of String) A list of pool IDs in failover priority to use in the given country. + // A list of pool IDs in failover priority to use in the given region. + PoolIds []*string `json:"poolIds,omitempty" tf:"pool_ids,omitempty"` + + // (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. + // A region code which must be in the list defined [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/#list-of-load-balancer-regions). Multiple entries should not be specified with the same region. + Region *string `json:"region,omitempty" tf:"region,omitempty"` } type RegionPoolsParameters struct { + // (List of String) A list of pool IDs in failover priority to use in the given country. // A list of pool IDs in failover priority to use in the given region. // +crossplane:generate:reference:type=Pool // +kubebuilder:validation:Optional @@ -392,40 +1031,107 @@ type RegionPoolsParameters struct { // +kubebuilder:validation:Optional PoolIdsSelector *v1.Selector `json:"poolIdsSelector,omitempty" tf:"-"` + // (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. // A region code which must be in the list defined [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/#list-of-load-balancer-regions). Multiple entries should not be specified with the same region. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Region *string `json:"region" tf:"region,omitempty"` } +type RulesInitParameters struct { + + // (String) The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See load balancing rules. + // The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See [load balancing rules](https://developers.cloudflare.com/load-balancing/understand-basics/load-balancing-rules). + Condition *string `json:"condition,omitempty" tf:"condition,omitempty"` + + // (Boolean) A disabled rule will not be executed. + // A disabled rule will not be executed. + Disabled *bool `json:"disabled,omitempty" tf:"disabled,omitempty"` + + // (Block List, Max: 1) Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: overrides or fixed_response must be set. (see below for nested schema) + // Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: [`overrides`](#overrides) or [`fixed_response`](#fixed_response) must be set. + FixedResponse []FixedResponseInitParameters `json:"fixedResponse,omitempty" tf:"fixed_response,omitempty"` + + // (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + // Human readable name for this rule. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Block List) The load balancer settings to alter if this rule's condition is true. Note: overrides or fixed_response must be set. (see below for nested schema) + // The load balancer settings to alter if this rule's [`condition`](#condition) is true. Note: [`overrides`](#overrides) or [`fixed_response`](#fixed_response) must be set. + Overrides []OverridesInitParameters `json:"overrides,omitempty" tf:"overrides,omitempty"` + + // (Number) Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. + // Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // (Boolean) Terminates indicates that if this rule is true no further rules should be executed. Note: setting a fixed_response forces this field to true. + // Terminates indicates that if this rule is true no further rules should be executed. Note: setting a [`fixed_response`](#fixed_response) forces this field to `true`. + Terminates *bool `json:"terminates,omitempty" tf:"terminates,omitempty"` +} + type RulesObservation struct { + + // (String) The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See load balancing rules. + // The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See [load balancing rules](https://developers.cloudflare.com/load-balancing/understand-basics/load-balancing-rules). + Condition *string `json:"condition,omitempty" tf:"condition,omitempty"` + + // (Boolean) A disabled rule will not be executed. + // A disabled rule will not be executed. + Disabled *bool `json:"disabled,omitempty" tf:"disabled,omitempty"` + + // (Block List, Max: 1) Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: overrides or fixed_response must be set. (see below for nested schema) + // Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: [`overrides`](#overrides) or [`fixed_response`](#fixed_response) must be set. + FixedResponse []FixedResponseObservation `json:"fixedResponse,omitempty" tf:"fixed_response,omitempty"` + + // (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + // Human readable name for this rule. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Block List) The load balancer settings to alter if this rule's condition is true. Note: overrides or fixed_response must be set. (see below for nested schema) + // The load balancer settings to alter if this rule's [`condition`](#condition) is true. Note: [`overrides`](#overrides) or [`fixed_response`](#fixed_response) must be set. + Overrides []OverridesObservation `json:"overrides,omitempty" tf:"overrides,omitempty"` + + // (Number) Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. + // Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // (Boolean) Terminates indicates that if this rule is true no further rules should be executed. Note: setting a fixed_response forces this field to true. + // Terminates indicates that if this rule is true no further rules should be executed. Note: setting a [`fixed_response`](#fixed_response) forces this field to `true`. + Terminates *bool `json:"terminates,omitempty" tf:"terminates,omitempty"` } type RulesParameters struct { + // (String) The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See load balancing rules. // The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See [load balancing rules](https://developers.cloudflare.com/load-balancing/understand-basics/load-balancing-rules). // +kubebuilder:validation:Optional Condition *string `json:"condition,omitempty" tf:"condition,omitempty"` + // (Boolean) A disabled rule will not be executed. // A disabled rule will not be executed. // +kubebuilder:validation:Optional Disabled *bool `json:"disabled,omitempty" tf:"disabled,omitempty"` + // (Block List, Max: 1) Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: overrides or fixed_response must be set. (see below for nested schema) // Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: [`overrides`](#overrides) or [`fixed_response`](#fixed_response) must be set. // +kubebuilder:validation:Optional FixedResponse []FixedResponseParameters `json:"fixedResponse,omitempty" tf:"fixed_response,omitempty"` + // (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. // Human readable name for this rule. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` + // (Block List) The load balancer settings to alter if this rule's condition is true. Note: overrides or fixed_response must be set. (see below for nested schema) // The load balancer settings to alter if this rule's [`condition`](#condition) is true. Note: [`overrides`](#overrides) or [`fixed_response`](#fixed_response) must be set. // +kubebuilder:validation:Optional Overrides []OverridesParameters `json:"overrides,omitempty" tf:"overrides,omitempty"` + // (Number) Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. // Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. // +kubebuilder:validation:Optional Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + // (Boolean) Terminates indicates that if this rule is true no further rules should be executed. Note: setting a fixed_response forces this field to true. // Terminates indicates that if this rule is true no further rules should be executed. Note: setting a [`fixed_response`](#fixed_response) forces this field to `true`. // +kubebuilder:validation:Optional Terminates *bool `json:"terminates,omitempty" tf:"terminates,omitempty"` @@ -435,6 +1141,17 @@ type RulesParameters struct { type LoadBalancerSpec struct { v1.ResourceSpec `json:",inline"` ForProvider LoadBalancerParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider LoadBalancerInitParameters `json:"initProvider,omitempty"` } // LoadBalancerStatus defines the observed state of LoadBalancer. @@ -444,19 +1161,21 @@ type LoadBalancerStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// LoadBalancer is the Schema for the LoadBalancers API. +// LoadBalancer is the Schema for the LoadBalancers API. Provides a Cloudflare Load Balancer resource. This sits in front of a number of defined pools of origins and provides various options for geographically-aware load balancing. Note that the load balancing feature must be enabled in your Cloudflare account before you can use this resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type LoadBalancer struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec LoadBalancerSpec `json:"spec"` - Status LoadBalancerStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec LoadBalancerSpec `json:"spec"` + Status LoadBalancerStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/loadbalancer/v1alpha1/zz_monitor_terraformed.go b/apis/loadbalancer/v1alpha1/zz_monitor_terraformed.go new file mode 100755 index 0000000..a154900 --- /dev/null +++ b/apis/loadbalancer/v1alpha1/zz_monitor_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Monitor +func (mg *Monitor) GetTerraformResourceType() string { + return "cloudflare_load_balancer_monitor" +} + +// GetConnectionDetailsMapping for this Monitor +func (tr *Monitor) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Monitor +func (tr *Monitor) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Monitor +func (tr *Monitor) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Monitor +func (tr *Monitor) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Monitor +func (tr *Monitor) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Monitor +func (tr *Monitor) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Monitor +func (tr *Monitor) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Monitor +func (tr *Monitor) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Monitor using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Monitor) LateInitialize(attrs []byte) (bool, error) { + params := &MonitorParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Monitor) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/loadbalancer/v1alpha1/zz_monitor_types.go b/apis/loadbalancer/v1alpha1/zz_monitor_types.go index 44432aa..35bcc46 100755 --- a/apis/loadbalancer/v1alpha1/zz_monitor_types.go +++ b/apis/loadbalancer/v1alpha1/zz_monitor_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,28 +17,165 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type HeaderInitParameters struct { + + // The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. Fields documented below. Only valid if type is "http" or "https". + Header *string `json:"header,omitempty" tf:"header,omitempty"` + + // A list of string values for the header. + // +listType=set + Values []*string `json:"values,omitempty" tf:"values,omitempty"` +} + type HeaderObservation struct { + + // The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. Fields documented below. Only valid if type is "http" or "https". + Header *string `json:"header,omitempty" tf:"header,omitempty"` + + // A list of string values for the header. + // +listType=set + Values []*string `json:"values,omitempty" tf:"values,omitempty"` } type HeaderParameters struct { - // +kubebuilder:validation:Required + // The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. Fields documented below. Only valid if type is "http" or "https". + // +kubebuilder:validation:Optional Header *string `json:"header" tf:"header,omitempty"` - // +kubebuilder:validation:Required + // A list of string values for the header. + // +kubebuilder:validation:Optional + // +listType=set Values []*string `json:"values" tf:"values,omitempty"` } +type MonitorInitParameters struct { + + // The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // Do not validate the certificate when monitor use HTTPS. Only valid if type is "http" or "https". + AllowInsecure *bool `json:"allowInsecure,omitempty" tf:"allow_insecure,omitempty"` + + // Free text description. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // A case-insensitive sub-string to look for in the response body. If this string is not found, the origin will be marked as unhealthy. Only valid if type is "http" or "https". Default: "". + ExpectedBody *string `json:"expectedBody,omitempty" tf:"expected_body,omitempty"` + + // The expected HTTP response code or code range of the health check. Eg 2xx. Only valid and required if type is "http" or "https". + ExpectedCodes *string `json:"expectedCodes,omitempty" tf:"expected_codes,omitempty"` + + // Follow redirects if returned by the origin. Only valid if type is "http" or "https". + FollowRedirects *bool `json:"followRedirects,omitempty" tf:"follow_redirects,omitempty"` + + // The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. Fields documented below. Only valid if type is "http" or "https". + Header []HeaderInitParameters `json:"header,omitempty" tf:"header,omitempty"` + + // The interval between each health check. Shorter intervals may improve failover time, but will increase load on the origins as we check from multiple locations. Default: 60. + // Defaults to `60`. + Interval *float64 `json:"interval,omitempty" tf:"interval,omitempty"` + + // The method to use for the health check. Valid values are any valid HTTP verb if type is "http" or "https", or connection_established if type is "tcp". Default: "GET" if type is "http" or "https", "connection_established" if type is "tcp", and empty otherwise. + Method *string `json:"method,omitempty" tf:"method,omitempty"` + + // The endpoint path to health check against. Default: "/". Only valid if type is "http" or "https". + Path *string `json:"path,omitempty" tf:"path,omitempty"` + + // The port number to use for the healthcheck, required when creating a TCP monitor. Valid values are in the range 0-65535. + Port *float64 `json:"port,omitempty" tf:"port,omitempty"` + + // Assign this monitor to emulate the specified zone while probing. Only valid if type is "http" or "https". + ProbeZone *string `json:"probeZone,omitempty" tf:"probe_zone,omitempty"` + + // The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Default: 2. + // Defaults to `2`. + Retries *float64 `json:"retries,omitempty" tf:"retries,omitempty"` + + // The timeout (in seconds) before marking the health check as failed. Default: 5. + // Defaults to `5`. + Timeout *float64 `json:"timeout,omitempty" tf:"timeout,omitempty"` + + // The protocol to use for the healthcheck. Currently supported protocols are 'HTTP', 'HTTPS', 'TCP', 'UDP-ICMP', 'ICMP-PING', and 'SMTP'. Default: "http". + // Defaults to `http`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type MonitorObservation struct { + + // The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Do not validate the certificate when monitor use HTTPS. Only valid if type is "http" or "https". + AllowInsecure *bool `json:"allowInsecure,omitempty" tf:"allow_insecure,omitempty"` + + // The RFC3339 timestamp of when the load balancer monitor was created. CreatedOn *string `json:"createdOn,omitempty" tf:"created_on,omitempty"` + // Free text description. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // A case-insensitive sub-string to look for in the response body. If this string is not found, the origin will be marked as unhealthy. Only valid if type is "http" or "https". Default: "". + ExpectedBody *string `json:"expectedBody,omitempty" tf:"expected_body,omitempty"` + + // The expected HTTP response code or code range of the health check. Eg 2xx. Only valid and required if type is "http" or "https". + ExpectedCodes *string `json:"expectedCodes,omitempty" tf:"expected_codes,omitempty"` + + // Follow redirects if returned by the origin. Only valid if type is "http" or "https". + FollowRedirects *bool `json:"followRedirects,omitempty" tf:"follow_redirects,omitempty"` + + // The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. Fields documented below. Only valid if type is "http" or "https". + Header []HeaderObservation `json:"header,omitempty" tf:"header,omitempty"` + + // Load balancer monitor ID. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // The interval between each health check. Shorter intervals may improve failover time, but will increase load on the origins as we check from multiple locations. Default: 60. + // Defaults to `60`. + Interval *float64 `json:"interval,omitempty" tf:"interval,omitempty"` + + // The method to use for the health check. Valid values are any valid HTTP verb if type is "http" or "https", or connection_established if type is "tcp". Default: "GET" if type is "http" or "https", "connection_established" if type is "tcp", and empty otherwise. + Method *string `json:"method,omitempty" tf:"method,omitempty"` + + // The RFC3339 timestamp of when the load balancer monitor was last modified. ModifiedOn *string `json:"modifiedOn,omitempty" tf:"modified_on,omitempty"` + + // The endpoint path to health check against. Default: "/". Only valid if type is "http" or "https". + Path *string `json:"path,omitempty" tf:"path,omitempty"` + + // The port number to use for the healthcheck, required when creating a TCP monitor. Valid values are in the range 0-65535. + Port *float64 `json:"port,omitempty" tf:"port,omitempty"` + + // Assign this monitor to emulate the specified zone while probing. Only valid if type is "http" or "https". + ProbeZone *string `json:"probeZone,omitempty" tf:"probe_zone,omitempty"` + + // The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Default: 2. + // Defaults to `2`. + Retries *float64 `json:"retries,omitempty" tf:"retries,omitempty"` + + // The timeout (in seconds) before marking the health check as failed. Default: 5. + // Defaults to `5`. + Timeout *float64 `json:"timeout,omitempty" tf:"timeout,omitempty"` + + // The protocol to use for the healthcheck. Currently supported protocols are 'HTTP', 'HTTPS', 'TCP', 'UDP-ICMP', 'ICMP-PING', and 'SMTP'. Default: "http". + // Defaults to `http`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` } type MonitorParameters struct { + // The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -48,48 +189,62 @@ type MonitorParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // Do not validate the certificate when monitor use HTTPS. Only valid if type is "http" or "https". // +kubebuilder:validation:Optional AllowInsecure *bool `json:"allowInsecure,omitempty" tf:"allow_insecure,omitempty"` + // Free text description. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // A case-insensitive sub-string to look for in the response body. If this string is not found, the origin will be marked as unhealthy. Only valid if type is "http" or "https". Default: "". // +kubebuilder:validation:Optional ExpectedBody *string `json:"expectedBody,omitempty" tf:"expected_body,omitempty"` + // The expected HTTP response code or code range of the health check. Eg 2xx. Only valid and required if type is "http" or "https". // +kubebuilder:validation:Optional ExpectedCodes *string `json:"expectedCodes,omitempty" tf:"expected_codes,omitempty"` + // Follow redirects if returned by the origin. Only valid if type is "http" or "https". // +kubebuilder:validation:Optional FollowRedirects *bool `json:"followRedirects,omitempty" tf:"follow_redirects,omitempty"` + // The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. Fields documented below. Only valid if type is "http" or "https". // +kubebuilder:validation:Optional Header []HeaderParameters `json:"header,omitempty" tf:"header,omitempty"` + // The interval between each health check. Shorter intervals may improve failover time, but will increase load on the origins as we check from multiple locations. Default: 60. // Defaults to `60`. // +kubebuilder:validation:Optional Interval *float64 `json:"interval,omitempty" tf:"interval,omitempty"` + // The method to use for the health check. Valid values are any valid HTTP verb if type is "http" or "https", or connection_established if type is "tcp". Default: "GET" if type is "http" or "https", "connection_established" if type is "tcp", and empty otherwise. // +kubebuilder:validation:Optional Method *string `json:"method,omitempty" tf:"method,omitempty"` + // The endpoint path to health check against. Default: "/". Only valid if type is "http" or "https". // +kubebuilder:validation:Optional Path *string `json:"path,omitempty" tf:"path,omitempty"` + // The port number to use for the healthcheck, required when creating a TCP monitor. Valid values are in the range 0-65535. // +kubebuilder:validation:Optional Port *float64 `json:"port,omitempty" tf:"port,omitempty"` + // Assign this monitor to emulate the specified zone while probing. Only valid if type is "http" or "https". // +kubebuilder:validation:Optional ProbeZone *string `json:"probeZone,omitempty" tf:"probe_zone,omitempty"` + // The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Default: 2. // Defaults to `2`. // +kubebuilder:validation:Optional Retries *float64 `json:"retries,omitempty" tf:"retries,omitempty"` + // The timeout (in seconds) before marking the health check as failed. Default: 5. // Defaults to `5`. // +kubebuilder:validation:Optional Timeout *float64 `json:"timeout,omitempty" tf:"timeout,omitempty"` + // The protocol to use for the healthcheck. Currently supported protocols are 'HTTP', 'HTTPS', 'TCP', 'UDP-ICMP', 'ICMP-PING', and 'SMTP'. Default: "http". // Defaults to `http`. // +kubebuilder:validation:Optional Type *string `json:"type,omitempty" tf:"type,omitempty"` @@ -99,6 +254,17 @@ type MonitorParameters struct { type MonitorSpec struct { v1.ResourceSpec `json:",inline"` ForProvider MonitorParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider MonitorInitParameters `json:"initProvider,omitempty"` } // MonitorStatus defines the observed state of Monitor. @@ -108,13 +274,14 @@ type MonitorStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Monitor is the Schema for the Monitors API. +// Monitor is the Schema for the Monitors API. Provides a Cloudflare Load Balancer Monitor resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Monitor struct { metav1.TypeMeta `json:",inline"` diff --git a/apis/loadbalancer/v1alpha1/zz_pool_terraformed.go b/apis/loadbalancer/v1alpha1/zz_pool_terraformed.go new file mode 100755 index 0000000..bff7ead --- /dev/null +++ b/apis/loadbalancer/v1alpha1/zz_pool_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Pool +func (mg *Pool) GetTerraformResourceType() string { + return "cloudflare_load_balancer_pool" +} + +// GetConnectionDetailsMapping for this Pool +func (tr *Pool) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Pool +func (tr *Pool) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Pool +func (tr *Pool) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Pool +func (tr *Pool) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Pool +func (tr *Pool) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Pool +func (tr *Pool) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Pool +func (tr *Pool) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Pool +func (tr *Pool) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Pool using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Pool) LateInitialize(attrs []byte) (bool, error) { + params := &PoolParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Pool) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/loadbalancer/v1alpha1/zz_pool_types.go b/apis/loadbalancer/v1alpha1/zz_pool_types.go index d8fb793..0d89946 100755 --- a/apis/loadbalancer/v1alpha1/zz_pool_types.go +++ b/apis/loadbalancer/v1alpha1/zz_pool_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,88 +17,323 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type LoadSheddingInitParameters struct { + + // Percent of traffic to shed 0 - 100. + // Percent of traffic to shed 0 - 100. Defaults to `0`. + DefaultPercent *float64 `json:"defaultPercent,omitempty" tf:"default_percent,omitempty"` + + // Method of shedding traffic "", "hash" or "random". + // Method of shedding traffic. Available values: “, `hash`, `random`. Defaults to `""`. + DefaultPolicy *string `json:"defaultPolicy,omitempty" tf:"default_policy,omitempty"` + + // Percent of session traffic to shed 0 - 100. + // Percent of session traffic to shed 0 - 100. Defaults to `0`. + SessionPercent *float64 `json:"sessionPercent,omitempty" tf:"session_percent,omitempty"` + + // Method of shedding session traffic "" or "hash". + // Method of shedding traffic. Available values: “, `hash`. Defaults to `""`. + SessionPolicy *string `json:"sessionPolicy,omitempty" tf:"session_policy,omitempty"` +} + type LoadSheddingObservation struct { + + // Percent of traffic to shed 0 - 100. + // Percent of traffic to shed 0 - 100. Defaults to `0`. + DefaultPercent *float64 `json:"defaultPercent,omitempty" tf:"default_percent,omitempty"` + + // Method of shedding traffic "", "hash" or "random". + // Method of shedding traffic. Available values: “, `hash`, `random`. Defaults to `""`. + DefaultPolicy *string `json:"defaultPolicy,omitempty" tf:"default_policy,omitempty"` + + // Percent of session traffic to shed 0 - 100. + // Percent of session traffic to shed 0 - 100. Defaults to `0`. + SessionPercent *float64 `json:"sessionPercent,omitempty" tf:"session_percent,omitempty"` + + // Method of shedding session traffic "" or "hash". + // Method of shedding traffic. Available values: “, `hash`. Defaults to `""`. + SessionPolicy *string `json:"sessionPolicy,omitempty" tf:"session_policy,omitempty"` } type LoadSheddingParameters struct { + // Percent of traffic to shed 0 - 100. // Percent of traffic to shed 0 - 100. Defaults to `0`. // +kubebuilder:validation:Optional DefaultPercent *float64 `json:"defaultPercent,omitempty" tf:"default_percent,omitempty"` + // Method of shedding traffic "", "hash" or "random". // Method of shedding traffic. Available values: “, `hash`, `random`. Defaults to `""`. // +kubebuilder:validation:Optional DefaultPolicy *string `json:"defaultPolicy,omitempty" tf:"default_policy,omitempty"` + // Percent of session traffic to shed 0 - 100. // Percent of session traffic to shed 0 - 100. Defaults to `0`. // +kubebuilder:validation:Optional SessionPercent *float64 `json:"sessionPercent,omitempty" tf:"session_percent,omitempty"` + // Method of shedding session traffic "" or "hash". // Method of shedding traffic. Available values: “, `hash`. Defaults to `""`. // +kubebuilder:validation:Optional SessionPolicy *string `json:"sessionPolicy,omitempty" tf:"session_policy,omitempty"` } +type OriginSteeringInitParameters struct { + + // Either "random" (default) or "hash". + // Origin steering policy to be used. Available values: “, `hash`, `random`. Defaults to `random`. + Policy *string `json:"policy,omitempty" tf:"policy,omitempty"` +} + type OriginSteeringObservation struct { + + // Either "random" (default) or "hash". + // Origin steering policy to be used. Available values: “, `hash`, `random`. Defaults to `random`. + Policy *string `json:"policy,omitempty" tf:"policy,omitempty"` } type OriginSteeringParameters struct { + // Either "random" (default) or "hash". // Origin steering policy to be used. Available values: “, `hash`, `random`. Defaults to `random`. // +kubebuilder:validation:Optional Policy *string `json:"policy,omitempty" tf:"policy,omitempty"` } +type OriginsHeaderInitParameters struct { + + // The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below. + // HTTP Header name. + Header *string `json:"header,omitempty" tf:"header,omitempty"` + + // A list of string values for the header. + // Values for the HTTP headers. + // +listType=set + Values []*string `json:"values,omitempty" tf:"values,omitempty"` +} + type OriginsHeaderObservation struct { + + // The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below. + // HTTP Header name. + Header *string `json:"header,omitempty" tf:"header,omitempty"` + + // A list of string values for the header. + // Values for the HTTP headers. + // +listType=set + Values []*string `json:"values,omitempty" tf:"values,omitempty"` } type OriginsHeaderParameters struct { + // The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below. // HTTP Header name. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Header *string `json:"header" tf:"header,omitempty"` + // A list of string values for the header. // Values for the HTTP headers. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional + // +listType=set Values []*string `json:"values" tf:"values,omitempty"` } +type OriginsInitParameters struct { + + // The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. Hostnames entered here should resolve directly to the origin, and not be a hostname proxied by Cloudflare. + // The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. + Address *string `json:"address,omitempty" tf:"address,omitempty"` + + // Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any). + // Whether this origin is enabled. Disabled origins will not receive traffic and are excluded from health checks. Defaults to `true`. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below. + // HTTP request headers. + Header []OriginsHeaderInitParameters `json:"header,omitempty" tf:"header,omitempty"` + + // A short name (tag) for the pool. Only alphanumeric characters, hyphens, and underscores are allowed. + // A human-identifiable name for the origin. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Default: 1. + // The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Defaults to `1`. + Weight *float64 `json:"weight,omitempty" tf:"weight,omitempty"` +} + type OriginsObservation struct { + + // The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. Hostnames entered here should resolve directly to the origin, and not be a hostname proxied by Cloudflare. + // The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. + Address *string `json:"address,omitempty" tf:"address,omitempty"` + + // Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any). + // Whether this origin is enabled. Disabled origins will not receive traffic and are excluded from health checks. Defaults to `true`. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below. + // HTTP request headers. + Header []OriginsHeaderObservation `json:"header,omitempty" tf:"header,omitempty"` + + // A short name (tag) for the pool. Only alphanumeric characters, hyphens, and underscores are allowed. + // A human-identifiable name for the origin. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Default: 1. + // The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Defaults to `1`. + Weight *float64 `json:"weight,omitempty" tf:"weight,omitempty"` } type OriginsParameters struct { + // The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. Hostnames entered here should resolve directly to the origin, and not be a hostname proxied by Cloudflare. // The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Address *string `json:"address" tf:"address,omitempty"` + // Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any). // Whether this origin is enabled. Disabled origins will not receive traffic and are excluded from health checks. Defaults to `true`. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below. // HTTP request headers. // +kubebuilder:validation:Optional Header []OriginsHeaderParameters `json:"header,omitempty" tf:"header,omitempty"` + // A short name (tag) for the pool. Only alphanumeric characters, hyphens, and underscores are allowed. // A human-identifiable name for the origin. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` + // The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Default: 1. // The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Defaults to `1`. // +kubebuilder:validation:Optional Weight *float64 `json:"weight,omitempty" tf:"weight,omitempty"` } +type PoolInitParameters struct { + + // The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // A list of regions (specified by region code) from which to run health checks. Empty means every Cloudflare data center (the default), but requires an Enterprise plan. Region codes can be found here. + // +listType=set + CheckRegions []*string `json:"checkRegions,omitempty" tf:"check_regions,omitempty"` + + // Free text description. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any). + // Defaults to `true`. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // The latitude this pool is physically located at; used for proximity steering. Values should be between -90 and 90. + Latitude *float64 `json:"latitude,omitempty" tf:"latitude,omitempty"` + + // Setting for controlling load shedding for this pool. + LoadShedding []LoadSheddingInitParameters `json:"loadShedding,omitempty" tf:"load_shedding,omitempty"` + + // The longitude this pool is physically located at; used for proximity steering. Values should be between -180 and 180. + Longitude *float64 `json:"longitude,omitempty" tf:"longitude,omitempty"` + + // The minimum number of origins that must be healthy for this pool to serve traffic. If the number of healthy origins falls below this number, the pool will be marked unhealthy and we will failover to the next available pool. Default: 1. + // Defaults to `1`. + MinimumOrigins *float64 `json:"minimumOrigins,omitempty" tf:"minimum_origins,omitempty"` + + // The ID of the Monitor to use for health checking origins within this pool. + // +crossplane:generate:reference:type=Monitor + Monitor *string `json:"monitor,omitempty" tf:"monitor,omitempty"` + + // Reference to a Monitor to populate monitor. + // +kubebuilder:validation:Optional + MonitorRef *v1.Reference `json:"monitorRef,omitempty" tf:"-"` + + // Selector for a Monitor to populate monitor. + // +kubebuilder:validation:Optional + MonitorSelector *v1.Selector `json:"monitorSelector,omitempty" tf:"-"` + + // A short name (tag) for the pool. Only alphanumeric characters, hyphens, and underscores are allowed. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The email address to send health status notifications to. This can be an individual mailbox or a mailing list. Multiple emails can be supplied as a comma delimited list. + NotificationEmail *string `json:"notificationEmail,omitempty" tf:"notification_email,omitempty"` + + // Set an origin steering policy to control origin selection within a pool. + OriginSteering []OriginSteeringInitParameters `json:"originSteering,omitempty" tf:"origin_steering,omitempty"` + + // The list of origins within this pool. Traffic directed at this pool is balanced across all currently healthy origins, provided the pool itself is healthy. It's a complex value. See description below. + Origins []OriginsInitParameters `json:"origins,omitempty" tf:"origins,omitempty"` +} + type PoolObservation struct { + + // The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // A list of regions (specified by region code) from which to run health checks. Empty means every Cloudflare data center (the default), but requires an Enterprise plan. Region codes can be found here. + // +listType=set + CheckRegions []*string `json:"checkRegions,omitempty" tf:"check_regions,omitempty"` + + // The RFC3339 timestamp of when the load balancer was created. CreatedOn *string `json:"createdOn,omitempty" tf:"created_on,omitempty"` + // Free text description. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any). + // Defaults to `true`. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // ID for this load balancer pool. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // The latitude this pool is physically located at; used for proximity steering. Values should be between -90 and 90. + Latitude *float64 `json:"latitude,omitempty" tf:"latitude,omitempty"` + + // Setting for controlling load shedding for this pool. + LoadShedding []LoadSheddingObservation `json:"loadShedding,omitempty" tf:"load_shedding,omitempty"` + + // The longitude this pool is physically located at; used for proximity steering. Values should be between -180 and 180. + Longitude *float64 `json:"longitude,omitempty" tf:"longitude,omitempty"` + + // The minimum number of origins that must be healthy for this pool to serve traffic. If the number of healthy origins falls below this number, the pool will be marked unhealthy and we will failover to the next available pool. Default: 1. + // Defaults to `1`. + MinimumOrigins *float64 `json:"minimumOrigins,omitempty" tf:"minimum_origins,omitempty"` + + // The RFC3339 timestamp of when the load balancer was last modified. ModifiedOn *string `json:"modifiedOn,omitempty" tf:"modified_on,omitempty"` + + // The ID of the Monitor to use for health checking origins within this pool. + Monitor *string `json:"monitor,omitempty" tf:"monitor,omitempty"` + + // A short name (tag) for the pool. Only alphanumeric characters, hyphens, and underscores are allowed. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The email address to send health status notifications to. This can be an individual mailbox or a mailing list. Multiple emails can be supplied as a comma delimited list. + NotificationEmail *string `json:"notificationEmail,omitempty" tf:"notification_email,omitempty"` + + // Set an origin steering policy to control origin selection within a pool. + OriginSteering []OriginSteeringObservation `json:"originSteering,omitempty" tf:"origin_steering,omitempty"` + + // The list of origins within this pool. Traffic directed at this pool is balanced across all currently healthy origins, provided the pool itself is healthy. It's a complex value. See description below. + Origins []OriginsObservation `json:"origins,omitempty" tf:"origins,omitempty"` } type PoolParameters struct { + // The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -108,29 +347,38 @@ type PoolParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // A list of regions (specified by region code) from which to run health checks. Empty means every Cloudflare data center (the default), but requires an Enterprise plan. Region codes can be found here. // +kubebuilder:validation:Optional + // +listType=set CheckRegions []*string `json:"checkRegions,omitempty" tf:"check_regions,omitempty"` + // Free text description. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any). // Defaults to `true`. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // The latitude this pool is physically located at; used for proximity steering. Values should be between -90 and 90. // +kubebuilder:validation:Optional Latitude *float64 `json:"latitude,omitempty" tf:"latitude,omitempty"` + // Setting for controlling load shedding for this pool. // +kubebuilder:validation:Optional LoadShedding []LoadSheddingParameters `json:"loadShedding,omitempty" tf:"load_shedding,omitempty"` + // The longitude this pool is physically located at; used for proximity steering. Values should be between -180 and 180. // +kubebuilder:validation:Optional Longitude *float64 `json:"longitude,omitempty" tf:"longitude,omitempty"` + // The minimum number of origins that must be healthy for this pool to serve traffic. If the number of healthy origins falls below this number, the pool will be marked unhealthy and we will failover to the next available pool. Default: 1. // Defaults to `1`. // +kubebuilder:validation:Optional MinimumOrigins *float64 `json:"minimumOrigins,omitempty" tf:"minimum_origins,omitempty"` + // The ID of the Monitor to use for health checking origins within this pool. // +crossplane:generate:reference:type=Monitor // +kubebuilder:validation:Optional Monitor *string `json:"monitor,omitempty" tf:"monitor,omitempty"` @@ -143,23 +391,38 @@ type PoolParameters struct { // +kubebuilder:validation:Optional MonitorSelector *v1.Selector `json:"monitorSelector,omitempty" tf:"-"` - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // A short name (tag) for the pool. Only alphanumeric characters, hyphens, and underscores are allowed. + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // The email address to send health status notifications to. This can be an individual mailbox or a mailing list. Multiple emails can be supplied as a comma delimited list. // +kubebuilder:validation:Optional NotificationEmail *string `json:"notificationEmail,omitempty" tf:"notification_email,omitempty"` + // Set an origin steering policy to control origin selection within a pool. // +kubebuilder:validation:Optional OriginSteering []OriginSteeringParameters `json:"originSteering,omitempty" tf:"origin_steering,omitempty"` - // +kubebuilder:validation:Required - Origins []OriginsParameters `json:"origins" tf:"origins,omitempty"` + // The list of origins within this pool. Traffic directed at this pool is balanced across all currently healthy origins, provided the pool itself is healthy. It's a complex value. See description below. + // +kubebuilder:validation:Optional + Origins []OriginsParameters `json:"origins,omitempty" tf:"origins,omitempty"` } // PoolSpec defines the desired state of Pool type PoolSpec struct { v1.ResourceSpec `json:",inline"` ForProvider PoolParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider PoolInitParameters `json:"initProvider,omitempty"` } // PoolStatus defines the observed state of Pool. @@ -169,19 +432,22 @@ type PoolStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Pool is the Schema for the Pools API. +// Pool is the Schema for the Pools API. Provides a Cloudflare Load Balancer Pool resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Pool struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec PoolSpec `json:"spec"` - Status PoolStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.origins) || (has(self.initProvider) && has(self.initProvider.origins))",message="spec.forProvider.origins is a required parameter" + Spec PoolSpec `json:"spec"` + Status PoolStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/logpush/v1alpha1/zz_generated.conversion_hubs.go b/apis/logpush/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..824bf18 --- /dev/null +++ b/apis/logpush/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,17 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Job) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *OwnershipChallenge) Hub() {} diff --git a/apis/logpush/v1alpha1/zz_generated.deepcopy.go b/apis/logpush/v1alpha1/zz_generated.deepcopy.go index a2f4b6d..2f20d42 100644 --- a/apis/logpush/v1alpha1/zz_generated.deepcopy.go +++ b/apis/logpush/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,96 @@ func (in *Job) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JobInitParameters) DeepCopyInto(out *JobInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Dataset != nil { + in, out := &in.Dataset, &out.Dataset + *out = new(string) + **out = **in + } + if in.DestinationConf != nil { + in, out := &in.DestinationConf, &out.DestinationConf + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Filter != nil { + in, out := &in.Filter, &out.Filter + *out = new(string) + **out = **in + } + if in.Frequency != nil { + in, out := &in.Frequency, &out.Frequency + *out = new(string) + **out = **in + } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(string) + **out = **in + } + if in.LogpullOptions != nil { + in, out := &in.LogpullOptions, &out.LogpullOptions + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.OwnershipChallenge != nil { + in, out := &in.OwnershipChallenge, &out.OwnershipChallenge + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JobInitParameters. +func (in *JobInitParameters) DeepCopy() *JobInitParameters { + if in == nil { + return nil + } + out := new(JobInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JobList) DeepCopyInto(out *JobList) { *out = *in @@ -76,11 +165,66 @@ func (in *JobList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JobObservation) DeepCopyInto(out *JobObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Dataset != nil { + in, out := &in.Dataset, &out.Dataset + *out = new(string) + **out = **in + } + if in.DestinationConf != nil { + in, out := &in.DestinationConf, &out.DestinationConf + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Filter != nil { + in, out := &in.Filter, &out.Filter + *out = new(string) + **out = **in + } + if in.Frequency != nil { + in, out := &in.Frequency, &out.Frequency + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(string) + **out = **in + } + if in.LogpullOptions != nil { + in, out := &in.LogpullOptions, &out.LogpullOptions + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.OwnershipChallenge != nil { + in, out := &in.OwnershipChallenge, &out.OwnershipChallenge + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JobObservation. @@ -188,6 +332,7 @@ func (in *JobSpec) DeepCopyInto(out *JobSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JobSpec. @@ -244,6 +389,56 @@ func (in *OwnershipChallenge) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OwnershipChallengeInitParameters) DeepCopyInto(out *OwnershipChallengeInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.DestinationConf != nil { + in, out := &in.DestinationConf, &out.DestinationConf + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OwnershipChallengeInitParameters. +func (in *OwnershipChallengeInitParameters) DeepCopy() *OwnershipChallengeInitParameters { + if in == nil { + return nil + } + out := new(OwnershipChallengeInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OwnershipChallengeList) DeepCopyInto(out *OwnershipChallengeList) { *out = *in @@ -279,6 +474,16 @@ func (in *OwnershipChallengeList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OwnershipChallengeObservation) DeepCopyInto(out *OwnershipChallengeObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.DestinationConf != nil { + in, out := &in.DestinationConf, &out.DestinationConf + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) @@ -289,6 +494,11 @@ func (in *OwnershipChallengeObservation) DeepCopyInto(out *OwnershipChallengeObs *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OwnershipChallengeObservation. @@ -356,6 +566,7 @@ func (in *OwnershipChallengeSpec) DeepCopyInto(out *OwnershipChallengeSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OwnershipChallengeSpec. diff --git a/apis/logpush/v1alpha1/zz_generated.managed.go b/apis/logpush/v1alpha1/zz_generated.managed.go index a3c1bbe..af573a0 100644 --- a/apis/logpush/v1alpha1/zz_generated.managed.go +++ b/apis/logpush/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Job) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Job. +func (mg *Job) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Job. func (mg *Job) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Job. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Job) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Job. func (mg *Job) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Job) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Job. +func (mg *Job) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Job. func (mg *Job) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Job. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Job) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Job. func (mg *Job) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *OwnershipChallenge) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this OwnershipChallenge. +func (mg *OwnershipChallenge) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this OwnershipChallenge. func (mg *OwnershipChallenge) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this OwnershipChallenge. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *OwnershipChallenge) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this OwnershipChallenge. func (mg *OwnershipChallenge) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *OwnershipChallenge) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this OwnershipChallenge. +func (mg *OwnershipChallenge) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this OwnershipChallenge. func (mg *OwnershipChallenge) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this OwnershipChallenge. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *OwnershipChallenge) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this OwnershipChallenge. func (mg *OwnershipChallenge) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/logpush/v1alpha1/zz_generated.resolvers.go b/apis/logpush/v1alpha1/zz_generated.resolvers.go index 8fcd191..5240692 100644 --- a/apis/logpush/v1alpha1/zz_generated.resolvers.go +++ b/apis/logpush/v1alpha1/zz_generated.resolvers.go @@ -53,6 +53,38 @@ func (mg *Job) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -95,5 +127,37 @@ func (mg *OwnershipChallenge) ResolveReferences(ctx context.Context, c client.Re mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/logpush/v1alpha1/zz_groupversion_info.go b/apis/logpush/v1alpha1/zz_groupversion_info.go index dacceb0..5ba63b4 100755 --- a/apis/logpush/v1alpha1/zz_groupversion_info.go +++ b/apis/logpush/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/logpush/v1alpha1/zz_job_terraformed.go b/apis/logpush/v1alpha1/zz_job_terraformed.go new file mode 100755 index 0000000..7bec911 --- /dev/null +++ b/apis/logpush/v1alpha1/zz_job_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Job +func (mg *Job) GetTerraformResourceType() string { + return "cloudflare_logpush_job" +} + +// GetConnectionDetailsMapping for this Job +func (tr *Job) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Job +func (tr *Job) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Job +func (tr *Job) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Job +func (tr *Job) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Job +func (tr *Job) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Job +func (tr *Job) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Job +func (tr *Job) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Job +func (tr *Job) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Job using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Job) LateInitialize(attrs []byte) (bool, error) { + params := &JobParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Job) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/logpush/v1alpha1/zz_job_types.go b/apis/logpush/v1alpha1/zz_job_types.go index a58048a..e93716d 100755 --- a/apis/logpush/v1alpha1/zz_job_types.go +++ b/apis/logpush/v1alpha1/zz_job_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,124 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type JobInitParameters struct { + + // (String) The account identifier to target for the resource. Must provide only one of account_id, zone_id. + // The account identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. Available values: access_requests, firewall_events, http_requests, spectrum_events, nel_reports, audit_logs, gateway_dns, gateway_http, gateway_network, dns_logs, network_analytics_logs, workers_trace_events. + // Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See [Logpush destination documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). Available values: `access_requests`, `firewall_events`, `http_requests`, `spectrum_events`, `nel_reports`, `audit_logs`, `gateway_dns`, `gateway_http`, `gateway_network`, `dns_logs`, `network_analytics_logs`, `workers_trace_events`. + Dataset *string `json:"dataset,omitempty" tf:"dataset,omitempty"` + + // (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. + // Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See [Logpush destination documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). + DestinationConf *string `json:"destinationConf,omitempty" tf:"destination_conf,omitempty"` + + // (Boolean) Whether to enable the job. + // Whether to enable the job. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) Use filters to select the events to include and/or remove from your logs. For more information, refer to Filters. + // Use filters to select the events to include and/or remove from your logs. For more information, refer to [Filters](https://developers.cloudflare.com/logs/reference/logpush-api-configuration/filters/). + Filter *string `json:"filter,omitempty" tf:"filter,omitempty"` + + // (String) A higher frequency will result in logs being pushed on faster with smaller files. low frequency will push logs less often with larger files. Available values: high, low. Defaults to high. + // A higher frequency will result in logs being pushed on faster with smaller files. `low` frequency will push logs less often with larger files. Available values: `high`, `low`. Defaults to `high`. + Frequency *string `json:"frequency,omitempty" tf:"frequency,omitempty"` + + // logs, "". + // The kind of logpush job to create. Available values: `edge`, `instant-logs`, `""`. + Kind *string `json:"kind,omitempty" tf:"kind,omitempty"` + + // (String) Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See Logpull options documentation. + // Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See [Logpull options documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#options). + LogpullOptions *string `json:"logpullOptions,omitempty" tf:"logpull_options,omitempty"` + + // (String) The name of the logpush job to create. + // The name of the logpush job to create. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See Developer documentation. + // Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See [Developer documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#usage). + OwnershipChallenge *string `json:"ownershipChallenge,omitempty" tf:"ownership_challenge,omitempty"` + + // (String) The zone identifier to target for the resource. Must provide only one of account_id, zone_id. + // The zone identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type JobObservation struct { + + // (String) The account identifier to target for the resource. Must provide only one of account_id, zone_id. + // The account identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. Available values: access_requests, firewall_events, http_requests, spectrum_events, nel_reports, audit_logs, gateway_dns, gateway_http, gateway_network, dns_logs, network_analytics_logs, workers_trace_events. + // Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See [Logpush destination documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). Available values: `access_requests`, `firewall_events`, `http_requests`, `spectrum_events`, `nel_reports`, `audit_logs`, `gateway_dns`, `gateway_http`, `gateway_network`, `dns_logs`, `network_analytics_logs`, `workers_trace_events`. + Dataset *string `json:"dataset,omitempty" tf:"dataset,omitempty"` + + // (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. + // Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See [Logpush destination documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). + DestinationConf *string `json:"destinationConf,omitempty" tf:"destination_conf,omitempty"` + + // (Boolean) Whether to enable the job. + // Whether to enable the job. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) Use filters to select the events to include and/or remove from your logs. For more information, refer to Filters. + // Use filters to select the events to include and/or remove from your logs. For more information, refer to [Filters](https://developers.cloudflare.com/logs/reference/logpush-api-configuration/filters/). + Filter *string `json:"filter,omitempty" tf:"filter,omitempty"` + + // (String) A higher frequency will result in logs being pushed on faster with smaller files. low frequency will push logs less often with larger files. Available values: high, low. Defaults to high. + // A higher frequency will result in logs being pushed on faster with smaller files. `low` frequency will push logs less often with larger files. Available values: `high`, `low`. Defaults to `high`. + Frequency *string `json:"frequency,omitempty" tf:"frequency,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // logs, "". + // The kind of logpush job to create. Available values: `edge`, `instant-logs`, `""`. + Kind *string `json:"kind,omitempty" tf:"kind,omitempty"` + + // (String) Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See Logpull options documentation. + // Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See [Logpull options documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#options). + LogpullOptions *string `json:"logpullOptions,omitempty" tf:"logpull_options,omitempty"` + + // (String) The name of the logpush job to create. + // The name of the logpush job to create. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See Developer documentation. + // Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See [Developer documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#usage). + OwnershipChallenge *string `json:"ownershipChallenge,omitempty" tf:"ownership_challenge,omitempty"` + + // (String) The zone identifier to target for the resource. Must provide only one of account_id, zone_id. + // The zone identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type JobParameters struct { + // (String) The account identifier to target for the resource. Must provide only one of account_id, zone_id. // The account identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,42 +148,52 @@ type JobParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. Available values: access_requests, firewall_events, http_requests, spectrum_events, nel_reports, audit_logs, gateway_dns, gateway_http, gateway_network, dns_logs, network_analytics_logs, workers_trace_events. // Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See [Logpush destination documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). Available values: `access_requests`, `firewall_events`, `http_requests`, `spectrum_events`, `nel_reports`, `audit_logs`, `gateway_dns`, `gateway_http`, `gateway_network`, `dns_logs`, `network_analytics_logs`, `workers_trace_events`. - // +kubebuilder:validation:Required - Dataset *string `json:"dataset" tf:"dataset,omitempty"` + // +kubebuilder:validation:Optional + Dataset *string `json:"dataset,omitempty" tf:"dataset,omitempty"` + // (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. // Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See [Logpush destination documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). - // +kubebuilder:validation:Required - DestinationConf *string `json:"destinationConf" tf:"destination_conf,omitempty"` + // +kubebuilder:validation:Optional + DestinationConf *string `json:"destinationConf,omitempty" tf:"destination_conf,omitempty"` + // (Boolean) Whether to enable the job. // Whether to enable the job. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // (String) Use filters to select the events to include and/or remove from your logs. For more information, refer to Filters. // Use filters to select the events to include and/or remove from your logs. For more information, refer to [Filters](https://developers.cloudflare.com/logs/reference/logpush-api-configuration/filters/). // +kubebuilder:validation:Optional Filter *string `json:"filter,omitempty" tf:"filter,omitempty"` + // (String) A higher frequency will result in logs being pushed on faster with smaller files. low frequency will push logs less often with larger files. Available values: high, low. Defaults to high. // A higher frequency will result in logs being pushed on faster with smaller files. `low` frequency will push logs less often with larger files. Available values: `high`, `low`. Defaults to `high`. // +kubebuilder:validation:Optional Frequency *string `json:"frequency,omitempty" tf:"frequency,omitempty"` + // logs, "". // The kind of logpush job to create. Available values: `edge`, `instant-logs`, `""`. // +kubebuilder:validation:Optional Kind *string `json:"kind,omitempty" tf:"kind,omitempty"` + // (String) Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See Logpull options documentation. // Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See [Logpull options documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#options). // +kubebuilder:validation:Optional LogpullOptions *string `json:"logpullOptions,omitempty" tf:"logpull_options,omitempty"` + // (String) The name of the logpush job to create. // The name of the logpush job to create. // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See Developer documentation. // Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See [Developer documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#usage). // +kubebuilder:validation:Optional OwnershipChallenge *string `json:"ownershipChallenge,omitempty" tf:"ownership_challenge,omitempty"` + // (String) The zone identifier to target for the resource. Must provide only one of account_id, zone_id. // The zone identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -86,6 +212,17 @@ type JobParameters struct { type JobSpec struct { v1.ResourceSpec `json:",inline"` ForProvider JobParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider JobInitParameters `json:"initProvider,omitempty"` } // JobStatus defines the observed state of Job. @@ -95,19 +232,22 @@ type JobStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Job is the Schema for the Jobs API. +// Job is the Schema for the Jobs API. Provides a resource which manages Cloudflare Logpush jobs. For Logpush jobs pushing to Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic, this resource cannot be automatically created. In order to have this automated, you must have: cloudflare_logpush_ownership_challenge: Configured to generate the challenge to confirm ownership of the destination.cloudflare_logpush_job: Create and manage the Logpush Job itself. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Job struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec JobSpec `json:"spec"` - Status JobStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.dataset) || (has(self.initProvider) && has(self.initProvider.dataset))",message="spec.forProvider.dataset is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.destinationConf) || (has(self.initProvider) && has(self.initProvider.destinationConf))",message="spec.forProvider.destinationConf is a required parameter" + Spec JobSpec `json:"spec"` + Status JobStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/logpush/v1alpha1/zz_generated_terraformed.go b/apis/logpush/v1alpha1/zz_ownershipchallenge_terraformed.go similarity index 57% rename from apis/logpush/v1alpha1/zz_generated_terraformed.go rename to apis/logpush/v1alpha1/zz_ownershipchallenge_terraformed.go index 3f14304..9121a70 100755 --- a/apis/logpush/v1alpha1/zz_generated_terraformed.go +++ b/apis/logpush/v1alpha1/zz_ownershipchallenge_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,24 +11,25 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) -// GetTerraformResourceType returns Terraform resource type for this Job -func (mg *Job) GetTerraformResourceType() string { - return "cloudflare_logpush_job" +// GetTerraformResourceType returns Terraform resource type for this OwnershipChallenge +func (mg *OwnershipChallenge) GetTerraformResourceType() string { + return "cloudflare_logpush_ownership_challenge" } -// GetConnectionDetailsMapping for this Job -func (tr *Job) GetConnectionDetailsMapping() map[string]string { +// GetConnectionDetailsMapping for this OwnershipChallenge +func (tr *OwnershipChallenge) GetConnectionDetailsMapping() map[string]string { return nil } -// GetObservation of this Job -func (tr *Job) GetObservation() (map[string]any, error) { +// GetObservation of this OwnershipChallenge +func (tr *OwnershipChallenge) GetObservation() (map[string]any, error) { o, err := json.TFParser.Marshal(tr.Status.AtProvider) if err != nil { return nil, err @@ -33,8 +38,8 @@ func (tr *Job) GetObservation() (map[string]any, error) { return base, json.TFParser.Unmarshal(o, &base) } -// SetObservation for this Job -func (tr *Job) SetObservation(obs map[string]any) error { +// SetObservation for this OwnershipChallenge +func (tr *OwnershipChallenge) SetObservation(obs map[string]any) error { p, err := json.TFParser.Marshal(obs) if err != nil { return err @@ -42,16 +47,16 @@ func (tr *Job) SetObservation(obs map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) } -// GetID returns ID of underlying Terraform resource of this Job -func (tr *Job) GetID() string { +// GetID returns ID of underlying Terraform resource of this OwnershipChallenge +func (tr *OwnershipChallenge) GetID() string { if tr.Status.AtProvider.ID == nil { return "" } return *tr.Status.AtProvider.ID } -// GetParameters of this Job -func (tr *Job) GetParameters() (map[string]any, error) { +// GetParameters of this OwnershipChallenge +func (tr *OwnershipChallenge) GetParameters() (map[string]any, error) { p, err := json.TFParser.Marshal(tr.Spec.ForProvider) if err != nil { return nil, err @@ -60,8 +65,8 @@ func (tr *Job) GetParameters() (map[string]any, error) { return base, json.TFParser.Unmarshal(p, &base) } -// SetParameters for this Job -func (tr *Job) SetParameters(params map[string]any) error { +// SetParameters for this OwnershipChallenge +func (tr *OwnershipChallenge) SetParameters(params map[string]any) error { p, err := json.TFParser.Marshal(params) if err != nil { return err @@ -69,78 +74,44 @@ func (tr *Job) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } -// LateInitialize this Job using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Job) LateInitialize(attrs []byte) (bool, error) { - params := &JobParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Job) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this OwnershipChallenge -func (mg *OwnershipChallenge) GetTerraformResourceType() string { - return "cloudflare_logpush_ownership_challenge" -} - -// GetConnectionDetailsMapping for this OwnershipChallenge -func (tr *OwnershipChallenge) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this OwnershipChallenge -func (tr *OwnershipChallenge) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) +// GetInitParameters of this OwnershipChallenge +func (tr *OwnershipChallenge) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) if err != nil { return nil, err } base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) + return base, json.TFParser.Unmarshal(p, &base) } -// SetObservation for this OwnershipChallenge -func (tr *OwnershipChallenge) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) +// GetInitParameters of this OwnershipChallenge +func (tr *OwnershipChallenge) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() if err != nil { - return err + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this OwnershipChallenge -func (tr *OwnershipChallenge) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" + if !shouldMergeInitProvider { + return params, nil } - return *tr.Status.AtProvider.ID -} -// GetParameters of this OwnershipChallenge -func (tr *OwnershipChallenge) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + initParams, err := tr.GetInitParameters() if err != nil { - return nil, err + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} -// SetParameters for this OwnershipChallenge -func (tr *OwnershipChallenge) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) if err != nil { - return err + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) + + return params, nil } // LateInitialize this OwnershipChallenge using its observed tfState. diff --git a/apis/logpush/v1alpha1/zz_ownershipchallenge_types.go b/apis/logpush/v1alpha1/zz_ownershipchallenge_types.go index 6f9864e..3a1c03a 100755 --- a/apis/logpush/v1alpha1/zz_ownershipchallenge_types.go +++ b/apis/logpush/v1alpha1/zz_ownershipchallenge_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,14 +17,63 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type OwnershipChallengeInitParameters struct { + + // The account ID where the logpush ownership challenge should be created. Either account_id or zone_id are required. + // The account identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. + // **Modifying this attribute will force creation of a new resource.** + DestinationConf *string `json:"destinationConf,omitempty" tf:"destination_conf,omitempty"` + + // The zone ID where the logpush ownership challenge should be created. Either account_id or zone_id are required. + // The zone identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type OwnershipChallengeObservation struct { + + // The account ID where the logpush ownership challenge should be created. Either account_id or zone_id are required. + // The account identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. + // **Modifying this attribute will force creation of a new resource.** + DestinationConf *string `json:"destinationConf,omitempty" tf:"destination_conf,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` + // The filename of the ownership challenge which + // contains the contents required for Logpush Job creation. OwnershipChallengeFilename *string `json:"ownershipChallengeFilename,omitempty" tf:"ownership_challenge_filename,omitempty"` + + // The zone ID where the logpush ownership challenge should be created. Either account_id or zone_id are required. + // The zone identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type OwnershipChallengeParameters struct { + // The account ID where the logpush ownership challenge should be created. Either account_id or zone_id are required. // The account identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -34,10 +87,12 @@ type OwnershipChallengeParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. // **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - DestinationConf *string `json:"destinationConf" tf:"destination_conf,omitempty"` + // +kubebuilder:validation:Optional + DestinationConf *string `json:"destinationConf,omitempty" tf:"destination_conf,omitempty"` + // The zone ID where the logpush ownership challenge should be created. Either account_id or zone_id are required. // The zone identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -56,6 +111,17 @@ type OwnershipChallengeParameters struct { type OwnershipChallengeSpec struct { v1.ResourceSpec `json:",inline"` ForProvider OwnershipChallengeParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider OwnershipChallengeInitParameters `json:"initProvider,omitempty"` } // OwnershipChallengeStatus defines the observed state of OwnershipChallenge. @@ -65,19 +131,21 @@ type OwnershipChallengeStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// OwnershipChallenge is the Schema for the OwnershipChallenges API. +// OwnershipChallenge is the Schema for the OwnershipChallenges API. Provides a resource which manages Cloudflare Logpush ownership challenges to use in a Logpush Job. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type OwnershipChallenge struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec OwnershipChallengeSpec `json:"spec"` - Status OwnershipChallengeStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.destinationConf) || (has(self.initProvider) && has(self.initProvider.destinationConf))",message="spec.forProvider.destinationConf is a required parameter" + Spec OwnershipChallengeSpec `json:"spec"` + Status OwnershipChallengeStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/magic/v1alpha1/zz_firewallruleset_terraformed.go b/apis/magic/v1alpha1/zz_firewallruleset_terraformed.go new file mode 100755 index 0000000..f482039 --- /dev/null +++ b/apis/magic/v1alpha1/zz_firewallruleset_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this FirewallRuleset +func (mg *FirewallRuleset) GetTerraformResourceType() string { + return "cloudflare_magic_firewall_ruleset" +} + +// GetConnectionDetailsMapping for this FirewallRuleset +func (tr *FirewallRuleset) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this FirewallRuleset +func (tr *FirewallRuleset) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this FirewallRuleset +func (tr *FirewallRuleset) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this FirewallRuleset +func (tr *FirewallRuleset) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this FirewallRuleset +func (tr *FirewallRuleset) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this FirewallRuleset +func (tr *FirewallRuleset) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this FirewallRuleset +func (tr *FirewallRuleset) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this FirewallRuleset +func (tr *FirewallRuleset) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this FirewallRuleset using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *FirewallRuleset) LateInitialize(attrs []byte) (bool, error) { + params := &FirewallRulesetParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *FirewallRuleset) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/magic/v1alpha1/zz_firewallruleset_types.go b/apis/magic/v1alpha1/zz_firewallruleset_types.go index d018910..4fe5078 100755 --- a/apis/magic/v1alpha1/zz_firewallruleset_types.go +++ b/apis/magic/v1alpha1/zz_firewallruleset_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,52 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type FirewallRulesetInitParameters struct { + + // The ID of the account where the ruleset is being created. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // A note that can be used to annotate the ruleset. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // The name of the ruleset. + // **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + Rules []map[string]*string `json:"rules,omitempty" tf:"rules,omitempty"` +} + type FirewallRulesetObservation struct { + + // The ID of the account where the ruleset is being created. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // A note that can be used to annotate the ruleset. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // The name of the ruleset. + // **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + Rules []map[string]*string `json:"rules,omitempty" tf:"rules,omitempty"` } type FirewallRulesetParameters struct { + // The ID of the account where the ruleset is being created. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,12 +76,14 @@ type FirewallRulesetParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // A note that can be used to annotate the ruleset. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // The name of the ruleset. // **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` // +kubebuilder:validation:Optional Rules []map[string]*string `json:"rules,omitempty" tf:"rules,omitempty"` @@ -47,6 +93,17 @@ type FirewallRulesetParameters struct { type FirewallRulesetSpec struct { v1.ResourceSpec `json:",inline"` ForProvider FirewallRulesetParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider FirewallRulesetInitParameters `json:"initProvider,omitempty"` } // FirewallRulesetStatus defines the observed state of FirewallRuleset. @@ -56,19 +113,21 @@ type FirewallRulesetStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// FirewallRuleset is the Schema for the FirewallRulesets API. +// FirewallRuleset is the Schema for the FirewallRulesets API. Provides the ability to manage a Magic Firewall Ruleset and it's firewall rules which are used with Magic Transit. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type FirewallRuleset struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec FirewallRulesetSpec `json:"spec"` - Status FirewallRulesetStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec FirewallRulesetSpec `json:"spec"` + Status FirewallRulesetStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/magic/v1alpha1/zz_generated.conversion_hubs.go b/apis/magic/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..3adc532 --- /dev/null +++ b/apis/magic/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,23 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *GRETunnel) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *IPsecTunnel) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *FirewallRuleset) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *StaticRoute) Hub() {} diff --git a/apis/magic/v1alpha1/zz_generated.deepcopy.go b/apis/magic/v1alpha1/zz_generated.deepcopy.go index 876390c..bb609b9 100644 --- a/apis/magic/v1alpha1/zz_generated.deepcopy.go +++ b/apis/magic/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,68 @@ func (in *FirewallRuleset) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FirewallRulesetInitParameters) DeepCopyInto(out *FirewallRulesetInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]map[string]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FirewallRulesetInitParameters. +func (in *FirewallRulesetInitParameters) DeepCopy() *FirewallRulesetInitParameters { + if in == nil { + return nil + } + out := new(FirewallRulesetInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FirewallRulesetList) DeepCopyInto(out *FirewallRulesetList) { *out = *in @@ -76,11 +137,48 @@ func (in *FirewallRulesetList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FirewallRulesetObservation) DeepCopyInto(out *FirewallRulesetObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]map[string]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FirewallRulesetObservation. @@ -133,7 +231,8 @@ func (in *FirewallRulesetParameters) DeepCopyInto(out *FirewallRulesetParameters if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -159,6 +258,7 @@ func (in *FirewallRulesetSpec) DeepCopyInto(out *FirewallRulesetSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FirewallRulesetSpec. @@ -215,6 +315,86 @@ func (in *GRETunnel) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GRETunnelInitParameters) DeepCopyInto(out *GRETunnelInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.CloudflareGreEndpoint != nil { + in, out := &in.CloudflareGreEndpoint, &out.CloudflareGreEndpoint + *out = new(string) + **out = **in + } + if in.CustomerGreEndpoint != nil { + in, out := &in.CustomerGreEndpoint, &out.CustomerGreEndpoint + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.HealthCheckEnabled != nil { + in, out := &in.HealthCheckEnabled, &out.HealthCheckEnabled + *out = new(bool) + **out = **in + } + if in.HealthCheckTarget != nil { + in, out := &in.HealthCheckTarget, &out.HealthCheckTarget + *out = new(string) + **out = **in + } + if in.HealthCheckType != nil { + in, out := &in.HealthCheckType, &out.HealthCheckType + *out = new(string) + **out = **in + } + if in.InterfaceAddress != nil { + in, out := &in.InterfaceAddress, &out.InterfaceAddress + *out = new(string) + **out = **in + } + if in.Mtu != nil { + in, out := &in.Mtu, &out.Mtu + *out = new(float64) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.TTL != nil { + in, out := &in.TTL, &out.TTL + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GRETunnelInitParameters. +func (in *GRETunnelInitParameters) DeepCopy() *GRETunnelInitParameters { + if in == nil { + return nil + } + out := new(GRETunnelInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GRETunnelList) DeepCopyInto(out *GRETunnelList) { *out = *in @@ -250,11 +430,66 @@ func (in *GRETunnelList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GRETunnelObservation) DeepCopyInto(out *GRETunnelObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.CloudflareGreEndpoint != nil { + in, out := &in.CloudflareGreEndpoint, &out.CloudflareGreEndpoint + *out = new(string) + **out = **in + } + if in.CustomerGreEndpoint != nil { + in, out := &in.CustomerGreEndpoint, &out.CustomerGreEndpoint + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.HealthCheckEnabled != nil { + in, out := &in.HealthCheckEnabled, &out.HealthCheckEnabled + *out = new(bool) + **out = **in + } + if in.HealthCheckTarget != nil { + in, out := &in.HealthCheckTarget, &out.HealthCheckTarget + *out = new(string) + **out = **in + } + if in.HealthCheckType != nil { + in, out := &in.HealthCheckType, &out.HealthCheckType + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.InterfaceAddress != nil { + in, out := &in.InterfaceAddress, &out.InterfaceAddress + *out = new(string) + **out = **in + } + if in.Mtu != nil { + in, out := &in.Mtu, &out.Mtu + *out = new(float64) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.TTL != nil { + in, out := &in.TTL, &out.TTL + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GRETunnelObservation. @@ -352,6 +587,7 @@ func (in *GRETunnelSpec) DeepCopyInto(out *GRETunnelSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GRETunnelSpec. @@ -408,6 +644,101 @@ func (in *IPsecTunnel) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPsecTunnelInitParameters) DeepCopyInto(out *IPsecTunnelInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.AllowNullCipher != nil { + in, out := &in.AllowNullCipher, &out.AllowNullCipher + *out = new(bool) + **out = **in + } + if in.CloudflareEndpoint != nil { + in, out := &in.CloudflareEndpoint, &out.CloudflareEndpoint + *out = new(string) + **out = **in + } + if in.CustomerEndpoint != nil { + in, out := &in.CustomerEndpoint, &out.CustomerEndpoint + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.FqdnID != nil { + in, out := &in.FqdnID, &out.FqdnID + *out = new(string) + **out = **in + } + if in.HealthCheckEnabled != nil { + in, out := &in.HealthCheckEnabled, &out.HealthCheckEnabled + *out = new(bool) + **out = **in + } + if in.HealthCheckTarget != nil { + in, out := &in.HealthCheckTarget, &out.HealthCheckTarget + *out = new(string) + **out = **in + } + if in.HealthCheckType != nil { + in, out := &in.HealthCheckType, &out.HealthCheckType + *out = new(string) + **out = **in + } + if in.HexID != nil { + in, out := &in.HexID, &out.HexID + *out = new(string) + **out = **in + } + if in.InterfaceAddress != nil { + in, out := &in.InterfaceAddress, &out.InterfaceAddress + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.RemoteID != nil { + in, out := &in.RemoteID, &out.RemoteID + *out = new(string) + **out = **in + } + if in.UserID != nil { + in, out := &in.UserID, &out.UserID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPsecTunnelInitParameters. +func (in *IPsecTunnelInitParameters) DeepCopy() *IPsecTunnelInitParameters { + if in == nil { + return nil + } + out := new(IPsecTunnelInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPsecTunnelList) DeepCopyInto(out *IPsecTunnelList) { *out = *in @@ -443,11 +774,81 @@ func (in *IPsecTunnelList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPsecTunnelObservation) DeepCopyInto(out *IPsecTunnelObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AllowNullCipher != nil { + in, out := &in.AllowNullCipher, &out.AllowNullCipher + *out = new(bool) + **out = **in + } + if in.CloudflareEndpoint != nil { + in, out := &in.CloudflareEndpoint, &out.CloudflareEndpoint + *out = new(string) + **out = **in + } + if in.CustomerEndpoint != nil { + in, out := &in.CustomerEndpoint, &out.CustomerEndpoint + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.FqdnID != nil { + in, out := &in.FqdnID, &out.FqdnID + *out = new(string) + **out = **in + } + if in.HealthCheckEnabled != nil { + in, out := &in.HealthCheckEnabled, &out.HealthCheckEnabled + *out = new(bool) + **out = **in + } + if in.HealthCheckTarget != nil { + in, out := &in.HealthCheckTarget, &out.HealthCheckTarget + *out = new(string) + **out = **in + } + if in.HealthCheckType != nil { + in, out := &in.HealthCheckType, &out.HealthCheckType + *out = new(string) + **out = **in + } + if in.HexID != nil { + in, out := &in.HexID, &out.HexID + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.InterfaceAddress != nil { + in, out := &in.InterfaceAddress, &out.InterfaceAddress + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.RemoteID != nil { + in, out := &in.RemoteID, &out.RemoteID + *out = new(string) + **out = **in + } + if in.UserID != nil { + in, out := &in.UserID, &out.UserID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPsecTunnelObservation. @@ -565,6 +966,7 @@ func (in *IPsecTunnelSpec) DeepCopyInto(out *IPsecTunnelSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPsecTunnelSpec. @@ -621,6 +1023,83 @@ func (in *StaticRoute) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *StaticRouteInitParameters) DeepCopyInto(out *StaticRouteInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.ColoNames != nil { + in, out := &in.ColoNames, &out.ColoNames + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ColoRegions != nil { + in, out := &in.ColoRegions, &out.ColoRegions + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Nexthop != nil { + in, out := &in.Nexthop, &out.Nexthop + *out = new(string) + **out = **in + } + if in.Prefix != nil { + in, out := &in.Prefix, &out.Prefix + *out = new(string) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.Weight != nil { + in, out := &in.Weight, &out.Weight + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StaticRouteInitParameters. +func (in *StaticRouteInitParameters) DeepCopy() *StaticRouteInitParameters { + if in == nil { + return nil + } + out := new(StaticRouteInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *StaticRouteList) DeepCopyInto(out *StaticRouteList) { *out = *in @@ -656,11 +1135,63 @@ func (in *StaticRouteList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *StaticRouteObservation) DeepCopyInto(out *StaticRouteObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.ColoNames != nil { + in, out := &in.ColoNames, &out.ColoNames + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ColoRegions != nil { + in, out := &in.ColoRegions, &out.ColoRegions + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Nexthop != nil { + in, out := &in.Nexthop, &out.Nexthop + *out = new(string) + **out = **in + } + if in.Prefix != nil { + in, out := &in.Prefix, &out.Prefix + *out = new(string) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.Weight != nil { + in, out := &in.Weight, &out.Weight + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StaticRouteObservation. @@ -755,6 +1286,7 @@ func (in *StaticRouteSpec) DeepCopyInto(out *StaticRouteSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StaticRouteSpec. diff --git a/apis/magic/v1alpha1/zz_generated.managed.go b/apis/magic/v1alpha1/zz_generated.managed.go index b88b8ab..1496281 100644 --- a/apis/magic/v1alpha1/zz_generated.managed.go +++ b/apis/magic/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *FirewallRuleset) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this FirewallRuleset. +func (mg *FirewallRuleset) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this FirewallRuleset. func (mg *FirewallRuleset) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this FirewallRuleset. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *FirewallRuleset) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this FirewallRuleset. func (mg *FirewallRuleset) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *FirewallRuleset) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this FirewallRuleset. +func (mg *FirewallRuleset) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this FirewallRuleset. func (mg *FirewallRuleset) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this FirewallRuleset. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *FirewallRuleset) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this FirewallRuleset. func (mg *FirewallRuleset) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *GRETunnel) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this GRETunnel. +func (mg *GRETunnel) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this GRETunnel. func (mg *GRETunnel) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this GRETunnel. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *GRETunnel) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this GRETunnel. func (mg *GRETunnel) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *GRETunnel) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this GRETunnel. +func (mg *GRETunnel) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this GRETunnel. func (mg *GRETunnel) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this GRETunnel. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *GRETunnel) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this GRETunnel. func (mg *GRETunnel) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -149,19 +137,16 @@ func (mg *IPsecTunnel) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this IPsecTunnel. +func (mg *IPsecTunnel) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this IPsecTunnel. func (mg *IPsecTunnel) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this IPsecTunnel. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *IPsecTunnel) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this IPsecTunnel. func (mg *IPsecTunnel) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -182,19 +167,16 @@ func (mg *IPsecTunnel) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this IPsecTunnel. +func (mg *IPsecTunnel) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this IPsecTunnel. func (mg *IPsecTunnel) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this IPsecTunnel. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *IPsecTunnel) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this IPsecTunnel. func (mg *IPsecTunnel) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -215,19 +197,16 @@ func (mg *StaticRoute) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this StaticRoute. +func (mg *StaticRoute) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this StaticRoute. func (mg *StaticRoute) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this StaticRoute. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *StaticRoute) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this StaticRoute. func (mg *StaticRoute) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -248,19 +227,16 @@ func (mg *StaticRoute) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this StaticRoute. +func (mg *StaticRoute) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this StaticRoute. func (mg *StaticRoute) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this StaticRoute. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *StaticRoute) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this StaticRoute. func (mg *StaticRoute) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/magic/v1alpha1/zz_generated.resolvers.go b/apis/magic/v1alpha1/zz_generated.resolvers.go index e515fb5..555bcea 100644 --- a/apis/magic/v1alpha1/zz_generated.resolvers.go +++ b/apis/magic/v1alpha1/zz_generated.resolvers.go @@ -36,6 +36,22 @@ func (mg *FirewallRuleset) ResolveReferences(ctx context.Context, c client.Reade mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -62,6 +78,22 @@ func (mg *GRETunnel) ResolveReferences(ctx context.Context, c client.Reader) err mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -88,6 +120,22 @@ func (mg *IPsecTunnel) ResolveReferences(ctx context.Context, c client.Reader) e mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -114,5 +162,21 @@ func (mg *StaticRoute) ResolveReferences(ctx context.Context, c client.Reader) e mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/magic/v1alpha1/zz_generated_terraformed.go b/apis/magic/v1alpha1/zz_generated_terraformed.go deleted file mode 100755 index 12929b4..0000000 --- a/apis/magic/v1alpha1/zz_generated_terraformed.go +++ /dev/null @@ -1,310 +0,0 @@ -/* -Copyright 2022 Upbound Inc. -*/ - -// Code generated by upjet. DO NOT EDIT. - -package v1alpha1 - -import ( - "github.com/pkg/errors" - - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" -) - -// GetTerraformResourceType returns Terraform resource type for this GRETunnel -func (mg *GRETunnel) GetTerraformResourceType() string { - return "cloudflare_gre_tunnel" -} - -// GetConnectionDetailsMapping for this GRETunnel -func (tr *GRETunnel) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this GRETunnel -func (tr *GRETunnel) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this GRETunnel -func (tr *GRETunnel) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this GRETunnel -func (tr *GRETunnel) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this GRETunnel -func (tr *GRETunnel) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this GRETunnel -func (tr *GRETunnel) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this GRETunnel using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *GRETunnel) LateInitialize(attrs []byte) (bool, error) { - params := &GRETunnelParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *GRETunnel) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this IPsecTunnel -func (mg *IPsecTunnel) GetTerraformResourceType() string { - return "cloudflare_ipsec_tunnel" -} - -// GetConnectionDetailsMapping for this IPsecTunnel -func (tr *IPsecTunnel) GetConnectionDetailsMapping() map[string]string { - return map[string]string{"psk": "spec.forProvider.pskSecretRef"} -} - -// GetObservation of this IPsecTunnel -func (tr *IPsecTunnel) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this IPsecTunnel -func (tr *IPsecTunnel) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this IPsecTunnel -func (tr *IPsecTunnel) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this IPsecTunnel -func (tr *IPsecTunnel) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this IPsecTunnel -func (tr *IPsecTunnel) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this IPsecTunnel using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *IPsecTunnel) LateInitialize(attrs []byte) (bool, error) { - params := &IPsecTunnelParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *IPsecTunnel) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this FirewallRuleset -func (mg *FirewallRuleset) GetTerraformResourceType() string { - return "cloudflare_magic_firewall_ruleset" -} - -// GetConnectionDetailsMapping for this FirewallRuleset -func (tr *FirewallRuleset) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this FirewallRuleset -func (tr *FirewallRuleset) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this FirewallRuleset -func (tr *FirewallRuleset) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this FirewallRuleset -func (tr *FirewallRuleset) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this FirewallRuleset -func (tr *FirewallRuleset) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this FirewallRuleset -func (tr *FirewallRuleset) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this FirewallRuleset using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *FirewallRuleset) LateInitialize(attrs []byte) (bool, error) { - params := &FirewallRulesetParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *FirewallRuleset) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this StaticRoute -func (mg *StaticRoute) GetTerraformResourceType() string { - return "cloudflare_static_route" -} - -// GetConnectionDetailsMapping for this StaticRoute -func (tr *StaticRoute) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this StaticRoute -func (tr *StaticRoute) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this StaticRoute -func (tr *StaticRoute) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this StaticRoute -func (tr *StaticRoute) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this StaticRoute -func (tr *StaticRoute) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this StaticRoute -func (tr *StaticRoute) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this StaticRoute using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *StaticRoute) LateInitialize(attrs []byte) (bool, error) { - params := &StaticRouteParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *StaticRoute) GetTerraformSchemaVersion() int { - return 0 -} diff --git a/apis/magic/v1alpha1/zz_gretunnel_terraformed.go b/apis/magic/v1alpha1/zz_gretunnel_terraformed.go new file mode 100755 index 0000000..21e2644 --- /dev/null +++ b/apis/magic/v1alpha1/zz_gretunnel_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this GRETunnel +func (mg *GRETunnel) GetTerraformResourceType() string { + return "cloudflare_gre_tunnel" +} + +// GetConnectionDetailsMapping for this GRETunnel +func (tr *GRETunnel) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this GRETunnel +func (tr *GRETunnel) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this GRETunnel +func (tr *GRETunnel) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this GRETunnel +func (tr *GRETunnel) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this GRETunnel +func (tr *GRETunnel) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this GRETunnel +func (tr *GRETunnel) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this GRETunnel +func (tr *GRETunnel) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this GRETunnel +func (tr *GRETunnel) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this GRETunnel using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *GRETunnel) LateInitialize(attrs []byte) (bool, error) { + params := &GRETunnelParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *GRETunnel) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/magic/v1alpha1/zz_gretunnel_types.go b/apis/magic/v1alpha1/zz_gretunnel_types.go index e620287..4f2cefe 100755 --- a/apis/magic/v1alpha1/zz_gretunnel_types.go +++ b/apis/magic/v1alpha1/zz_gretunnel_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,94 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type GRETunnelInitParameters struct { + + // The ID of the account where the tunnel is being created. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // The IP address assigned to the Cloudflare side of the GRE tunnel. + CloudflareGreEndpoint *string `json:"cloudflareGreEndpoint,omitempty" tf:"cloudflare_gre_endpoint,omitempty"` + + // The IP address assigned to the customer side of the GRE tunnel. + CustomerGreEndpoint *string `json:"customerGreEndpoint,omitempty" tf:"customer_gre_endpoint,omitempty"` + + // An optional description of the GRE tunnel. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // Specifies if ICMP tunnel health checks are enabled Default: true. + HealthCheckEnabled *bool `json:"healthCheckEnabled,omitempty" tf:"health_check_enabled,omitempty"` + + // The IP address of the customer endpoint that will receive tunnel health checks. Default: . + HealthCheckTarget *string `json:"healthCheckTarget,omitempty" tf:"health_check_target,omitempty"` + + // Specifies the ICMP echo type for the health check (request or reply) Default: reply. + HealthCheckType *string `json:"healthCheckType,omitempty" tf:"health_check_type,omitempty"` + + // 31-bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + InterfaceAddress *string `json:"interfaceAddress,omitempty" tf:"interface_address,omitempty"` + + // Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. Maximum value 1476 and minimum value 576. Default: 1476. + Mtu *float64 `json:"mtu,omitempty" tf:"mtu,omitempty"` + + // Name of the GRE tunnel. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // Time To Live (TTL) in number of hops of the GRE tunnel. Minimum value 64. Default: 64. + TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` +} + type GRETunnelObservation struct { + + // The ID of the account where the tunnel is being created. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // The IP address assigned to the Cloudflare side of the GRE tunnel. + CloudflareGreEndpoint *string `json:"cloudflareGreEndpoint,omitempty" tf:"cloudflare_gre_endpoint,omitempty"` + + // The IP address assigned to the customer side of the GRE tunnel. + CustomerGreEndpoint *string `json:"customerGreEndpoint,omitempty" tf:"customer_gre_endpoint,omitempty"` + + // An optional description of the GRE tunnel. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // Specifies if ICMP tunnel health checks are enabled Default: true. + HealthCheckEnabled *bool `json:"healthCheckEnabled,omitempty" tf:"health_check_enabled,omitempty"` + + // The IP address of the customer endpoint that will receive tunnel health checks. Default: . + HealthCheckTarget *string `json:"healthCheckTarget,omitempty" tf:"health_check_target,omitempty"` + + // Specifies the ICMP echo type for the health check (request or reply) Default: reply. + HealthCheckType *string `json:"healthCheckType,omitempty" tf:"health_check_type,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // 31-bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + InterfaceAddress *string `json:"interfaceAddress,omitempty" tf:"interface_address,omitempty"` + + // Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. Maximum value 1476 and minimum value 576. Default: 1476. + Mtu *float64 `json:"mtu,omitempty" tf:"mtu,omitempty"` + + // Name of the GRE tunnel. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // Time To Live (TTL) in number of hops of the GRE tunnel. Minimum value 64. Default: 64. + TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` } type GRETunnelParameters struct { + // The ID of the account where the tunnel is being created. // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,33 +118,43 @@ type GRETunnelParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` - // +kubebuilder:validation:Required - CloudflareGreEndpoint *string `json:"cloudflareGreEndpoint" tf:"cloudflare_gre_endpoint,omitempty"` + // The IP address assigned to the Cloudflare side of the GRE tunnel. + // +kubebuilder:validation:Optional + CloudflareGreEndpoint *string `json:"cloudflareGreEndpoint,omitempty" tf:"cloudflare_gre_endpoint,omitempty"` - // +kubebuilder:validation:Required - CustomerGreEndpoint *string `json:"customerGreEndpoint" tf:"customer_gre_endpoint,omitempty"` + // The IP address assigned to the customer side of the GRE tunnel. + // +kubebuilder:validation:Optional + CustomerGreEndpoint *string `json:"customerGreEndpoint,omitempty" tf:"customer_gre_endpoint,omitempty"` + // An optional description of the GRE tunnel. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // Specifies if ICMP tunnel health checks are enabled Default: true. // +kubebuilder:validation:Optional HealthCheckEnabled *bool `json:"healthCheckEnabled,omitempty" tf:"health_check_enabled,omitempty"` + // The IP address of the customer endpoint that will receive tunnel health checks. Default: . // +kubebuilder:validation:Optional HealthCheckTarget *string `json:"healthCheckTarget,omitempty" tf:"health_check_target,omitempty"` + // Specifies the ICMP echo type for the health check (request or reply) Default: reply. // +kubebuilder:validation:Optional HealthCheckType *string `json:"healthCheckType,omitempty" tf:"health_check_type,omitempty"` - // +kubebuilder:validation:Required - InterfaceAddress *string `json:"interfaceAddress" tf:"interface_address,omitempty"` + // 31-bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + // +kubebuilder:validation:Optional + InterfaceAddress *string `json:"interfaceAddress,omitempty" tf:"interface_address,omitempty"` + // Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. Maximum value 1476 and minimum value 576. Default: 1476. // +kubebuilder:validation:Optional Mtu *float64 `json:"mtu,omitempty" tf:"mtu,omitempty"` - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // Name of the GRE tunnel. + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // Time To Live (TTL) in number of hops of the GRE tunnel. Minimum value 64. Default: 64. // +kubebuilder:validation:Optional TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` } @@ -67,6 +163,17 @@ type GRETunnelParameters struct { type GRETunnelSpec struct { v1.ResourceSpec `json:",inline"` ForProvider GRETunnelParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider GRETunnelInitParameters `json:"initProvider,omitempty"` } // GRETunnelStatus defines the observed state of GRETunnel. @@ -76,19 +183,24 @@ type GRETunnelStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// GRETunnel is the Schema for the GRETunnels API. +// GRETunnel is the Schema for the GRETunnels API. Provides a resource which manages GRE tunnels for Magic Transit. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type GRETunnel struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec GRETunnelSpec `json:"spec"` - Status GRETunnelStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.cloudflareGreEndpoint) || (has(self.initProvider) && has(self.initProvider.cloudflareGreEndpoint))",message="spec.forProvider.cloudflareGreEndpoint is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.customerGreEndpoint) || (has(self.initProvider) && has(self.initProvider.customerGreEndpoint))",message="spec.forProvider.customerGreEndpoint is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.interfaceAddress) || (has(self.initProvider) && has(self.initProvider.interfaceAddress))",message="spec.forProvider.interfaceAddress is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec GRETunnelSpec `json:"spec"` + Status GRETunnelStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/magic/v1alpha1/zz_groupversion_info.go b/apis/magic/v1alpha1/zz_groupversion_info.go index 678ce85..a03e2d4 100755 --- a/apis/magic/v1alpha1/zz_groupversion_info.go +++ b/apis/magic/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/magic/v1alpha1/zz_ipsectunnel_terraformed.go b/apis/magic/v1alpha1/zz_ipsectunnel_terraformed.go new file mode 100755 index 0000000..62a2858 --- /dev/null +++ b/apis/magic/v1alpha1/zz_ipsectunnel_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this IPsecTunnel +func (mg *IPsecTunnel) GetTerraformResourceType() string { + return "cloudflare_ipsec_tunnel" +} + +// GetConnectionDetailsMapping for this IPsecTunnel +func (tr *IPsecTunnel) GetConnectionDetailsMapping() map[string]string { + return map[string]string{"psk": "spec.forProvider.pskSecretRef"} +} + +// GetObservation of this IPsecTunnel +func (tr *IPsecTunnel) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this IPsecTunnel +func (tr *IPsecTunnel) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this IPsecTunnel +func (tr *IPsecTunnel) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this IPsecTunnel +func (tr *IPsecTunnel) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this IPsecTunnel +func (tr *IPsecTunnel) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this IPsecTunnel +func (tr *IPsecTunnel) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this IPsecTunnel +func (tr *IPsecTunnel) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this IPsecTunnel using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *IPsecTunnel) LateInitialize(attrs []byte) (bool, error) { + params := &IPsecTunnelParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *IPsecTunnel) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/magic/v1alpha1/zz_ipsectunnel_types.go b/apis/magic/v1alpha1/zz_ipsectunnel_types.go index 9601f20..a5f12e5 100755 --- a/apis/magic/v1alpha1/zz_ipsectunnel_types.go +++ b/apis/magic/v1alpha1/zz_ipsectunnel_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,139 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type IPsecTunnelInitParameters struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (Boolean) Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to false. + // Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to `false`. + AllowNullCipher *bool `json:"allowNullCipher,omitempty" tf:"allow_null_cipher,omitempty"` + + // (String) IP address assigned to the Cloudflare side of the IPsec tunnel. + // IP address assigned to the Cloudflare side of the IPsec tunnel. + CloudflareEndpoint *string `json:"cloudflareEndpoint,omitempty" tf:"cloudflare_endpoint,omitempty"` + + // (String) IP address assigned to the customer side of the IPsec tunnel. + // IP address assigned to the customer side of the IPsec tunnel. + CustomerEndpoint *string `json:"customerEndpoint,omitempty" tf:"customer_endpoint,omitempty"` + + // (String) An optional description of the IPsec tunnel. + // An optional description of the IPsec tunnel. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) remote_id in the form of a fqdn. This value is generated by cloudflare. + // `remote_id` in the form of a fqdn. This value is generated by cloudflare. + FqdnID *string `json:"fqdnId,omitempty" tf:"fqdn_id,omitempty"` + + // (Boolean) Specifies if ICMP tunnel health checks are enabled. Default: true. + // Specifies if ICMP tunnel health checks are enabled. Default: `true`. + HealthCheckEnabled *bool `json:"healthCheckEnabled,omitempty" tf:"health_check_enabled,omitempty"` + + // (String) The IP address of the customer endpoint that will receive tunnel health checks. Default: . + // The IP address of the customer endpoint that will receive tunnel health checks. Default: ``. + HealthCheckTarget *string `json:"healthCheckTarget,omitempty" tf:"health_check_target,omitempty"` + + // (String) Specifies the ICMP echo type for the health check (request or reply). Available values: request, reply Default: reply. + // Specifies the ICMP echo type for the health check (`request` or `reply`). Available values: `request`, `reply` Default: `reply`. + HealthCheckType *string `json:"healthCheckType,omitempty" tf:"health_check_type,omitempty"` + + // (String) remote_id as a hex string. This value is generated by cloudflare. + // `remote_id` as a hex string. This value is generated by cloudflare. + HexID *string `json:"hexId,omitempty" tf:"hex_id,omitempty"` + + // bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + // 31-bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + InterfaceAddress *string `json:"interfaceAddress,omitempty" tf:"interface_address,omitempty"` + + // (String) Name of the IPsec tunnel. + // Name of the IPsec tunnel. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. + // ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. + RemoteID *string `json:"remoteId,omitempty" tf:"remote_id,omitempty"` + + // (String) remote_id in the form of an email address. This value is generated by cloudflare. + // `remote_id` in the form of an email address. This value is generated by cloudflare. + UserID *string `json:"userId,omitempty" tf:"user_id,omitempty"` +} + type IPsecTunnelObservation struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (Boolean) Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to false. + // Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to `false`. + AllowNullCipher *bool `json:"allowNullCipher,omitempty" tf:"allow_null_cipher,omitempty"` + + // (String) IP address assigned to the Cloudflare side of the IPsec tunnel. + // IP address assigned to the Cloudflare side of the IPsec tunnel. + CloudflareEndpoint *string `json:"cloudflareEndpoint,omitempty" tf:"cloudflare_endpoint,omitempty"` + + // (String) IP address assigned to the customer side of the IPsec tunnel. + // IP address assigned to the customer side of the IPsec tunnel. + CustomerEndpoint *string `json:"customerEndpoint,omitempty" tf:"customer_endpoint,omitempty"` + + // (String) An optional description of the IPsec tunnel. + // An optional description of the IPsec tunnel. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) remote_id in the form of a fqdn. This value is generated by cloudflare. + // `remote_id` in the form of a fqdn. This value is generated by cloudflare. + FqdnID *string `json:"fqdnId,omitempty" tf:"fqdn_id,omitempty"` + + // (Boolean) Specifies if ICMP tunnel health checks are enabled. Default: true. + // Specifies if ICMP tunnel health checks are enabled. Default: `true`. + HealthCheckEnabled *bool `json:"healthCheckEnabled,omitempty" tf:"health_check_enabled,omitempty"` + + // (String) The IP address of the customer endpoint that will receive tunnel health checks. Default: . + // The IP address of the customer endpoint that will receive tunnel health checks. Default: ``. + HealthCheckTarget *string `json:"healthCheckTarget,omitempty" tf:"health_check_target,omitempty"` + + // (String) Specifies the ICMP echo type for the health check (request or reply). Available values: request, reply Default: reply. + // Specifies the ICMP echo type for the health check (`request` or `reply`). Available values: `request`, `reply` Default: `reply`. + HealthCheckType *string `json:"healthCheckType,omitempty" tf:"health_check_type,omitempty"` + + // (String) remote_id as a hex string. This value is generated by cloudflare. + // `remote_id` as a hex string. This value is generated by cloudflare. + HexID *string `json:"hexId,omitempty" tf:"hex_id,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + // 31-bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + InterfaceAddress *string `json:"interfaceAddress,omitempty" tf:"interface_address,omitempty"` + + // (String) Name of the IPsec tunnel. + // Name of the IPsec tunnel. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. + // ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. + RemoteID *string `json:"remoteId,omitempty" tf:"remote_id,omitempty"` + + // (String) remote_id in the form of an email address. This value is generated by cloudflare. + // `remote_id` in the form of an email address. This value is generated by cloudflare. + UserID *string `json:"userId,omitempty" tf:"user_id,omitempty"` } type IPsecTunnelParameters struct { + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,58 +163,72 @@ type IPsecTunnelParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (Boolean) Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to false. // Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to `false`. // +kubebuilder:validation:Optional AllowNullCipher *bool `json:"allowNullCipher,omitempty" tf:"allow_null_cipher,omitempty"` + // (String) IP address assigned to the Cloudflare side of the IPsec tunnel. // IP address assigned to the Cloudflare side of the IPsec tunnel. - // +kubebuilder:validation:Required - CloudflareEndpoint *string `json:"cloudflareEndpoint" tf:"cloudflare_endpoint,omitempty"` + // +kubebuilder:validation:Optional + CloudflareEndpoint *string `json:"cloudflareEndpoint,omitempty" tf:"cloudflare_endpoint,omitempty"` + // (String) IP address assigned to the customer side of the IPsec tunnel. // IP address assigned to the customer side of the IPsec tunnel. - // +kubebuilder:validation:Required - CustomerEndpoint *string `json:"customerEndpoint" tf:"customer_endpoint,omitempty"` + // +kubebuilder:validation:Optional + CustomerEndpoint *string `json:"customerEndpoint,omitempty" tf:"customer_endpoint,omitempty"` + // (String) An optional description of the IPsec tunnel. // An optional description of the IPsec tunnel. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (String) remote_id in the form of a fqdn. This value is generated by cloudflare. // `remote_id` in the form of a fqdn. This value is generated by cloudflare. // +kubebuilder:validation:Optional FqdnID *string `json:"fqdnId,omitempty" tf:"fqdn_id,omitempty"` + // (Boolean) Specifies if ICMP tunnel health checks are enabled. Default: true. // Specifies if ICMP tunnel health checks are enabled. Default: `true`. // +kubebuilder:validation:Optional HealthCheckEnabled *bool `json:"healthCheckEnabled,omitempty" tf:"health_check_enabled,omitempty"` + // (String) The IP address of the customer endpoint that will receive tunnel health checks. Default: . // The IP address of the customer endpoint that will receive tunnel health checks. Default: ``. // +kubebuilder:validation:Optional HealthCheckTarget *string `json:"healthCheckTarget,omitempty" tf:"health_check_target,omitempty"` + // (String) Specifies the ICMP echo type for the health check (request or reply). Available values: request, reply Default: reply. // Specifies the ICMP echo type for the health check (`request` or `reply`). Available values: `request`, `reply` Default: `reply`. // +kubebuilder:validation:Optional HealthCheckType *string `json:"healthCheckType,omitempty" tf:"health_check_type,omitempty"` + // (String) remote_id as a hex string. This value is generated by cloudflare. // `remote_id` as a hex string. This value is generated by cloudflare. // +kubebuilder:validation:Optional HexID *string `json:"hexId,omitempty" tf:"hex_id,omitempty"` + // bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. // 31-bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. - // +kubebuilder:validation:Required - InterfaceAddress *string `json:"interfaceAddress" tf:"interface_address,omitempty"` + // +kubebuilder:validation:Optional + InterfaceAddress *string `json:"interfaceAddress,omitempty" tf:"interface_address,omitempty"` + // (String) Name of the IPsec tunnel. // Name of the IPsec tunnel. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String, Sensitive) Pre shared key to be used with the IPsec tunnel. If left unset, it will be autogenerated. // Pre shared key to be used with the IPsec tunnel. If left unset, it will be autogenerated. // +kubebuilder:validation:Optional PskSecretRef *v1.SecretKeySelector `json:"pskSecretRef,omitempty" tf:"-"` + // (String) ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. // ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. // +kubebuilder:validation:Optional RemoteID *string `json:"remoteId,omitempty" tf:"remote_id,omitempty"` + // (String) remote_id in the form of an email address. This value is generated by cloudflare. // `remote_id` in the form of an email address. This value is generated by cloudflare. // +kubebuilder:validation:Optional UserID *string `json:"userId,omitempty" tf:"user_id,omitempty"` @@ -93,6 +238,17 @@ type IPsecTunnelParameters struct { type IPsecTunnelSpec struct { v1.ResourceSpec `json:",inline"` ForProvider IPsecTunnelParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider IPsecTunnelInitParameters `json:"initProvider,omitempty"` } // IPsecTunnelStatus defines the observed state of IPsecTunnel. @@ -102,19 +258,24 @@ type IPsecTunnelStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// IPsecTunnel is the Schema for the IPsecTunnels API. +// IPsecTunnel is the Schema for the IPsecTunnels API. Provides a resource, that manages IPsec tunnels for Magic Transit. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type IPsecTunnel struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec IPsecTunnelSpec `json:"spec"` - Status IPsecTunnelStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.cloudflareEndpoint) || (has(self.initProvider) && has(self.initProvider.cloudflareEndpoint))",message="spec.forProvider.cloudflareEndpoint is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.customerEndpoint) || (has(self.initProvider) && has(self.initProvider.customerEndpoint))",message="spec.forProvider.customerEndpoint is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.interfaceAddress) || (has(self.initProvider) && has(self.initProvider.interfaceAddress))",message="spec.forProvider.interfaceAddress is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec IPsecTunnelSpec `json:"spec"` + Status IPsecTunnelStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/magic/v1alpha1/zz_staticroute_terraformed.go b/apis/magic/v1alpha1/zz_staticroute_terraformed.go new file mode 100755 index 0000000..78803f2 --- /dev/null +++ b/apis/magic/v1alpha1/zz_staticroute_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this StaticRoute +func (mg *StaticRoute) GetTerraformResourceType() string { + return "cloudflare_static_route" +} + +// GetConnectionDetailsMapping for this StaticRoute +func (tr *StaticRoute) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this StaticRoute +func (tr *StaticRoute) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this StaticRoute +func (tr *StaticRoute) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this StaticRoute +func (tr *StaticRoute) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this StaticRoute +func (tr *StaticRoute) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this StaticRoute +func (tr *StaticRoute) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this StaticRoute +func (tr *StaticRoute) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this StaticRoute +func (tr *StaticRoute) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this StaticRoute using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *StaticRoute) LateInitialize(attrs []byte) (bool, error) { + params := &StaticRouteParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *StaticRoute) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/magic/v1alpha1/zz_staticroute_types.go b/apis/magic/v1alpha1/zz_staticroute_types.go index 180b610..c86347d 100755 --- a/apis/magic/v1alpha1/zz_staticroute_types.go +++ b/apis/magic/v1alpha1/zz_staticroute_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,78 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type StaticRouteInitParameters struct { + + // The ID of the account where the static route is being created. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // Optional list of Cloudflare colocation names for this static route. + ColoNames []*string `json:"coloNames,omitempty" tf:"colo_names,omitempty"` + + // Optional list of Cloudflare colocation regions for this static route. + ColoRegions []*string `json:"coloRegions,omitempty" tf:"colo_regions,omitempty"` + + // Description of the static route. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // The nexthop IP address where traffic will be routed to. + Nexthop *string `json:"nexthop,omitempty" tf:"nexthop,omitempty"` + + // Your network prefix using CIDR notation. + Prefix *string `json:"prefix,omitempty" tf:"prefix,omitempty"` + + // The priority for the static route. + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // The optional weight for ECMP routes. + // **Modifying this attribute will force creation of a new resource.** + Weight *float64 `json:"weight,omitempty" tf:"weight,omitempty"` +} + type StaticRouteObservation struct { + + // The ID of the account where the static route is being created. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Optional list of Cloudflare colocation names for this static route. + ColoNames []*string `json:"coloNames,omitempty" tf:"colo_names,omitempty"` + + // Optional list of Cloudflare colocation regions for this static route. + ColoRegions []*string `json:"coloRegions,omitempty" tf:"colo_regions,omitempty"` + + // Description of the static route. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // The nexthop IP address where traffic will be routed to. + Nexthop *string `json:"nexthop,omitempty" tf:"nexthop,omitempty"` + + // Your network prefix using CIDR notation. + Prefix *string `json:"prefix,omitempty" tf:"prefix,omitempty"` + + // The priority for the static route. + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // The optional weight for ECMP routes. + // **Modifying this attribute will force creation of a new resource.** + Weight *float64 `json:"weight,omitempty" tf:"weight,omitempty"` } type StaticRouteParameters struct { + // The ID of the account where the static route is being created. // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,24 +102,31 @@ type StaticRouteParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // Optional list of Cloudflare colocation names for this static route. // +kubebuilder:validation:Optional ColoNames []*string `json:"coloNames,omitempty" tf:"colo_names,omitempty"` + // Optional list of Cloudflare colocation regions for this static route. // +kubebuilder:validation:Optional ColoRegions []*string `json:"coloRegions,omitempty" tf:"colo_regions,omitempty"` + // Description of the static route. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` - // +kubebuilder:validation:Required - Nexthop *string `json:"nexthop" tf:"nexthop,omitempty"` + // The nexthop IP address where traffic will be routed to. + // +kubebuilder:validation:Optional + Nexthop *string `json:"nexthop,omitempty" tf:"nexthop,omitempty"` - // +kubebuilder:validation:Required - Prefix *string `json:"prefix" tf:"prefix,omitempty"` + // Your network prefix using CIDR notation. + // +kubebuilder:validation:Optional + Prefix *string `json:"prefix,omitempty" tf:"prefix,omitempty"` - // +kubebuilder:validation:Required - Priority *float64 `json:"priority" tf:"priority,omitempty"` + // The priority for the static route. + // +kubebuilder:validation:Optional + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + // The optional weight for ECMP routes. // **Modifying this attribute will force creation of a new resource.** // +kubebuilder:validation:Optional Weight *float64 `json:"weight,omitempty" tf:"weight,omitempty"` @@ -59,6 +136,17 @@ type StaticRouteParameters struct { type StaticRouteSpec struct { v1.ResourceSpec `json:",inline"` ForProvider StaticRouteParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider StaticRouteInitParameters `json:"initProvider,omitempty"` } // StaticRouteStatus defines the observed state of StaticRoute. @@ -68,19 +156,23 @@ type StaticRouteStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// StaticRoute is the Schema for the StaticRoutes API. +// StaticRoute is the Schema for the StaticRoutes API. Provides a resource which manages Cloudflare static routes for Magic Transit or Magic WAN. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type StaticRoute struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec StaticRouteSpec `json:"spec"` - Status StaticRouteStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.nexthop) || (has(self.initProvider) && has(self.initProvider.nexthop))",message="spec.forProvider.nexthop is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.prefix) || (has(self.initProvider) && has(self.initProvider.prefix))",message="spec.forProvider.prefix is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.priority) || (has(self.initProvider) && has(self.initProvider.priority))",message="spec.forProvider.priority is a required parameter" + Spec StaticRouteSpec `json:"spec"` + Status StaticRouteStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/notification/v1alpha1/zz_generated.conversion_hubs.go b/apis/notification/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..d5c8faf --- /dev/null +++ b/apis/notification/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,17 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Policy) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *PolicyWebhooks) Hub() {} diff --git a/apis/notification/v1alpha1/zz_generated.deepcopy.go b/apis/notification/v1alpha1/zz_generated.deepcopy.go index 86f520b..d80c862 100644 --- a/apis/notification/v1alpha1/zz_generated.deepcopy.go +++ b/apis/notification/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -14,9 +13,44 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EmailIntegrationInitParameters) DeepCopyInto(out *EmailIntegrationInitParameters) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EmailIntegrationInitParameters. +func (in *EmailIntegrationInitParameters) DeepCopy() *EmailIntegrationInitParameters { + if in == nil { + return nil + } + out := new(EmailIntegrationInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *EmailIntegrationObservation) DeepCopyInto(out *EmailIntegrationObservation) { *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EmailIntegrationObservation. @@ -54,9 +88,420 @@ func (in *EmailIntegrationParameters) DeepCopy() *EmailIntegrationParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FiltersInitParameters) DeepCopyInto(out *FiltersInitParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EventSource != nil { + in, out := &in.EventSource, &out.EventSource + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EventType != nil { + in, out := &in.EventType, &out.EventType + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.HealthCheckID != nil { + in, out := &in.HealthCheckID, &out.HealthCheckID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.InputID != nil { + in, out := &in.InputID, &out.InputID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Limit != nil { + in, out := &in.Limit, &out.Limit + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.NewHealth != nil { + in, out := &in.NewHealth, &out.NewHealth + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PacketsPerSecond != nil { + in, out := &in.PacketsPerSecond, &out.PacketsPerSecond + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PoolID != nil { + in, out := &in.PoolID, &out.PoolID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Product != nil { + in, out := &in.Product, &out.Product + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Protocol != nil { + in, out := &in.Protocol, &out.Protocol + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.RequestsPerSecond != nil { + in, out := &in.RequestsPerSecond, &out.RequestsPerSecond + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.SLO != nil { + in, out := &in.SLO, &out.SLO + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Services != nil { + in, out := &in.Services, &out.Services + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.TargetHost != nil { + in, out := &in.TargetHost, &out.TargetHost + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.TargetZoneName != nil { + in, out := &in.TargetZoneName, &out.TargetZoneName + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Zones != nil { + in, out := &in.Zones, &out.Zones + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FiltersInitParameters. +func (in *FiltersInitParameters) DeepCopy() *FiltersInitParameters { + if in == nil { + return nil + } + out := new(FiltersInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FiltersObservation) DeepCopyInto(out *FiltersObservation) { *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EventSource != nil { + in, out := &in.EventSource, &out.EventSource + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.EventType != nil { + in, out := &in.EventType, &out.EventType + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.HealthCheckID != nil { + in, out := &in.HealthCheckID, &out.HealthCheckID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.InputID != nil { + in, out := &in.InputID, &out.InputID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Limit != nil { + in, out := &in.Limit, &out.Limit + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.NewHealth != nil { + in, out := &in.NewHealth, &out.NewHealth + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PacketsPerSecond != nil { + in, out := &in.PacketsPerSecond, &out.PacketsPerSecond + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PoolID != nil { + in, out := &in.PoolID, &out.PoolID + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Product != nil { + in, out := &in.Product, &out.Product + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Protocol != nil { + in, out := &in.Protocol, &out.Protocol + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.RequestsPerSecond != nil { + in, out := &in.RequestsPerSecond, &out.RequestsPerSecond + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.SLO != nil { + in, out := &in.SLO, &out.SLO + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Services != nil { + in, out := &in.Services, &out.Services + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.TargetHost != nil { + in, out := &in.TargetHost, &out.TargetHost + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.TargetZoneName != nil { + in, out := &in.TargetZoneName, &out.TargetZoneName + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Zones != nil { + in, out := &in.Zones, &out.Zones + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FiltersObservation. @@ -282,9 +727,44 @@ func (in *FiltersParameters) DeepCopy() *FiltersParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PagerdutyIntegrationInitParameters) DeepCopyInto(out *PagerdutyIntegrationInitParameters) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PagerdutyIntegrationInitParameters. +func (in *PagerdutyIntegrationInitParameters) DeepCopy() *PagerdutyIntegrationInitParameters { + if in == nil { + return nil + } + out := new(PagerdutyIntegrationInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PagerdutyIntegrationObservation) DeepCopyInto(out *PagerdutyIntegrationObservation) { *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PagerdutyIntegrationObservation. @@ -349,6 +829,84 @@ func (in *Policy) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyInitParameters) DeepCopyInto(out *PolicyInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.AlertType != nil { + in, out := &in.AlertType, &out.AlertType + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.EmailIntegration != nil { + in, out := &in.EmailIntegration, &out.EmailIntegration + *out = make([]EmailIntegrationInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Filters != nil { + in, out := &in.Filters, &out.Filters + *out = make([]FiltersInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.PagerdutyIntegration != nil { + in, out := &in.PagerdutyIntegration, &out.PagerdutyIntegration + *out = make([]PagerdutyIntegrationInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.WebhooksIntegration != nil { + in, out := &in.WebhooksIntegration, &out.WebhooksIntegration + *out = make([]WebhooksIntegrationInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyInitParameters. +func (in *PolicyInitParameters) DeepCopy() *PolicyInitParameters { + if in == nil { + return nil + } + out := new(PolicyInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PolicyList) DeepCopyInto(out *PolicyList) { *out = *in @@ -384,11 +942,45 @@ func (in *PolicyList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PolicyObservation) DeepCopyInto(out *PolicyObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AlertType != nil { + in, out := &in.AlertType, &out.AlertType + *out = new(string) + **out = **in + } if in.Created != nil { in, out := &in.Created, &out.Created *out = new(string) **out = **in } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.EmailIntegration != nil { + in, out := &in.EmailIntegration, &out.EmailIntegration + *out = make([]EmailIntegrationObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Filters != nil { + in, out := &in.Filters, &out.Filters + *out = make([]FiltersObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) @@ -399,6 +991,25 @@ func (in *PolicyObservation) DeepCopyInto(out *PolicyObservation) { *out = new(string) **out = **in } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.PagerdutyIntegration != nil { + in, out := &in.PagerdutyIntegration, &out.PagerdutyIntegration + *out = make([]PagerdutyIntegrationObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.WebhooksIntegration != nil { + in, out := &in.WebhooksIntegration, &out.WebhooksIntegration + *out = make([]WebhooksIntegrationObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyObservation. @@ -494,6 +1105,7 @@ func (in *PolicySpec) DeepCopyInto(out *PolicySpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec. @@ -550,6 +1162,51 @@ func (in *PolicyWebhooks) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyWebhooksInitParameters) DeepCopyInto(out *PolicyWebhooksInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Secret != nil { + in, out := &in.Secret, &out.Secret + *out = new(string) + **out = **in + } + if in.URL != nil { + in, out := &in.URL, &out.URL + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyWebhooksInitParameters. +func (in *PolicyWebhooksInitParameters) DeepCopy() *PolicyWebhooksInitParameters { + if in == nil { + return nil + } + out := new(PolicyWebhooksInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PolicyWebhooksList) DeepCopyInto(out *PolicyWebhooksList) { *out = *in @@ -585,6 +1242,11 @@ func (in *PolicyWebhooksList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PolicyWebhooksObservation) DeepCopyInto(out *PolicyWebhooksObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } if in.CreatedAt != nil { in, out := &in.CreatedAt, &out.CreatedAt *out = new(string) @@ -605,11 +1267,26 @@ func (in *PolicyWebhooksObservation) DeepCopyInto(out *PolicyWebhooksObservation *out = new(string) **out = **in } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Secret != nil { + in, out := &in.Secret, &out.Secret + *out = new(string) + **out = **in + } if in.Type != nil { in, out := &in.Type, &out.Type *out = new(string) **out = **in } + if in.URL != nil { + in, out := &in.URL, &out.URL + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyWebhooksObservation. @@ -672,6 +1349,7 @@ func (in *PolicyWebhooksSpec) DeepCopyInto(out *PolicyWebhooksSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyWebhooksSpec. @@ -701,9 +1379,54 @@ func (in *PolicyWebhooksStatus) DeepCopy() *PolicyWebhooksStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhooksIntegrationInitParameters) DeepCopyInto(out *WebhooksIntegrationInitParameters) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.IDRef != nil { + in, out := &in.IDRef, &out.IDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.IDSelector != nil { + in, out := &in.IDSelector, &out.IDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhooksIntegrationInitParameters. +func (in *WebhooksIntegrationInitParameters) DeepCopy() *WebhooksIntegrationInitParameters { + if in == nil { + return nil + } + out := new(WebhooksIntegrationInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *WebhooksIntegrationObservation) DeepCopyInto(out *WebhooksIntegrationObservation) { *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhooksIntegrationObservation. diff --git a/apis/notification/v1alpha1/zz_generated.managed.go b/apis/notification/v1alpha1/zz_generated.managed.go index f4a4462..ecd28b1 100644 --- a/apis/notification/v1alpha1/zz_generated.managed.go +++ b/apis/notification/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Policy) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Policy. +func (mg *Policy) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Policy. func (mg *Policy) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Policy. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Policy) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Policy. func (mg *Policy) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Policy) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Policy. +func (mg *Policy) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Policy. func (mg *Policy) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Policy. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Policy) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Policy. func (mg *Policy) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *PolicyWebhooks) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this PolicyWebhooks. +func (mg *PolicyWebhooks) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this PolicyWebhooks. func (mg *PolicyWebhooks) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this PolicyWebhooks. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *PolicyWebhooks) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this PolicyWebhooks. func (mg *PolicyWebhooks) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *PolicyWebhooks) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this PolicyWebhooks. +func (mg *PolicyWebhooks) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this PolicyWebhooks. func (mg *PolicyWebhooks) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this PolicyWebhooks. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *PolicyWebhooks) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this PolicyWebhooks. func (mg *PolicyWebhooks) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/notification/v1alpha1/zz_generated.resolvers.go b/apis/notification/v1alpha1/zz_generated.resolvers.go index 08dbe6c..d74e0cf 100644 --- a/apis/notification/v1alpha1/zz_generated.resolvers.go +++ b/apis/notification/v1alpha1/zz_generated.resolvers.go @@ -53,6 +53,40 @@ func (mg *Policy) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.WebhooksIntegration[i3].ID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.WebhooksIntegration[i3].IDRef = rsp.ResolvedReference + } + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + for i3 := 0; i3 < len(mg.Spec.InitProvider.WebhooksIntegration); i3++ { + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.WebhooksIntegration[i3].ID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.WebhooksIntegration[i3].IDRef, + Selector: mg.Spec.InitProvider.WebhooksIntegration[i3].IDSelector, + To: reference.To{ + List: &PolicyWebhooksList{}, + Managed: &PolicyWebhooks{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.WebhooksIntegration[i3].ID") + } + mg.Spec.InitProvider.WebhooksIntegration[i3].ID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.WebhooksIntegration[i3].IDRef = rsp.ResolvedReference + } return nil @@ -81,5 +115,21 @@ func (mg *PolicyWebhooks) ResolveReferences(ctx context.Context, c client.Reader mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/notification/v1alpha1/zz_groupversion_info.go b/apis/notification/v1alpha1/zz_groupversion_info.go index 119212a..5130060 100755 --- a/apis/notification/v1alpha1/zz_groupversion_info.go +++ b/apis/notification/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/notification/v1alpha1/zz_policy_terraformed.go b/apis/notification/v1alpha1/zz_policy_terraformed.go new file mode 100755 index 0000000..301d992 --- /dev/null +++ b/apis/notification/v1alpha1/zz_policy_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Policy +func (mg *Policy) GetTerraformResourceType() string { + return "cloudflare_notification_policy" +} + +// GetConnectionDetailsMapping for this Policy +func (tr *Policy) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Policy +func (tr *Policy) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Policy +func (tr *Policy) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Policy +func (tr *Policy) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Policy +func (tr *Policy) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Policy +func (tr *Policy) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Policy +func (tr *Policy) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Policy +func (tr *Policy) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Policy using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Policy) LateInitialize(attrs []byte) (bool, error) { + params := &PolicyParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Policy) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/notification/v1alpha1/zz_policy_types.go b/apis/notification/v1alpha1/zz_policy_types.go index 333efe7..164955e 100755 --- a/apis/notification/v1alpha1/zz_policy_types.go +++ b/apis/notification/v1alpha1/zz_policy_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,120 +17,459 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type EmailIntegrationInitParameters struct { + + // (String) The ID of this resource. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The name of the notification policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type EmailIntegrationObservation struct { + + // (String) The ID of this resource. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The name of the notification policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type EmailIntegrationParameters struct { - // +kubebuilder:validation:Required + // (String) The ID of this resource. + // +kubebuilder:validation:Optional ID *string `json:"id" tf:"id,omitempty"` + // (String) The name of the notification policy. // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` } +type FiltersInitParameters struct { + + // (Boolean) The status of the notification policy. + // State of the pool to alert on. + // +listType=set + Enabled []*string `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (Set of String) Source configuration to alert on for pool or origin. + // Source configuration to alert on for pool or origin. + // +listType=set + EventSource []*string `json:"eventSource,omitempty" tf:"event_source,omitempty"` + + // (Set of String) Stream event type to alert on. + // Stream event type to alert on. + // +listType=set + EventType []*string `json:"eventType,omitempty" tf:"event_type,omitempty"` + + // (Set of String) Identifier health check. Required when using filters.0.status. + // Identifier health check. Required when using `filters.0.status`. + // +listType=set + HealthCheckID []*string `json:"healthCheckId,omitempty" tf:"health_check_id,omitempty"` + + // (Set of String) Stream input id to alert on. + // Stream input id to alert on. + // +listType=set + InputID []*string `json:"inputId,omitempty" tf:"input_id,omitempty"` + + // (Set of String) A numerical limit. Example: 100. + // A numerical limit. Example: `100`. + // +listType=set + Limit []*string `json:"limit,omitempty" tf:"limit,omitempty"` + + // (Set of String) Health status to alert on for pool or origin. + // Health status to alert on for pool or origin. + // +listType=set + NewHealth []*string `json:"newHealth,omitempty" tf:"new_health,omitempty"` + + // (Set of String) Packets per second threshold for dos alert. + // Packets per second threshold for dos alert. + // +listType=set + PacketsPerSecond []*string `json:"packetsPerSecond,omitempty" tf:"packets_per_second,omitempty"` + + // (Set of String) Load balancer pool identifier. + // Load balancer pool identifier. + // +listType=set + PoolID []*string `json:"poolId,omitempty" tf:"pool_id,omitempty"` + + // (Set of String) Product name. Available values: worker_requests, worker_durable_objects_requests, worker_durable_objects_duration, worker_durable_objects_data_transfer, worker_durable_objects_stored_data, worker_durable_objects_storage_deletes, worker_durable_objects_storage_writes, worker_durable_objects_storage_reads. + // Product name. Available values: `worker_requests`, `worker_durable_objects_requests`, `worker_durable_objects_duration`, `worker_durable_objects_data_transfer`, `worker_durable_objects_stored_data`, `worker_durable_objects_storage_deletes`, `worker_durable_objects_storage_writes`, `worker_durable_objects_storage_reads`. + // +listType=set + Product []*string `json:"product,omitempty" tf:"product,omitempty"` + + // (Set of String) Protocol to alert on for dos. + // Protocol to alert on for dos. + // +listType=set + Protocol []*string `json:"protocol,omitempty" tf:"protocol,omitempty"` + + // (Set of String) Requests per second threshold for dos alert. + // Requests per second threshold for dos alert. + // +listType=set + RequestsPerSecond []*string `json:"requestsPerSecond,omitempty" tf:"requests_per_second,omitempty"` + + // (Set of String) A numerical limit. Example: 99.9. + // A numerical limit. Example: `99.9`. + // +listType=set + SLO []*string `json:"slo,omitempty" tf:"slo,omitempty"` + + // (Set of String) + // +listType=set + Services []*string `json:"services,omitempty" tf:"services,omitempty"` + + // (Set of String) Status to alert on. + // Status to alert on. + // +listType=set + Status []*string `json:"status,omitempty" tf:"status,omitempty"` + + // (Set of String) Target host to alert on for dos. + // Target host to alert on for dos. + // +listType=set + TargetHost []*string `json:"targetHost,omitempty" tf:"target_host,omitempty"` + + // (Set of String) Target domain to alert on. + // Target domain to alert on. + // +listType=set + TargetZoneName []*string `json:"targetZoneName,omitempty" tf:"target_zone_name,omitempty"` + + // (Set of String) A list of zone identifiers. + // A list of zone identifiers. + // +listType=set + Zones []*string `json:"zones,omitempty" tf:"zones,omitempty"` +} + type FiltersObservation struct { + + // (Boolean) The status of the notification policy. + // State of the pool to alert on. + // +listType=set + Enabled []*string `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (Set of String) Source configuration to alert on for pool or origin. + // Source configuration to alert on for pool or origin. + // +listType=set + EventSource []*string `json:"eventSource,omitempty" tf:"event_source,omitempty"` + + // (Set of String) Stream event type to alert on. + // Stream event type to alert on. + // +listType=set + EventType []*string `json:"eventType,omitempty" tf:"event_type,omitempty"` + + // (Set of String) Identifier health check. Required when using filters.0.status. + // Identifier health check. Required when using `filters.0.status`. + // +listType=set + HealthCheckID []*string `json:"healthCheckId,omitempty" tf:"health_check_id,omitempty"` + + // (Set of String) Stream input id to alert on. + // Stream input id to alert on. + // +listType=set + InputID []*string `json:"inputId,omitempty" tf:"input_id,omitempty"` + + // (Set of String) A numerical limit. Example: 100. + // A numerical limit. Example: `100`. + // +listType=set + Limit []*string `json:"limit,omitempty" tf:"limit,omitempty"` + + // (Set of String) Health status to alert on for pool or origin. + // Health status to alert on for pool or origin. + // +listType=set + NewHealth []*string `json:"newHealth,omitempty" tf:"new_health,omitempty"` + + // (Set of String) Packets per second threshold for dos alert. + // Packets per second threshold for dos alert. + // +listType=set + PacketsPerSecond []*string `json:"packetsPerSecond,omitempty" tf:"packets_per_second,omitempty"` + + // (Set of String) Load balancer pool identifier. + // Load balancer pool identifier. + // +listType=set + PoolID []*string `json:"poolId,omitempty" tf:"pool_id,omitempty"` + + // (Set of String) Product name. Available values: worker_requests, worker_durable_objects_requests, worker_durable_objects_duration, worker_durable_objects_data_transfer, worker_durable_objects_stored_data, worker_durable_objects_storage_deletes, worker_durable_objects_storage_writes, worker_durable_objects_storage_reads. + // Product name. Available values: `worker_requests`, `worker_durable_objects_requests`, `worker_durable_objects_duration`, `worker_durable_objects_data_transfer`, `worker_durable_objects_stored_data`, `worker_durable_objects_storage_deletes`, `worker_durable_objects_storage_writes`, `worker_durable_objects_storage_reads`. + // +listType=set + Product []*string `json:"product,omitempty" tf:"product,omitempty"` + + // (Set of String) Protocol to alert on for dos. + // Protocol to alert on for dos. + // +listType=set + Protocol []*string `json:"protocol,omitempty" tf:"protocol,omitempty"` + + // (Set of String) Requests per second threshold for dos alert. + // Requests per second threshold for dos alert. + // +listType=set + RequestsPerSecond []*string `json:"requestsPerSecond,omitempty" tf:"requests_per_second,omitempty"` + + // (Set of String) A numerical limit. Example: 99.9. + // A numerical limit. Example: `99.9`. + // +listType=set + SLO []*string `json:"slo,omitempty" tf:"slo,omitempty"` + + // (Set of String) + // +listType=set + Services []*string `json:"services,omitempty" tf:"services,omitempty"` + + // (Set of String) Status to alert on. + // Status to alert on. + // +listType=set + Status []*string `json:"status,omitempty" tf:"status,omitempty"` + + // (Set of String) Target host to alert on for dos. + // Target host to alert on for dos. + // +listType=set + TargetHost []*string `json:"targetHost,omitempty" tf:"target_host,omitempty"` + + // (Set of String) Target domain to alert on. + // Target domain to alert on. + // +listType=set + TargetZoneName []*string `json:"targetZoneName,omitempty" tf:"target_zone_name,omitempty"` + + // (Set of String) A list of zone identifiers. + // A list of zone identifiers. + // +listType=set + Zones []*string `json:"zones,omitempty" tf:"zones,omitempty"` } type FiltersParameters struct { + // (Boolean) The status of the notification policy. // State of the pool to alert on. // +kubebuilder:validation:Optional + // +listType=set Enabled []*string `json:"enabled,omitempty" tf:"enabled,omitempty"` + // (Set of String) Source configuration to alert on for pool or origin. // Source configuration to alert on for pool or origin. // +kubebuilder:validation:Optional + // +listType=set EventSource []*string `json:"eventSource,omitempty" tf:"event_source,omitempty"` + // (Set of String) Stream event type to alert on. // Stream event type to alert on. // +kubebuilder:validation:Optional + // +listType=set EventType []*string `json:"eventType,omitempty" tf:"event_type,omitempty"` + // (Set of String) Identifier health check. Required when using filters.0.status. // Identifier health check. Required when using `filters.0.status`. // +kubebuilder:validation:Optional + // +listType=set HealthCheckID []*string `json:"healthCheckId,omitempty" tf:"health_check_id,omitempty"` + // (Set of String) Stream input id to alert on. // Stream input id to alert on. // +kubebuilder:validation:Optional + // +listType=set InputID []*string `json:"inputId,omitempty" tf:"input_id,omitempty"` + // (Set of String) A numerical limit. Example: 100. // A numerical limit. Example: `100`. // +kubebuilder:validation:Optional + // +listType=set Limit []*string `json:"limit,omitempty" tf:"limit,omitempty"` + // (Set of String) Health status to alert on for pool or origin. // Health status to alert on for pool or origin. // +kubebuilder:validation:Optional + // +listType=set NewHealth []*string `json:"newHealth,omitempty" tf:"new_health,omitempty"` + // (Set of String) Packets per second threshold for dos alert. // Packets per second threshold for dos alert. // +kubebuilder:validation:Optional + // +listType=set PacketsPerSecond []*string `json:"packetsPerSecond,omitempty" tf:"packets_per_second,omitempty"` + // (Set of String) Load balancer pool identifier. // Load balancer pool identifier. // +kubebuilder:validation:Optional + // +listType=set PoolID []*string `json:"poolId,omitempty" tf:"pool_id,omitempty"` + // (Set of String) Product name. Available values: worker_requests, worker_durable_objects_requests, worker_durable_objects_duration, worker_durable_objects_data_transfer, worker_durable_objects_stored_data, worker_durable_objects_storage_deletes, worker_durable_objects_storage_writes, worker_durable_objects_storage_reads. // Product name. Available values: `worker_requests`, `worker_durable_objects_requests`, `worker_durable_objects_duration`, `worker_durable_objects_data_transfer`, `worker_durable_objects_stored_data`, `worker_durable_objects_storage_deletes`, `worker_durable_objects_storage_writes`, `worker_durable_objects_storage_reads`. // +kubebuilder:validation:Optional + // +listType=set Product []*string `json:"product,omitempty" tf:"product,omitempty"` + // (Set of String) Protocol to alert on for dos. // Protocol to alert on for dos. // +kubebuilder:validation:Optional + // +listType=set Protocol []*string `json:"protocol,omitempty" tf:"protocol,omitempty"` + // (Set of String) Requests per second threshold for dos alert. // Requests per second threshold for dos alert. // +kubebuilder:validation:Optional + // +listType=set RequestsPerSecond []*string `json:"requestsPerSecond,omitempty" tf:"requests_per_second,omitempty"` + // (Set of String) A numerical limit. Example: 99.9. // A numerical limit. Example: `99.9`. // +kubebuilder:validation:Optional + // +listType=set SLO []*string `json:"slo,omitempty" tf:"slo,omitempty"` + // (Set of String) // +kubebuilder:validation:Optional + // +listType=set Services []*string `json:"services,omitempty" tf:"services,omitempty"` + // (Set of String) Status to alert on. // Status to alert on. // +kubebuilder:validation:Optional + // +listType=set Status []*string `json:"status,omitempty" tf:"status,omitempty"` + // (Set of String) Target host to alert on for dos. // Target host to alert on for dos. // +kubebuilder:validation:Optional + // +listType=set TargetHost []*string `json:"targetHost,omitempty" tf:"target_host,omitempty"` + // (Set of String) Target domain to alert on. // Target domain to alert on. // +kubebuilder:validation:Optional + // +listType=set TargetZoneName []*string `json:"targetZoneName,omitempty" tf:"target_zone_name,omitempty"` + // (Set of String) A list of zone identifiers. // A list of zone identifiers. // +kubebuilder:validation:Optional + // +listType=set Zones []*string `json:"zones,omitempty" tf:"zones,omitempty"` } +type PagerdutyIntegrationInitParameters struct { + + // (String) The ID of this resource. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The name of the notification policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type PagerdutyIntegrationObservation struct { + + // (String) The ID of this resource. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The name of the notification policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type PagerdutyIntegrationParameters struct { - // +kubebuilder:validation:Required + // (String) The ID of this resource. + // +kubebuilder:validation:Optional ID *string `json:"id" tf:"id,omitempty"` + // (String) The name of the notification policy. // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` } +type PolicyInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of available alert types. Available values: billing_usage_alert, health_check_status_notification, g6_pool_toggle_alert, real_origin_monitoring, universal_ssl_event_type, dedicated_ssl_certificate_event_type, custom_ssl_certificate_event_type, access_custom_certificate_expiration_type, zone_aop_custom_certificate_expiration_type, bgp_hijack_notification, http_alert_origin_error, workers_alert, weekly_account_overview, expiring_service_token_alert, secondary_dns_all_primaries_failing, secondary_dns_zone_validation_warning, secondary_dns_primaries_failing, secondary_dns_zone_successfully_updated, dos_attack_l7, dos_attack_l4, advanced_ddos_attack_l7_alert, advanced_ddos_attack_l4_alert, fbm_volumetric_attack, fbm_auto_advertisement, load_balancing_pool_enablement_alert, load_balancing_health_alert, g6_health_alert, http_alert_edge_error, clickhouse_alert_fw_anomaly, clickhouse_alert_fw_ent_anomaly, failing_logpush_job_disabled_alert, scriptmonitor_alert_new_hosts, scriptmonitor_alert_new_scripts, scriptmonitor_alert_new_malicious_scripts, scriptmonitor_alert_new_malicious_url, scriptmonitor_alert_new_code_change_detections, scriptmonitor_alert_new_max_length_script_url, scriptmonitor_alert_new_malicious_hosts, sentinel_alert, hostname_aop_custom_certificate_expiration_type, stream_live_notifications, block_notification_new_block, block_notification_review_rejected, block_notification_review_accepted, web_analytics_metrics_update, workers_uptime. + // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `billing_usage_alert`, `health_check_status_notification`, `g6_pool_toggle_alert`, `real_origin_monitoring`, `universal_ssl_event_type`, `dedicated_ssl_certificate_event_type`, `custom_ssl_certificate_event_type`, `access_custom_certificate_expiration_type`, `zone_aop_custom_certificate_expiration_type`, `bgp_hijack_notification`, `http_alert_origin_error`, `workers_alert`, `weekly_account_overview`, `expiring_service_token_alert`, `secondary_dns_all_primaries_failing`, `secondary_dns_zone_validation_warning`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `dos_attack_l7`, `dos_attack_l4`, `advanced_ddos_attack_l7_alert`, `advanced_ddos_attack_l4_alert`, `fbm_volumetric_attack`, `fbm_auto_advertisement`, `load_balancing_pool_enablement_alert`, `load_balancing_health_alert`, `g6_health_alert`, `http_alert_edge_error`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `failing_logpush_job_disabled_alert`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_scripts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_max_length_script_url`, `scriptmonitor_alert_new_malicious_hosts`, `sentinel_alert`, `hostname_aop_custom_certificate_expiration_type`, `stream_live_notifications`, `block_notification_new_block`, `block_notification_review_rejected`, `block_notification_review_accepted`, `web_analytics_metrics_update`, `workers_uptime`. + AlertType *string `json:"alertType,omitempty" tf:"alert_type,omitempty"` + + // (String) Description of the notification policy. + // Description of the notification policy. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Block Set) The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + // The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. + EmailIntegration []EmailIntegrationInitParameters `json:"emailIntegration,omitempty" tf:"email_integration,omitempty"` + + // (Boolean) The status of the notification policy. + // The status of the notification policy. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). (see below for nested schema) + // An optional nested block of filters that applies to the selected `alert_type`. A key-value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). + Filters []FiltersInitParameters `json:"filters,omitempty" tf:"filters,omitempty"` + + // (String) The name of the notification policy. + // The name of the notification policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Block Set) The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + // The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. + PagerdutyIntegration []PagerdutyIntegrationInitParameters `json:"pagerdutyIntegration,omitempty" tf:"pagerduty_integration,omitempty"` + + // (Block Set) The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + // The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. + WebhooksIntegration []WebhooksIntegrationInitParameters `json:"webhooksIntegration,omitempty" tf:"webhooks_integration,omitempty"` +} + type PolicyObservation struct { + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of available alert types. Available values: billing_usage_alert, health_check_status_notification, g6_pool_toggle_alert, real_origin_monitoring, universal_ssl_event_type, dedicated_ssl_certificate_event_type, custom_ssl_certificate_event_type, access_custom_certificate_expiration_type, zone_aop_custom_certificate_expiration_type, bgp_hijack_notification, http_alert_origin_error, workers_alert, weekly_account_overview, expiring_service_token_alert, secondary_dns_all_primaries_failing, secondary_dns_zone_validation_warning, secondary_dns_primaries_failing, secondary_dns_zone_successfully_updated, dos_attack_l7, dos_attack_l4, advanced_ddos_attack_l7_alert, advanced_ddos_attack_l4_alert, fbm_volumetric_attack, fbm_auto_advertisement, load_balancing_pool_enablement_alert, load_balancing_health_alert, g6_health_alert, http_alert_edge_error, clickhouse_alert_fw_anomaly, clickhouse_alert_fw_ent_anomaly, failing_logpush_job_disabled_alert, scriptmonitor_alert_new_hosts, scriptmonitor_alert_new_scripts, scriptmonitor_alert_new_malicious_scripts, scriptmonitor_alert_new_malicious_url, scriptmonitor_alert_new_code_change_detections, scriptmonitor_alert_new_max_length_script_url, scriptmonitor_alert_new_malicious_hosts, sentinel_alert, hostname_aop_custom_certificate_expiration_type, stream_live_notifications, block_notification_new_block, block_notification_review_rejected, block_notification_review_accepted, web_analytics_metrics_update, workers_uptime. + // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `billing_usage_alert`, `health_check_status_notification`, `g6_pool_toggle_alert`, `real_origin_monitoring`, `universal_ssl_event_type`, `dedicated_ssl_certificate_event_type`, `custom_ssl_certificate_event_type`, `access_custom_certificate_expiration_type`, `zone_aop_custom_certificate_expiration_type`, `bgp_hijack_notification`, `http_alert_origin_error`, `workers_alert`, `weekly_account_overview`, `expiring_service_token_alert`, `secondary_dns_all_primaries_failing`, `secondary_dns_zone_validation_warning`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `dos_attack_l7`, `dos_attack_l4`, `advanced_ddos_attack_l7_alert`, `advanced_ddos_attack_l4_alert`, `fbm_volumetric_attack`, `fbm_auto_advertisement`, `load_balancing_pool_enablement_alert`, `load_balancing_health_alert`, `g6_health_alert`, `http_alert_edge_error`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `failing_logpush_job_disabled_alert`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_scripts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_max_length_script_url`, `scriptmonitor_alert_new_malicious_hosts`, `sentinel_alert`, `hostname_aop_custom_certificate_expiration_type`, `stream_live_notifications`, `block_notification_new_block`, `block_notification_review_rejected`, `block_notification_review_accepted`, `web_analytics_metrics_update`, `workers_uptime`. + AlertType *string `json:"alertType,omitempty" tf:"alert_type,omitempty"` + + // (String) When the notification policy was created. // When the notification policy was created. Created *string `json:"created,omitempty" tf:"created,omitempty"` + // (String) Description of the notification policy. + // Description of the notification policy. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Block Set) The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + // The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. + EmailIntegration []EmailIntegrationObservation `json:"emailIntegration,omitempty" tf:"email_integration,omitempty"` + + // (Boolean) The status of the notification policy. + // The status of the notification policy. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). (see below for nested schema) + // An optional nested block of filters that applies to the selected `alert_type`. A key-value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). + Filters []FiltersObservation `json:"filters,omitempty" tf:"filters,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (String) When the notification policy was last modified. // When the notification policy was last modified. Modified *string `json:"modified,omitempty" tf:"modified,omitempty"` + + // (String) The name of the notification policy. + // The name of the notification policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Block Set) The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + // The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. + PagerdutyIntegration []PagerdutyIntegrationObservation `json:"pagerdutyIntegration,omitempty" tf:"pagerduty_integration,omitempty"` + + // (Block Set) The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + // The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. + WebhooksIntegration []WebhooksIntegrationObservation `json:"webhooksIntegration,omitempty" tf:"webhooks_integration,omitempty"` } type PolicyParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -140,44 +483,77 @@ type PolicyParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of available alert types. Available values: billing_usage_alert, health_check_status_notification, g6_pool_toggle_alert, real_origin_monitoring, universal_ssl_event_type, dedicated_ssl_certificate_event_type, custom_ssl_certificate_event_type, access_custom_certificate_expiration_type, zone_aop_custom_certificate_expiration_type, bgp_hijack_notification, http_alert_origin_error, workers_alert, weekly_account_overview, expiring_service_token_alert, secondary_dns_all_primaries_failing, secondary_dns_zone_validation_warning, secondary_dns_primaries_failing, secondary_dns_zone_successfully_updated, dos_attack_l7, dos_attack_l4, advanced_ddos_attack_l7_alert, advanced_ddos_attack_l4_alert, fbm_volumetric_attack, fbm_auto_advertisement, load_balancing_pool_enablement_alert, load_balancing_health_alert, g6_health_alert, http_alert_edge_error, clickhouse_alert_fw_anomaly, clickhouse_alert_fw_ent_anomaly, failing_logpush_job_disabled_alert, scriptmonitor_alert_new_hosts, scriptmonitor_alert_new_scripts, scriptmonitor_alert_new_malicious_scripts, scriptmonitor_alert_new_malicious_url, scriptmonitor_alert_new_code_change_detections, scriptmonitor_alert_new_max_length_script_url, scriptmonitor_alert_new_malicious_hosts, sentinel_alert, hostname_aop_custom_certificate_expiration_type, stream_live_notifications, block_notification_new_block, block_notification_review_rejected, block_notification_review_accepted, web_analytics_metrics_update, workers_uptime. // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `billing_usage_alert`, `health_check_status_notification`, `g6_pool_toggle_alert`, `real_origin_monitoring`, `universal_ssl_event_type`, `dedicated_ssl_certificate_event_type`, `custom_ssl_certificate_event_type`, `access_custom_certificate_expiration_type`, `zone_aop_custom_certificate_expiration_type`, `bgp_hijack_notification`, `http_alert_origin_error`, `workers_alert`, `weekly_account_overview`, `expiring_service_token_alert`, `secondary_dns_all_primaries_failing`, `secondary_dns_zone_validation_warning`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `dos_attack_l7`, `dos_attack_l4`, `advanced_ddos_attack_l7_alert`, `advanced_ddos_attack_l4_alert`, `fbm_volumetric_attack`, `fbm_auto_advertisement`, `load_balancing_pool_enablement_alert`, `load_balancing_health_alert`, `g6_health_alert`, `http_alert_edge_error`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `failing_logpush_job_disabled_alert`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_scripts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_max_length_script_url`, `scriptmonitor_alert_new_malicious_hosts`, `sentinel_alert`, `hostname_aop_custom_certificate_expiration_type`, `stream_live_notifications`, `block_notification_new_block`, `block_notification_review_rejected`, `block_notification_review_accepted`, `web_analytics_metrics_update`, `workers_uptime`. - // +kubebuilder:validation:Required - AlertType *string `json:"alertType" tf:"alert_type,omitempty"` + // +kubebuilder:validation:Optional + AlertType *string `json:"alertType,omitempty" tf:"alert_type,omitempty"` + // (String) Description of the notification policy. // Description of the notification policy. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (Block Set) The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) // The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. // +kubebuilder:validation:Optional EmailIntegration []EmailIntegrationParameters `json:"emailIntegration,omitempty" tf:"email_integration,omitempty"` + // (Boolean) The status of the notification policy. // The status of the notification policy. - // +kubebuilder:validation:Required - Enabled *bool `json:"enabled" tf:"enabled,omitempty"` + // +kubebuilder:validation:Optional + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). (see below for nested schema) // An optional nested block of filters that applies to the selected `alert_type`. A key-value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). // +kubebuilder:validation:Optional Filters []FiltersParameters `json:"filters,omitempty" tf:"filters,omitempty"` + // (String) The name of the notification policy. // The name of the notification policy. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (Block Set) The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) // The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. // +kubebuilder:validation:Optional PagerdutyIntegration []PagerdutyIntegrationParameters `json:"pagerdutyIntegration,omitempty" tf:"pagerduty_integration,omitempty"` + // (Block Set) The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) // The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. // +kubebuilder:validation:Optional WebhooksIntegration []WebhooksIntegrationParameters `json:"webhooksIntegration,omitempty" tf:"webhooks_integration,omitempty"` } +type WebhooksIntegrationInitParameters struct { + + // (String) The ID of this resource. + // +crossplane:generate:reference:type=PolicyWebhooks + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // Reference to a PolicyWebhooks to populate id. + // +kubebuilder:validation:Optional + IDRef *v1.Reference `json:"idRef,omitempty" tf:"-"` + + // Selector for a PolicyWebhooks to populate id. + // +kubebuilder:validation:Optional + IDSelector *v1.Selector `json:"idSelector,omitempty" tf:"-"` + + // (String) The name of the notification policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type WebhooksIntegrationObservation struct { + + // (String) The ID of this resource. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The name of the notification policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type WebhooksIntegrationParameters struct { + // (String) The ID of this resource. // +crossplane:generate:reference:type=PolicyWebhooks // +kubebuilder:validation:Optional ID *string `json:"id,omitempty" tf:"id,omitempty"` @@ -190,6 +566,7 @@ type WebhooksIntegrationParameters struct { // +kubebuilder:validation:Optional IDSelector *v1.Selector `json:"idSelector,omitempty" tf:"-"` + // (String) The name of the notification policy. // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` } @@ -198,6 +575,17 @@ type WebhooksIntegrationParameters struct { type PolicySpec struct { v1.ResourceSpec `json:",inline"` ForProvider PolicyParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider PolicyInitParameters `json:"initProvider,omitempty"` } // PolicyStatus defines the observed state of Policy. @@ -207,19 +595,23 @@ type PolicyStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Policy is the Schema for the Policys API. +// Policy is the Schema for the Policys API. Provides a resource, that manages a notification policy for Cloudflare's products. The delivery mechanisms supported are email, webhooks, and PagerDuty. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Policy struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec PolicySpec `json:"spec"` - Status PolicyStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.alertType) || (has(self.initProvider) && has(self.initProvider.alertType))",message="spec.forProvider.alertType is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.enabled) || (has(self.initProvider) && has(self.initProvider.enabled))",message="spec.forProvider.enabled is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec PolicySpec `json:"spec"` + Status PolicyStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/notification/v1alpha1/zz_generated_terraformed.go b/apis/notification/v1alpha1/zz_policywebhooks_terraformed.go similarity index 55% rename from apis/notification/v1alpha1/zz_generated_terraformed.go rename to apis/notification/v1alpha1/zz_policywebhooks_terraformed.go index 420ded3..ddfa4d6 100755 --- a/apis/notification/v1alpha1/zz_generated_terraformed.go +++ b/apis/notification/v1alpha1/zz_policywebhooks_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,24 +11,25 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) -// GetTerraformResourceType returns Terraform resource type for this Policy -func (mg *Policy) GetTerraformResourceType() string { - return "cloudflare_notification_policy" +// GetTerraformResourceType returns Terraform resource type for this PolicyWebhooks +func (mg *PolicyWebhooks) GetTerraformResourceType() string { + return "cloudflare_notification_policy_webhooks" } -// GetConnectionDetailsMapping for this Policy -func (tr *Policy) GetConnectionDetailsMapping() map[string]string { +// GetConnectionDetailsMapping for this PolicyWebhooks +func (tr *PolicyWebhooks) GetConnectionDetailsMapping() map[string]string { return nil } -// GetObservation of this Policy -func (tr *Policy) GetObservation() (map[string]any, error) { +// GetObservation of this PolicyWebhooks +func (tr *PolicyWebhooks) GetObservation() (map[string]any, error) { o, err := json.TFParser.Marshal(tr.Status.AtProvider) if err != nil { return nil, err @@ -33,8 +38,8 @@ func (tr *Policy) GetObservation() (map[string]any, error) { return base, json.TFParser.Unmarshal(o, &base) } -// SetObservation for this Policy -func (tr *Policy) SetObservation(obs map[string]any) error { +// SetObservation for this PolicyWebhooks +func (tr *PolicyWebhooks) SetObservation(obs map[string]any) error { p, err := json.TFParser.Marshal(obs) if err != nil { return err @@ -42,16 +47,16 @@ func (tr *Policy) SetObservation(obs map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) } -// GetID returns ID of underlying Terraform resource of this Policy -func (tr *Policy) GetID() string { +// GetID returns ID of underlying Terraform resource of this PolicyWebhooks +func (tr *PolicyWebhooks) GetID() string { if tr.Status.AtProvider.ID == nil { return "" } return *tr.Status.AtProvider.ID } -// GetParameters of this Policy -func (tr *Policy) GetParameters() (map[string]any, error) { +// GetParameters of this PolicyWebhooks +func (tr *PolicyWebhooks) GetParameters() (map[string]any, error) { p, err := json.TFParser.Marshal(tr.Spec.ForProvider) if err != nil { return nil, err @@ -60,8 +65,8 @@ func (tr *Policy) GetParameters() (map[string]any, error) { return base, json.TFParser.Unmarshal(p, &base) } -// SetParameters for this Policy -func (tr *Policy) SetParameters(params map[string]any) error { +// SetParameters for this PolicyWebhooks +func (tr *PolicyWebhooks) SetParameters(params map[string]any) error { p, err := json.TFParser.Marshal(params) if err != nil { return err @@ -69,78 +74,44 @@ func (tr *Policy) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } -// LateInitialize this Policy using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Policy) LateInitialize(attrs []byte) (bool, error) { - params := &PolicyParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Policy) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this PolicyWebhooks -func (mg *PolicyWebhooks) GetTerraformResourceType() string { - return "cloudflare_notification_policy_webhooks" -} - -// GetConnectionDetailsMapping for this PolicyWebhooks -func (tr *PolicyWebhooks) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this PolicyWebhooks -func (tr *PolicyWebhooks) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) +// GetInitParameters of this PolicyWebhooks +func (tr *PolicyWebhooks) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) if err != nil { return nil, err } base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) + return base, json.TFParser.Unmarshal(p, &base) } -// SetObservation for this PolicyWebhooks -func (tr *PolicyWebhooks) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) +// GetInitParameters of this PolicyWebhooks +func (tr *PolicyWebhooks) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() if err != nil { - return err + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this PolicyWebhooks -func (tr *PolicyWebhooks) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" + if !shouldMergeInitProvider { + return params, nil } - return *tr.Status.AtProvider.ID -} -// GetParameters of this PolicyWebhooks -func (tr *PolicyWebhooks) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + initParams, err := tr.GetInitParameters() if err != nil { - return nil, err + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} -// SetParameters for this PolicyWebhooks -func (tr *PolicyWebhooks) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) if err != nil { - return err + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) + + return params, nil } // LateInitialize this PolicyWebhooks using its observed tfState. diff --git a/apis/notification/v1alpha1/zz_policywebhooks_types.go b/apis/notification/v1alpha1/zz_policywebhooks_types.go index 26b38a2..87dbb67 100755 --- a/apis/notification/v1alpha1/zz_policywebhooks_types.go +++ b/apis/notification/v1alpha1/zz_policywebhooks_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,7 +17,39 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type PolicyWebhooksInitParameters struct { + + // The ID of the account for which the webhook destination has to be connected. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // The name of the webhook destination. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // An optional secret can be provided that will be passed in the cf-webhook-auth header when dispatching a webhook notification. + // Secrets are not returned in any API response body. + // Refer to the documentation for more details - https://api.cloudflare.com/#notification-webhooks-create-webhook. + Secret *string `json:"secret,omitempty" tf:"secret,omitempty"` + + // The URL of the webhook destinations. + URL *string `json:"url,omitempty" tf:"url,omitempty"` +} + type PolicyWebhooksObservation struct { + + // The ID of the account for which the webhook destination has to be connected. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + CreatedAt *string `json:"createdAt,omitempty" tf:"created_at,omitempty"` ID *string `json:"id,omitempty" tf:"id,omitempty"` @@ -22,11 +58,23 @@ type PolicyWebhooksObservation struct { LastSuccess *string `json:"lastSuccess,omitempty" tf:"last_success,omitempty"` + // The name of the webhook destination. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // An optional secret can be provided that will be passed in the cf-webhook-auth header when dispatching a webhook notification. + // Secrets are not returned in any API response body. + // Refer to the documentation for more details - https://api.cloudflare.com/#notification-webhooks-create-webhook. + Secret *string `json:"secret,omitempty" tf:"secret,omitempty"` + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // The URL of the webhook destinations. + URL *string `json:"url,omitempty" tf:"url,omitempty"` } type PolicyWebhooksParameters struct { + // The ID of the account for which the webhook destination has to be connected. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -40,12 +88,17 @@ type PolicyWebhooksParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // The name of the webhook destination. + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // An optional secret can be provided that will be passed in the cf-webhook-auth header when dispatching a webhook notification. + // Secrets are not returned in any API response body. + // Refer to the documentation for more details - https://api.cloudflare.com/#notification-webhooks-create-webhook. // +kubebuilder:validation:Optional Secret *string `json:"secret,omitempty" tf:"secret,omitempty"` + // The URL of the webhook destinations. // +kubebuilder:validation:Optional URL *string `json:"url,omitempty" tf:"url,omitempty"` } @@ -54,6 +107,17 @@ type PolicyWebhooksParameters struct { type PolicyWebhooksSpec struct { v1.ResourceSpec `json:",inline"` ForProvider PolicyWebhooksParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider PolicyWebhooksInitParameters `json:"initProvider,omitempty"` } // PolicyWebhooksStatus defines the observed state of PolicyWebhooks. @@ -63,19 +127,21 @@ type PolicyWebhooksStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// PolicyWebhooks is the Schema for the PolicyWebhookss API. +// PolicyWebhooks is the Schema for the PolicyWebhookss API. Provides a resource to create and manage webhooks destinations for Cloudflare's notification policies. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type PolicyWebhooks struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec PolicyWebhooksSpec `json:"spec"` - Status PolicyWebhooksStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec PolicyWebhooksSpec `json:"spec"` + Status PolicyWebhooksStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/originca/v1alpha1/zz_generated_terraformed.go b/apis/originca/v1alpha1/zz_certificate_terraformed.go similarity index 60% rename from apis/originca/v1alpha1/zz_generated_terraformed.go rename to apis/originca/v1alpha1/zz_certificate_terraformed.go index 2f4bc6a..5ad20e6 100755 --- a/apis/originca/v1alpha1/zz_generated_terraformed.go +++ b/apis/originca/v1alpha1/zz_certificate_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this Certificate @@ -69,6 +74,46 @@ func (tr *Certificate) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Certificate +func (tr *Certificate) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Certificate +func (tr *Certificate) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + // LateInitialize this Certificate using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Certificate) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/originca/v1alpha1/zz_certificate_types.go b/apis/originca/v1alpha1/zz_certificate_types.go index a6f3406..b36e3d2 100755 --- a/apis/originca/v1alpha1/zz_certificate_types.go +++ b/apis/originca/v1alpha1/zz_certificate_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,34 +17,83 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type CertificateInitParameters struct { + + // encoded. Modifying this attribute will force creation of a new resource. + // The Certificate Signing Request. Must be newline-encoded. **Modifying this attribute will force creation of a new resource.** + Csr *string `json:"csr,omitempty" tf:"csr,omitempty"` + + // (Set of String) A list of hostnames or wildcard names bound to the certificate. Modifying this attribute will force creation of a new resource. + // A list of hostnames or wildcard names bound to the certificate. **Modifying this attribute will force creation of a new resource.** + // +listType=set + Hostnames []*string `json:"hostnames,omitempty" tf:"hostnames,omitempty"` + + MinDaysForRenewal *float64 `json:"minDaysForRenewal,omitempty" tf:"min_days_for_renewal,omitempty"` + + // rsa, origin-ecc, keyless-certificate. Modifying this attribute will force creation of a new resource. + // The signature type desired on the certificate. Available values: `origin-rsa`, `origin-ecc`, `keyless-certificate`. **Modifying this attribute will force creation of a new resource.** + RequestType *string `json:"requestType,omitempty" tf:"request_type,omitempty"` + + // (Number) The number of days for which the certificate should be valid. Available values: 7, 30, 90, 365, 730, 1095, 5475. Modifying this attribute will force creation of a new resource. + // The number of days for which the certificate should be valid. Available values: `7`, `30`, `90`, `365`, `730`, `1095`, `5475`. **Modifying this attribute will force creation of a new resource.** + RequestedValidity *float64 `json:"requestedValidity,omitempty" tf:"requested_validity,omitempty"` +} + type CertificateObservation struct { + // (String) The Origin CA certificate. // The Origin CA certificate. Certificate *string `json:"certificate,omitempty" tf:"certificate,omitempty"` + // encoded. Modifying this attribute will force creation of a new resource. + // The Certificate Signing Request. Must be newline-encoded. **Modifying this attribute will force creation of a new resource.** + Csr *string `json:"csr,omitempty" tf:"csr,omitempty"` + + // (String) The datetime when the certificate will expire. // The datetime when the certificate will expire. ExpiresOn *string `json:"expiresOn,omitempty" tf:"expires_on,omitempty"` + // (Set of String) A list of hostnames or wildcard names bound to the certificate. Modifying this attribute will force creation of a new resource. + // A list of hostnames or wildcard names bound to the certificate. **Modifying this attribute will force creation of a new resource.** + // +listType=set + Hostnames []*string `json:"hostnames,omitempty" tf:"hostnames,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + MinDaysForRenewal *float64 `json:"minDaysForRenewal,omitempty" tf:"min_days_for_renewal,omitempty"` + + // rsa, origin-ecc, keyless-certificate. Modifying this attribute will force creation of a new resource. + // The signature type desired on the certificate. Available values: `origin-rsa`, `origin-ecc`, `keyless-certificate`. **Modifying this attribute will force creation of a new resource.** + RequestType *string `json:"requestType,omitempty" tf:"request_type,omitempty"` + + // (Number) The number of days for which the certificate should be valid. Available values: 7, 30, 90, 365, 730, 1095, 5475. Modifying this attribute will force creation of a new resource. + // The number of days for which the certificate should be valid. Available values: `7`, `30`, `90`, `365`, `730`, `1095`, `5475`. **Modifying this attribute will force creation of a new resource.** + RequestedValidity *float64 `json:"requestedValidity,omitempty" tf:"requested_validity,omitempty"` } type CertificateParameters struct { + // encoded. Modifying this attribute will force creation of a new resource. // The Certificate Signing Request. Must be newline-encoded. **Modifying this attribute will force creation of a new resource.** // +kubebuilder:validation:Optional Csr *string `json:"csr,omitempty" tf:"csr,omitempty"` + // (Set of String) A list of hostnames or wildcard names bound to the certificate. Modifying this attribute will force creation of a new resource. // A list of hostnames or wildcard names bound to the certificate. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Hostnames []*string `json:"hostnames" tf:"hostnames,omitempty"` + // +kubebuilder:validation:Optional + // +listType=set + Hostnames []*string `json:"hostnames,omitempty" tf:"hostnames,omitempty"` // +kubebuilder:validation:Optional MinDaysForRenewal *float64 `json:"minDaysForRenewal,omitempty" tf:"min_days_for_renewal,omitempty"` + // rsa, origin-ecc, keyless-certificate. Modifying this attribute will force creation of a new resource. // The signature type desired on the certificate. Available values: `origin-rsa`, `origin-ecc`, `keyless-certificate`. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - RequestType *string `json:"requestType" tf:"request_type,omitempty"` + // +kubebuilder:validation:Optional + RequestType *string `json:"requestType,omitempty" tf:"request_type,omitempty"` + // (Number) The number of days for which the certificate should be valid. Available values: 7, 30, 90, 365, 730, 1095, 5475. Modifying this attribute will force creation of a new resource. // The number of days for which the certificate should be valid. Available values: `7`, `30`, `90`, `365`, `730`, `1095`, `5475`. **Modifying this attribute will force creation of a new resource.** // +kubebuilder:validation:Optional RequestedValidity *float64 `json:"requestedValidity,omitempty" tf:"requested_validity,omitempty"` @@ -50,6 +103,17 @@ type CertificateParameters struct { type CertificateSpec struct { v1.ResourceSpec `json:",inline"` ForProvider CertificateParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider CertificateInitParameters `json:"initProvider,omitempty"` } // CertificateStatus defines the observed state of Certificate. @@ -59,19 +123,22 @@ type CertificateStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Certificate is the Schema for the Certificates API. +// Certificate is the Schema for the Certificates API. Provides a Cloudflare Origin CA certificate used to protect traffic to your origin without involving a third party Certificate Authority. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Certificate struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec CertificateSpec `json:"spec"` - Status CertificateStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.hostnames) || (has(self.initProvider) && has(self.initProvider.hostnames))",message="spec.forProvider.hostnames is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.requestType) || (has(self.initProvider) && has(self.initProvider.requestType))",message="spec.forProvider.requestType is a required parameter" + Spec CertificateSpec `json:"spec"` + Status CertificateStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/originca/v1alpha1/zz_generated.conversion_hubs.go b/apis/originca/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..8a51bf1 --- /dev/null +++ b/apis/originca/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,14 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Certificate) Hub() {} diff --git a/apis/originca/v1alpha1/zz_generated.deepcopy.go b/apis/originca/v1alpha1/zz_generated.deepcopy.go index c0dc932..d9950cd 100644 --- a/apis/originca/v1alpha1/zz_generated.deepcopy.go +++ b/apis/originca/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -40,6 +39,52 @@ func (in *Certificate) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertificateInitParameters) DeepCopyInto(out *CertificateInitParameters) { + *out = *in + if in.Csr != nil { + in, out := &in.Csr, &out.Csr + *out = new(string) + **out = **in + } + if in.Hostnames != nil { + in, out := &in.Hostnames, &out.Hostnames + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.MinDaysForRenewal != nil { + in, out := &in.MinDaysForRenewal, &out.MinDaysForRenewal + *out = new(float64) + **out = **in + } + if in.RequestType != nil { + in, out := &in.RequestType, &out.RequestType + *out = new(string) + **out = **in + } + if in.RequestedValidity != nil { + in, out := &in.RequestedValidity, &out.RequestedValidity + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateInitParameters. +func (in *CertificateInitParameters) DeepCopy() *CertificateInitParameters { + if in == nil { + return nil + } + out := new(CertificateInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CertificateList) DeepCopyInto(out *CertificateList) { *out = *in @@ -80,16 +125,47 @@ func (in *CertificateObservation) DeepCopyInto(out *CertificateObservation) { *out = new(string) **out = **in } + if in.Csr != nil { + in, out := &in.Csr, &out.Csr + *out = new(string) + **out = **in + } if in.ExpiresOn != nil { in, out := &in.ExpiresOn, &out.ExpiresOn *out = new(string) **out = **in } + if in.Hostnames != nil { + in, out := &in.Hostnames, &out.Hostnames + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.MinDaysForRenewal != nil { + in, out := &in.MinDaysForRenewal, &out.MinDaysForRenewal + *out = new(float64) + **out = **in + } + if in.RequestType != nil { + in, out := &in.RequestType, &out.RequestType + *out = new(string) + **out = **in + } + if in.RequestedValidity != nil { + in, out := &in.RequestedValidity, &out.RequestedValidity + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateObservation. @@ -153,6 +229,7 @@ func (in *CertificateSpec) DeepCopyInto(out *CertificateSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSpec. diff --git a/apis/originca/v1alpha1/zz_generated.managed.go b/apis/originca/v1alpha1/zz_generated.managed.go index a805f31..a257c5a 100644 --- a/apis/originca/v1alpha1/zz_generated.managed.go +++ b/apis/originca/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Certificate) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Certificate. +func (mg *Certificate) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Certificate. func (mg *Certificate) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Certificate. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Certificate) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Certificate. func (mg *Certificate) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Certificate) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Certificate. +func (mg *Certificate) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Certificate. func (mg *Certificate) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Certificate. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Certificate) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Certificate. func (mg *Certificate) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/originca/v1alpha1/zz_groupversion_info.go b/apis/originca/v1alpha1/zz_groupversion_info.go index 53565b9..c902377 100755 --- a/apis/originca/v1alpha1/zz_groupversion_info.go +++ b/apis/originca/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/page/v1alpha1/zz_generated.conversion_hubs.go b/apis/page/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..837d20a --- /dev/null +++ b/apis/page/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,14 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Rule) Hub() {} diff --git a/apis/page/v1alpha1/zz_generated.deepcopy.go b/apis/page/v1alpha1/zz_generated.deepcopy.go index 58cfac6..e23ae56 100644 --- a/apis/page/v1alpha1/zz_generated.deepcopy.go +++ b/apis/page/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -15,22 +14,7 @@ import ( ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActionsObservation) DeepCopyInto(out *ActionsObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionsObservation. -func (in *ActionsObservation) DeepCopy() *ActionsObservation { - if in == nil { - return nil - } - out := new(ActionsObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActionsParameters) DeepCopyInto(out *ActionsParameters) { +func (in *ActionsInitParameters) DeepCopyInto(out *ActionsInitParameters) { *out = *in if in.AlwaysUseHTTPS != nil { in, out := &in.AlwaysUseHTTPS, &out.AlwaysUseHTTPS @@ -69,7 +53,7 @@ func (in *ActionsParameters) DeepCopyInto(out *ActionsParameters) { } if in.CacheKeyFields != nil { in, out := &in.CacheKeyFields, &out.CacheKeyFields - *out = make([]CacheKeyFieldsParameters, len(*in)) + *out = make([]CacheKeyFieldsInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -86,7 +70,7 @@ func (in *ActionsParameters) DeepCopyInto(out *ActionsParameters) { } if in.CacheTTLByStatus != nil { in, out := &in.CacheTTLByStatus, &out.CacheTTLByStatus - *out = make([]CacheTTLByStatusParameters, len(*in)) + *out = make([]CacheTTLByStatusInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -133,7 +117,7 @@ func (in *ActionsParameters) DeepCopyInto(out *ActionsParameters) { } if in.ForwardingURL != nil { in, out := &in.ForwardingURL, &out.ForwardingURL - *out = make([]ForwardingURLParameters, len(*in)) + *out = make([]ForwardingURLInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -150,7 +134,7 @@ func (in *ActionsParameters) DeepCopyInto(out *ActionsParameters) { } if in.Minify != nil { in, out := &in.Minify, &out.Minify - *out = make([]MinifyParameters, len(*in)) + *out = make([]MinifyInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -227,105 +211,641 @@ func (in *ActionsParameters) DeepCopyInto(out *ActionsParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionsParameters. -func (in *ActionsParameters) DeepCopy() *ActionsParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionsInitParameters. +func (in *ActionsInitParameters) DeepCopy() *ActionsInitParameters { if in == nil { return nil } - out := new(ActionsParameters) + out := new(ActionsInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CacheKeyFieldsObservation) DeepCopyInto(out *CacheKeyFieldsObservation) { +func (in *ActionsObservation) DeepCopyInto(out *ActionsObservation) { *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheKeyFieldsObservation. -func (in *CacheKeyFieldsObservation) DeepCopy() *CacheKeyFieldsObservation { - if in == nil { - return nil + if in.AlwaysUseHTTPS != nil { + in, out := &in.AlwaysUseHTTPS, &out.AlwaysUseHTTPS + *out = new(bool) + **out = **in } - out := new(CacheKeyFieldsObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CacheKeyFieldsParameters) DeepCopyInto(out *CacheKeyFieldsParameters) { - *out = *in - if in.Cookie != nil { - in, out := &in.Cookie, &out.Cookie - *out = make([]CookieParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.AutomaticHTTPSRewrites != nil { + in, out := &in.AutomaticHTTPSRewrites, &out.AutomaticHTTPSRewrites + *out = new(string) + **out = **in } - if in.Header != nil { - in, out := &in.Header, &out.Header - *out = make([]HeaderParameters, len(*in)) + if in.BrowserCacheTTL != nil { + in, out := &in.BrowserCacheTTL, &out.BrowserCacheTTL + *out = new(string) + **out = **in + } + if in.BrowserCheck != nil { + in, out := &in.BrowserCheck, &out.BrowserCheck + *out = new(string) + **out = **in + } + if in.BypassCacheOnCookie != nil { + in, out := &in.BypassCacheOnCookie, &out.BypassCacheOnCookie + *out = new(string) + **out = **in + } + if in.CacheByDeviceType != nil { + in, out := &in.CacheByDeviceType, &out.CacheByDeviceType + *out = new(string) + **out = **in + } + if in.CacheDeceptionArmor != nil { + in, out := &in.CacheDeceptionArmor, &out.CacheDeceptionArmor + *out = new(string) + **out = **in + } + if in.CacheKeyFields != nil { + in, out := &in.CacheKeyFields, &out.CacheKeyFields + *out = make([]CacheKeyFieldsObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.Host != nil { - in, out := &in.Host, &out.Host - *out = make([]HostParameters, len(*in)) + if in.CacheLevel != nil { + in, out := &in.CacheLevel, &out.CacheLevel + *out = new(string) + **out = **in + } + if in.CacheOnCookie != nil { + in, out := &in.CacheOnCookie, &out.CacheOnCookie + *out = new(string) + **out = **in + } + if in.CacheTTLByStatus != nil { + in, out := &in.CacheTTLByStatus, &out.CacheTTLByStatus + *out = make([]CacheTTLByStatusObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.QueryString != nil { - in, out := &in.QueryString, &out.QueryString - *out = make([]QueryStringParameters, len(*in)) + if in.DisableApps != nil { + in, out := &in.DisableApps, &out.DisableApps + *out = new(bool) + **out = **in + } + if in.DisablePerformance != nil { + in, out := &in.DisablePerformance, &out.DisablePerformance + *out = new(bool) + **out = **in + } + if in.DisableRailgun != nil { + in, out := &in.DisableRailgun, &out.DisableRailgun + *out = new(bool) + **out = **in + } + if in.DisableSecurity != nil { + in, out := &in.DisableSecurity, &out.DisableSecurity + *out = new(bool) + **out = **in + } + if in.DisableZaraz != nil { + in, out := &in.DisableZaraz, &out.DisableZaraz + *out = new(bool) + **out = **in + } + if in.EdgeCacheTTL != nil { + in, out := &in.EdgeCacheTTL, &out.EdgeCacheTTL + *out = new(float64) + **out = **in + } + if in.EmailObfuscation != nil { + in, out := &in.EmailObfuscation, &out.EmailObfuscation + *out = new(string) + **out = **in + } + if in.ExplicitCacheControl != nil { + in, out := &in.ExplicitCacheControl, &out.ExplicitCacheControl + *out = new(string) + **out = **in + } + if in.ForwardingURL != nil { + in, out := &in.ForwardingURL, &out.ForwardingURL + *out = make([]ForwardingURLObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.User != nil { - in, out := &in.User, &out.User - *out = make([]UserParameters, len(*in)) + if in.HostHeaderOverride != nil { + in, out := &in.HostHeaderOverride, &out.HostHeaderOverride + *out = new(string) + **out = **in + } + if in.IPGeolocation != nil { + in, out := &in.IPGeolocation, &out.IPGeolocation + *out = new(string) + **out = **in + } + if in.Minify != nil { + in, out := &in.Minify, &out.Minify + *out = make([]MinifyObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheKeyFieldsParameters. -func (in *CacheKeyFieldsParameters) DeepCopy() *CacheKeyFieldsParameters { - if in == nil { - return nil + if in.Mirage != nil { + in, out := &in.Mirage, &out.Mirage + *out = new(string) + **out = **in + } + if in.OpportunisticEncryption != nil { + in, out := &in.OpportunisticEncryption, &out.OpportunisticEncryption + *out = new(string) + **out = **in + } + if in.OriginErrorPagePassThru != nil { + in, out := &in.OriginErrorPagePassThru, &out.OriginErrorPagePassThru + *out = new(string) + **out = **in + } + if in.Polish != nil { + in, out := &in.Polish, &out.Polish + *out = new(string) + **out = **in + } + if in.ResolveOverride != nil { + in, out := &in.ResolveOverride, &out.ResolveOverride + *out = new(string) + **out = **in + } + if in.RespectStrongEtag != nil { + in, out := &in.RespectStrongEtag, &out.RespectStrongEtag + *out = new(string) + **out = **in + } + if in.ResponseBuffering != nil { + in, out := &in.ResponseBuffering, &out.ResponseBuffering + *out = new(string) + **out = **in + } + if in.RocketLoader != nil { + in, out := &in.RocketLoader, &out.RocketLoader + *out = new(string) + **out = **in + } + if in.SSL != nil { + in, out := &in.SSL, &out.SSL + *out = new(string) + **out = **in + } + if in.SecurityLevel != nil { + in, out := &in.SecurityLevel, &out.SecurityLevel + *out = new(string) + **out = **in + } + if in.ServerSideExclude != nil { + in, out := &in.ServerSideExclude, &out.ServerSideExclude + *out = new(string) + **out = **in + } + if in.SortQueryStringForCache != nil { + in, out := &in.SortQueryStringForCache, &out.SortQueryStringForCache + *out = new(string) + **out = **in + } + if in.TrueClientIPHeader != nil { + in, out := &in.TrueClientIPHeader, &out.TrueClientIPHeader + *out = new(string) + **out = **in + } + if in.Waf != nil { + in, out := &in.Waf, &out.Waf + *out = new(string) + **out = **in } - out := new(CacheKeyFieldsParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CacheTTLByStatusObservation) DeepCopyInto(out *CacheTTLByStatusObservation) { - *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheTTLByStatusObservation. -func (in *CacheTTLByStatusObservation) DeepCopy() *CacheTTLByStatusObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionsObservation. +func (in *ActionsObservation) DeepCopy() *ActionsObservation { if in == nil { return nil } - out := new(CacheTTLByStatusObservation) + out := new(ActionsObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CacheTTLByStatusParameters) DeepCopyInto(out *CacheTTLByStatusParameters) { +func (in *ActionsParameters) DeepCopyInto(out *ActionsParameters) { *out = *in - if in.Codes != nil { - in, out := &in.Codes, &out.Codes - *out = new(string) + if in.AlwaysUseHTTPS != nil { + in, out := &in.AlwaysUseHTTPS, &out.AlwaysUseHTTPS + *out = new(bool) **out = **in } - if in.TTL != nil { + if in.AutomaticHTTPSRewrites != nil { + in, out := &in.AutomaticHTTPSRewrites, &out.AutomaticHTTPSRewrites + *out = new(string) + **out = **in + } + if in.BrowserCacheTTL != nil { + in, out := &in.BrowserCacheTTL, &out.BrowserCacheTTL + *out = new(string) + **out = **in + } + if in.BrowserCheck != nil { + in, out := &in.BrowserCheck, &out.BrowserCheck + *out = new(string) + **out = **in + } + if in.BypassCacheOnCookie != nil { + in, out := &in.BypassCacheOnCookie, &out.BypassCacheOnCookie + *out = new(string) + **out = **in + } + if in.CacheByDeviceType != nil { + in, out := &in.CacheByDeviceType, &out.CacheByDeviceType + *out = new(string) + **out = **in + } + if in.CacheDeceptionArmor != nil { + in, out := &in.CacheDeceptionArmor, &out.CacheDeceptionArmor + *out = new(string) + **out = **in + } + if in.CacheKeyFields != nil { + in, out := &in.CacheKeyFields, &out.CacheKeyFields + *out = make([]CacheKeyFieldsParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CacheLevel != nil { + in, out := &in.CacheLevel, &out.CacheLevel + *out = new(string) + **out = **in + } + if in.CacheOnCookie != nil { + in, out := &in.CacheOnCookie, &out.CacheOnCookie + *out = new(string) + **out = **in + } + if in.CacheTTLByStatus != nil { + in, out := &in.CacheTTLByStatus, &out.CacheTTLByStatus + *out = make([]CacheTTLByStatusParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DisableApps != nil { + in, out := &in.DisableApps, &out.DisableApps + *out = new(bool) + **out = **in + } + if in.DisablePerformance != nil { + in, out := &in.DisablePerformance, &out.DisablePerformance + *out = new(bool) + **out = **in + } + if in.DisableRailgun != nil { + in, out := &in.DisableRailgun, &out.DisableRailgun + *out = new(bool) + **out = **in + } + if in.DisableSecurity != nil { + in, out := &in.DisableSecurity, &out.DisableSecurity + *out = new(bool) + **out = **in + } + if in.DisableZaraz != nil { + in, out := &in.DisableZaraz, &out.DisableZaraz + *out = new(bool) + **out = **in + } + if in.EdgeCacheTTL != nil { + in, out := &in.EdgeCacheTTL, &out.EdgeCacheTTL + *out = new(float64) + **out = **in + } + if in.EmailObfuscation != nil { + in, out := &in.EmailObfuscation, &out.EmailObfuscation + *out = new(string) + **out = **in + } + if in.ExplicitCacheControl != nil { + in, out := &in.ExplicitCacheControl, &out.ExplicitCacheControl + *out = new(string) + **out = **in + } + if in.ForwardingURL != nil { + in, out := &in.ForwardingURL, &out.ForwardingURL + *out = make([]ForwardingURLParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.HostHeaderOverride != nil { + in, out := &in.HostHeaderOverride, &out.HostHeaderOverride + *out = new(string) + **out = **in + } + if in.IPGeolocation != nil { + in, out := &in.IPGeolocation, &out.IPGeolocation + *out = new(string) + **out = **in + } + if in.Minify != nil { + in, out := &in.Minify, &out.Minify + *out = make([]MinifyParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Mirage != nil { + in, out := &in.Mirage, &out.Mirage + *out = new(string) + **out = **in + } + if in.OpportunisticEncryption != nil { + in, out := &in.OpportunisticEncryption, &out.OpportunisticEncryption + *out = new(string) + **out = **in + } + if in.OriginErrorPagePassThru != nil { + in, out := &in.OriginErrorPagePassThru, &out.OriginErrorPagePassThru + *out = new(string) + **out = **in + } + if in.Polish != nil { + in, out := &in.Polish, &out.Polish + *out = new(string) + **out = **in + } + if in.ResolveOverride != nil { + in, out := &in.ResolveOverride, &out.ResolveOverride + *out = new(string) + **out = **in + } + if in.RespectStrongEtag != nil { + in, out := &in.RespectStrongEtag, &out.RespectStrongEtag + *out = new(string) + **out = **in + } + if in.ResponseBuffering != nil { + in, out := &in.ResponseBuffering, &out.ResponseBuffering + *out = new(string) + **out = **in + } + if in.RocketLoader != nil { + in, out := &in.RocketLoader, &out.RocketLoader + *out = new(string) + **out = **in + } + if in.SSL != nil { + in, out := &in.SSL, &out.SSL + *out = new(string) + **out = **in + } + if in.SecurityLevel != nil { + in, out := &in.SecurityLevel, &out.SecurityLevel + *out = new(string) + **out = **in + } + if in.ServerSideExclude != nil { + in, out := &in.ServerSideExclude, &out.ServerSideExclude + *out = new(string) + **out = **in + } + if in.SortQueryStringForCache != nil { + in, out := &in.SortQueryStringForCache, &out.SortQueryStringForCache + *out = new(string) + **out = **in + } + if in.TrueClientIPHeader != nil { + in, out := &in.TrueClientIPHeader, &out.TrueClientIPHeader + *out = new(string) + **out = **in + } + if in.Waf != nil { + in, out := &in.Waf, &out.Waf + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionsParameters. +func (in *ActionsParameters) DeepCopy() *ActionsParameters { + if in == nil { + return nil + } + out := new(ActionsParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CacheKeyFieldsInitParameters) DeepCopyInto(out *CacheKeyFieldsInitParameters) { + *out = *in + if in.Cookie != nil { + in, out := &in.Cookie, &out.Cookie + *out = make([]CookieInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = make([]HeaderInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = make([]HostInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.QueryString != nil { + in, out := &in.QueryString, &out.QueryString + *out = make([]QueryStringInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.User != nil { + in, out := &in.User, &out.User + *out = make([]UserInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheKeyFieldsInitParameters. +func (in *CacheKeyFieldsInitParameters) DeepCopy() *CacheKeyFieldsInitParameters { + if in == nil { + return nil + } + out := new(CacheKeyFieldsInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CacheKeyFieldsObservation) DeepCopyInto(out *CacheKeyFieldsObservation) { + *out = *in + if in.Cookie != nil { + in, out := &in.Cookie, &out.Cookie + *out = make([]CookieObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = make([]HeaderObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = make([]HostObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.QueryString != nil { + in, out := &in.QueryString, &out.QueryString + *out = make([]QueryStringObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.User != nil { + in, out := &in.User, &out.User + *out = make([]UserObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheKeyFieldsObservation. +func (in *CacheKeyFieldsObservation) DeepCopy() *CacheKeyFieldsObservation { + if in == nil { + return nil + } + out := new(CacheKeyFieldsObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CacheKeyFieldsParameters) DeepCopyInto(out *CacheKeyFieldsParameters) { + *out = *in + if in.Cookie != nil { + in, out := &in.Cookie, &out.Cookie + *out = make([]CookieParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = make([]HeaderParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = make([]HostParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.QueryString != nil { + in, out := &in.QueryString, &out.QueryString + *out = make([]QueryStringParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.User != nil { + in, out := &in.User, &out.User + *out = make([]UserParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheKeyFieldsParameters. +func (in *CacheKeyFieldsParameters) DeepCopy() *CacheKeyFieldsParameters { + if in == nil { + return nil + } + out := new(CacheKeyFieldsParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CacheTTLByStatusInitParameters) DeepCopyInto(out *CacheTTLByStatusInitParameters) { + *out = *in + if in.Codes != nil { + in, out := &in.Codes, &out.Codes + *out = new(string) + **out = **in + } + if in.TTL != nil { + in, out := &in.TTL, &out.TTL + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheTTLByStatusInitParameters. +func (in *CacheTTLByStatusInitParameters) DeepCopy() *CacheTTLByStatusInitParameters { + if in == nil { + return nil + } + out := new(CacheTTLByStatusInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CacheTTLByStatusObservation) DeepCopyInto(out *CacheTTLByStatusObservation) { + *out = *in + if in.Codes != nil { + in, out := &in.Codes, &out.Codes + *out = new(string) + **out = **in + } + if in.TTL != nil { + in, out := &in.TTL, &out.TTL + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheTTLByStatusObservation. +func (in *CacheTTLByStatusObservation) DeepCopy() *CacheTTLByStatusObservation { + if in == nil { + return nil + } + out := new(CacheTTLByStatusObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CacheTTLByStatusParameters) DeepCopyInto(out *CacheTTLByStatusParameters) { + *out = *in + if in.Codes != nil { + in, out := &in.Codes, &out.Codes + *out = new(string) + **out = **in + } + if in.TTL != nil { in, out := &in.TTL, &out.TTL *out = new(float64) **out = **in @@ -342,9 +862,68 @@ func (in *CacheTTLByStatusParameters) DeepCopy() *CacheTTLByStatusParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CookieInitParameters) DeepCopyInto(out *CookieInitParameters) { + *out = *in + if in.CheckPresence != nil { + in, out := &in.CheckPresence, &out.CheckPresence + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CookieInitParameters. +func (in *CookieInitParameters) DeepCopy() *CookieInitParameters { + if in == nil { + return nil + } + out := new(CookieInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CookieObservation) DeepCopyInto(out *CookieObservation) { *out = *in + if in.CheckPresence != nil { + in, out := &in.CheckPresence, &out.CheckPresence + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CookieObservation. @@ -394,9 +973,44 @@ func (in *CookieParameters) DeepCopy() *CookieParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ForwardingURLInitParameters) DeepCopyInto(out *ForwardingURLInitParameters) { + *out = *in + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } + if in.URL != nil { + in, out := &in.URL, &out.URL + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ForwardingURLInitParameters. +func (in *ForwardingURLInitParameters) DeepCopy() *ForwardingURLInitParameters { + if in == nil { + return nil + } + out := new(ForwardingURLInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ForwardingURLObservation) DeepCopyInto(out *ForwardingURLObservation) { *out = *in + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } + if in.URL != nil { + in, out := &in.URL, &out.URL + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ForwardingURLObservation. @@ -429,14 +1043,95 @@ func (in *ForwardingURLParameters) DeepCopy() *ForwardingURLParameters { if in == nil { return nil } - out := new(ForwardingURLParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HeaderObservation) DeepCopyInto(out *HeaderObservation) { - *out = *in + out := new(ForwardingURLParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HeaderInitParameters) DeepCopyInto(out *HeaderInitParameters) { + *out = *in + if in.CheckPresence != nil { + in, out := &in.CheckPresence, &out.CheckPresence + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Exclude != nil { + in, out := &in.Exclude, &out.Exclude + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeaderInitParameters. +func (in *HeaderInitParameters) DeepCopy() *HeaderInitParameters { + if in == nil { + return nil + } + out := new(HeaderInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HeaderObservation) DeepCopyInto(out *HeaderObservation) { + *out = *in + if in.CheckPresence != nil { + in, out := &in.CheckPresence, &out.CheckPresence + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Exclude != nil { + in, out := &in.Exclude, &out.Exclude + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeaderObservation. @@ -497,9 +1192,34 @@ func (in *HeaderParameters) DeepCopy() *HeaderParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HostInitParameters) DeepCopyInto(out *HostInitParameters) { + *out = *in + if in.Resolved != nil { + in, out := &in.Resolved, &out.Resolved + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostInitParameters. +func (in *HostInitParameters) DeepCopy() *HostInitParameters { + if in == nil { + return nil + } + out := new(HostInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HostObservation) DeepCopyInto(out *HostObservation) { *out = *in + if in.Resolved != nil { + in, out := &in.Resolved, &out.Resolved + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostObservation. @@ -532,9 +1252,54 @@ func (in *HostParameters) DeepCopy() *HostParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MinifyInitParameters) DeepCopyInto(out *MinifyInitParameters) { + *out = *in + if in.CSS != nil { + in, out := &in.CSS, &out.CSS + *out = new(string) + **out = **in + } + if in.HTML != nil { + in, out := &in.HTML, &out.HTML + *out = new(string) + **out = **in + } + if in.Js != nil { + in, out := &in.Js, &out.Js + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MinifyInitParameters. +func (in *MinifyInitParameters) DeepCopy() *MinifyInitParameters { + if in == nil { + return nil + } + out := new(MinifyInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MinifyObservation) DeepCopyInto(out *MinifyObservation) { *out = *in + if in.CSS != nil { + in, out := &in.CSS, &out.CSS + *out = new(string) + **out = **in + } + if in.HTML != nil { + in, out := &in.HTML, &out.HTML + *out = new(string) + **out = **in + } + if in.Js != nil { + in, out := &in.Js, &out.Js + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MinifyObservation. @@ -577,9 +1342,78 @@ func (in *MinifyParameters) DeepCopy() *MinifyParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *QueryStringInitParameters) DeepCopyInto(out *QueryStringInitParameters) { + *out = *in + if in.Exclude != nil { + in, out := &in.Exclude, &out.Exclude + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Ignore != nil { + in, out := &in.Ignore, &out.Ignore + *out = new(bool) + **out = **in + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueryStringInitParameters. +func (in *QueryStringInitParameters) DeepCopy() *QueryStringInitParameters { + if in == nil { + return nil + } + out := new(QueryStringInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *QueryStringObservation) DeepCopyInto(out *QueryStringObservation) { *out = *in + if in.Exclude != nil { + in, out := &in.Exclude, &out.Exclude + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Ignore != nil { + in, out := &in.Ignore, &out.Ignore + *out = new(bool) + **out = **in + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueryStringObservation. @@ -661,6 +1495,58 @@ func (in *Rule) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RuleInitParameters) DeepCopyInto(out *RuleInitParameters) { + *out = *in + if in.Actions != nil { + in, out := &in.Actions, &out.Actions + *out = make([]ActionsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } + if in.Target != nil { + in, out := &in.Target, &out.Target + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleInitParameters. +func (in *RuleInitParameters) DeepCopy() *RuleInitParameters { + if in == nil { + return nil + } + out := new(RuleInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleList) DeepCopyInto(out *RuleList) { *out = *in @@ -696,11 +1582,38 @@ func (in *RuleList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleObservation) DeepCopyInto(out *RuleObservation) { *out = *in + if in.Actions != nil { + in, out := &in.Actions, &out.Actions + *out = make([]ActionsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } + if in.Target != nil { + in, out := &in.Target, &out.Target + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleObservation. @@ -770,6 +1683,7 @@ func (in *RuleSpec) DeepCopyInto(out *RuleSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleSpec. @@ -799,9 +1713,54 @@ func (in *RuleStatus) DeepCopy() *RuleStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserInitParameters) DeepCopyInto(out *UserInitParameters) { + *out = *in + if in.DeviceType != nil { + in, out := &in.DeviceType, &out.DeviceType + *out = new(bool) + **out = **in + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = new(bool) + **out = **in + } + if in.Lang != nil { + in, out := &in.Lang, &out.Lang + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInitParameters. +func (in *UserInitParameters) DeepCopy() *UserInitParameters { + if in == nil { + return nil + } + out := new(UserInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UserObservation) DeepCopyInto(out *UserObservation) { *out = *in + if in.DeviceType != nil { + in, out := &in.DeviceType, &out.DeviceType + *out = new(bool) + **out = **in + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = new(bool) + **out = **in + } + if in.Lang != nil { + in, out := &in.Lang, &out.Lang + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserObservation. diff --git a/apis/page/v1alpha1/zz_generated.managed.go b/apis/page/v1alpha1/zz_generated.managed.go index f1963bb..140b6ca 100644 --- a/apis/page/v1alpha1/zz_generated.managed.go +++ b/apis/page/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Rule) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Rule. +func (mg *Rule) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Rule. func (mg *Rule) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Rule. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Rule) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Rule. func (mg *Rule) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Rule) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Rule. +func (mg *Rule) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Rule. func (mg *Rule) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Rule. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Rule) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Rule. func (mg *Rule) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/page/v1alpha1/zz_generated.resolvers.go b/apis/page/v1alpha1/zz_generated.resolvers.go index 60dbcde..092d815 100644 --- a/apis/page/v1alpha1/zz_generated.resolvers.go +++ b/apis/page/v1alpha1/zz_generated.resolvers.go @@ -36,5 +36,21 @@ func (mg *Rule) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/page/v1alpha1/zz_groupversion_info.go b/apis/page/v1alpha1/zz_groupversion_info.go index 30c967b..c23b930 100755 --- a/apis/page/v1alpha1/zz_groupversion_info.go +++ b/apis/page/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/page/v1alpha1/zz_generated_terraformed.go b/apis/page/v1alpha1/zz_rule_terraformed.go similarity index 60% rename from apis/page/v1alpha1/zz_generated_terraformed.go rename to apis/page/v1alpha1/zz_rule_terraformed.go index 3278b7f..596767f 100755 --- a/apis/page/v1alpha1/zz_generated_terraformed.go +++ b/apis/page/v1alpha1/zz_rule_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this Rule @@ -69,6 +74,46 @@ func (tr *Rule) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Rule +func (tr *Rule) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Rule +func (tr *Rule) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + // LateInitialize this Rule using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Rule) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/page/v1alpha1/zz_rule_types.go b/apis/page/v1alpha1/zz_rule_types.go index e0fae42..4f46191 100755 --- a/apis/page/v1alpha1/zz_rule_types.go +++ b/apis/page/v1alpha1/zz_rule_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,261 +17,784 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ActionsInitParameters struct { + + // Boolean of whether this action is enabled. Default: false. + // Defaults to `false`. + AlwaysUseHTTPS *bool `json:"alwaysUseHttps,omitempty" tf:"always_use_https,omitempty"` + + // Whether this action is "on" or "off". + AutomaticHTTPSRewrites *string `json:"automaticHttpsRewrites,omitempty" tf:"automatic_https_rewrites,omitempty"` + + // The Time To Live for the browser cache. 0 means 'Respect Existing Headers' + BrowserCacheTTL *string `json:"browserCacheTtl,omitempty" tf:"browser_cache_ttl,omitempty"` + + // Whether this action is "on" or "off". + BrowserCheck *string `json:"browserCheck,omitempty" tf:"browser_check,omitempty"` + + // String value of cookie name to conditionally bypass cache the page. + BypassCacheOnCookie *string `json:"bypassCacheOnCookie,omitempty" tf:"bypass_cache_on_cookie,omitempty"` + + // Whether this action is "on" or "off". + CacheByDeviceType *string `json:"cacheByDeviceType,omitempty" tf:"cache_by_device_type,omitempty"` + + // Whether this action is "on" or "off". + CacheDeceptionArmor *string `json:"cacheDeceptionArmor,omitempty" tf:"cache_deception_armor,omitempty"` + + // Controls how Cloudflare creates Cache Keys used to identify files in cache. See below for full description. + CacheKeyFields []CacheKeyFieldsInitParameters `json:"cacheKeyFields,omitempty" tf:"cache_key_fields,omitempty"` + + // Whether to set the cache level to "bypass", "basic", "simplified", "aggressive", or "cache_everything". + CacheLevel *string `json:"cacheLevel,omitempty" tf:"cache_level,omitempty"` + + // String value of cookie name to conditionally cache the page. + CacheOnCookie *string `json:"cacheOnCookie,omitempty" tf:"cache_on_cookie,omitempty"` + + // Set cache TTL based on the response status from the origin web server. Can be specified multiple times. See below for full description. + CacheTTLByStatus []CacheTTLByStatusInitParameters `json:"cacheTtlByStatus,omitempty" tf:"cache_ttl_by_status,omitempty"` + + // Boolean of whether this action is enabled. Default: false. + // Defaults to `false`. + DisableApps *bool `json:"disableApps,omitempty" tf:"disable_apps,omitempty"` + + // Boolean of whether this action is enabled. Default: false. + // Defaults to `false`. + DisablePerformance *bool `json:"disablePerformance,omitempty" tf:"disable_performance,omitempty"` + + // Boolean of whether this action is enabled. Default: false. + // Defaults to `false`. + DisableRailgun *bool `json:"disableRailgun,omitempty" tf:"disable_railgun,omitempty"` + + // Boolean of whether this action is enabled. Default: false. + // Defaults to `false`. + DisableSecurity *bool `json:"disableSecurity,omitempty" tf:"disable_security,omitempty"` + + // Boolean of whether this action is enabled. Default: false. + // Defaults to `false`. + DisableZaraz *bool `json:"disableZaraz,omitempty" tf:"disable_zaraz,omitempty"` + + // The Time To Live for the edge cache. + EdgeCacheTTL *float64 `json:"edgeCacheTtl,omitempty" tf:"edge_cache_ttl,omitempty"` + + // Whether this action is "on" or "off". + EmailObfuscation *string `json:"emailObfuscation,omitempty" tf:"email_obfuscation,omitempty"` + + // Whether origin Cache-Control action is "on" or "off". + ExplicitCacheControl *string `json:"explicitCacheControl,omitempty" tf:"explicit_cache_control,omitempty"` + + // The URL to forward to, and with what status. See below. + ForwardingURL []ForwardingURLInitParameters `json:"forwardingUrl,omitempty" tf:"forwarding_url,omitempty"` + + // Value of the Host header to send. + HostHeaderOverride *string `json:"hostHeaderOverride,omitempty" tf:"host_header_override,omitempty"` + + // Whether this action is "on" or "off". + IPGeolocation *string `json:"ipGeolocation,omitempty" tf:"ip_geolocation,omitempty"` + + // The configuration for HTML, CSS and JS minification. See below for full list of options. + Minify []MinifyInitParameters `json:"minify,omitempty" tf:"minify,omitempty"` + + // Whether this action is "on" or "off". + Mirage *string `json:"mirage,omitempty" tf:"mirage,omitempty"` + + // Whether this action is "on" or "off". + OpportunisticEncryption *string `json:"opportunisticEncryption,omitempty" tf:"opportunistic_encryption,omitempty"` + + // Whether this action is "on" or "off". + OriginErrorPagePassThru *string `json:"originErrorPagePassThru,omitempty" tf:"origin_error_page_pass_thru,omitempty"` + + // Whether this action is "off", "lossless" or "lossy". + Polish *string `json:"polish,omitempty" tf:"polish,omitempty"` + + // Overridden origin server name. + ResolveOverride *string `json:"resolveOverride,omitempty" tf:"resolve_override,omitempty"` + + // Whether this action is "on" or "off". + RespectStrongEtag *string `json:"respectStrongEtag,omitempty" tf:"respect_strong_etag,omitempty"` + + // Whether this action is "on" or "off". + ResponseBuffering *string `json:"responseBuffering,omitempty" tf:"response_buffering,omitempty"` + + // Whether to set the rocket loader to "on", "off". + RocketLoader *string `json:"rocketLoader,omitempty" tf:"rocket_loader,omitempty"` + + // Whether to set the SSL mode to "off", "flexible", "full", "strict", or "origin_pull". + SSL *string `json:"ssl,omitempty" tf:"ssl,omitempty"` + + // Whether to set the security level to "off", "essentially_off", "low", "medium", "high", or "under_attack". + SecurityLevel *string `json:"securityLevel,omitempty" tf:"security_level,omitempty"` + + // Whether this action is "on" or "off". + ServerSideExclude *string `json:"serverSideExclude,omitempty" tf:"server_side_exclude,omitempty"` + + // Whether this action is "on" or "off". + SortQueryStringForCache *string `json:"sortQueryStringForCache,omitempty" tf:"sort_query_string_for_cache,omitempty"` + + // Whether this action is "on" or "off". + TrueClientIPHeader *string `json:"trueClientIpHeader,omitempty" tf:"true_client_ip_header,omitempty"` + + // Whether this action is "on" or "off". + Waf *string `json:"waf,omitempty" tf:"waf,omitempty"` +} + type ActionsObservation struct { + + // Boolean of whether this action is enabled. Default: false. + // Defaults to `false`. + AlwaysUseHTTPS *bool `json:"alwaysUseHttps,omitempty" tf:"always_use_https,omitempty"` + + // Whether this action is "on" or "off". + AutomaticHTTPSRewrites *string `json:"automaticHttpsRewrites,omitempty" tf:"automatic_https_rewrites,omitempty"` + + // The Time To Live for the browser cache. 0 means 'Respect Existing Headers' + BrowserCacheTTL *string `json:"browserCacheTtl,omitempty" tf:"browser_cache_ttl,omitempty"` + + // Whether this action is "on" or "off". + BrowserCheck *string `json:"browserCheck,omitempty" tf:"browser_check,omitempty"` + + // String value of cookie name to conditionally bypass cache the page. + BypassCacheOnCookie *string `json:"bypassCacheOnCookie,omitempty" tf:"bypass_cache_on_cookie,omitempty"` + + // Whether this action is "on" or "off". + CacheByDeviceType *string `json:"cacheByDeviceType,omitempty" tf:"cache_by_device_type,omitempty"` + + // Whether this action is "on" or "off". + CacheDeceptionArmor *string `json:"cacheDeceptionArmor,omitempty" tf:"cache_deception_armor,omitempty"` + + // Controls how Cloudflare creates Cache Keys used to identify files in cache. See below for full description. + CacheKeyFields []CacheKeyFieldsObservation `json:"cacheKeyFields,omitempty" tf:"cache_key_fields,omitempty"` + + // Whether to set the cache level to "bypass", "basic", "simplified", "aggressive", or "cache_everything". + CacheLevel *string `json:"cacheLevel,omitempty" tf:"cache_level,omitempty"` + + // String value of cookie name to conditionally cache the page. + CacheOnCookie *string `json:"cacheOnCookie,omitempty" tf:"cache_on_cookie,omitempty"` + + // Set cache TTL based on the response status from the origin web server. Can be specified multiple times. See below for full description. + CacheTTLByStatus []CacheTTLByStatusObservation `json:"cacheTtlByStatus,omitempty" tf:"cache_ttl_by_status,omitempty"` + + // Boolean of whether this action is enabled. Default: false. + // Defaults to `false`. + DisableApps *bool `json:"disableApps,omitempty" tf:"disable_apps,omitempty"` + + // Boolean of whether this action is enabled. Default: false. + // Defaults to `false`. + DisablePerformance *bool `json:"disablePerformance,omitempty" tf:"disable_performance,omitempty"` + + // Boolean of whether this action is enabled. Default: false. + // Defaults to `false`. + DisableRailgun *bool `json:"disableRailgun,omitempty" tf:"disable_railgun,omitempty"` + + // Boolean of whether this action is enabled. Default: false. + // Defaults to `false`. + DisableSecurity *bool `json:"disableSecurity,omitempty" tf:"disable_security,omitempty"` + + // Boolean of whether this action is enabled. Default: false. + // Defaults to `false`. + DisableZaraz *bool `json:"disableZaraz,omitempty" tf:"disable_zaraz,omitempty"` + + // The Time To Live for the edge cache. + EdgeCacheTTL *float64 `json:"edgeCacheTtl,omitempty" tf:"edge_cache_ttl,omitempty"` + + // Whether this action is "on" or "off". + EmailObfuscation *string `json:"emailObfuscation,omitempty" tf:"email_obfuscation,omitempty"` + + // Whether origin Cache-Control action is "on" or "off". + ExplicitCacheControl *string `json:"explicitCacheControl,omitempty" tf:"explicit_cache_control,omitempty"` + + // The URL to forward to, and with what status. See below. + ForwardingURL []ForwardingURLObservation `json:"forwardingUrl,omitempty" tf:"forwarding_url,omitempty"` + + // Value of the Host header to send. + HostHeaderOverride *string `json:"hostHeaderOverride,omitempty" tf:"host_header_override,omitempty"` + + // Whether this action is "on" or "off". + IPGeolocation *string `json:"ipGeolocation,omitempty" tf:"ip_geolocation,omitempty"` + + // The configuration for HTML, CSS and JS minification. See below for full list of options. + Minify []MinifyObservation `json:"minify,omitempty" tf:"minify,omitempty"` + + // Whether this action is "on" or "off". + Mirage *string `json:"mirage,omitempty" tf:"mirage,omitempty"` + + // Whether this action is "on" or "off". + OpportunisticEncryption *string `json:"opportunisticEncryption,omitempty" tf:"opportunistic_encryption,omitempty"` + + // Whether this action is "on" or "off". + OriginErrorPagePassThru *string `json:"originErrorPagePassThru,omitempty" tf:"origin_error_page_pass_thru,omitempty"` + + // Whether this action is "off", "lossless" or "lossy". + Polish *string `json:"polish,omitempty" tf:"polish,omitempty"` + + // Overridden origin server name. + ResolveOverride *string `json:"resolveOverride,omitempty" tf:"resolve_override,omitempty"` + + // Whether this action is "on" or "off". + RespectStrongEtag *string `json:"respectStrongEtag,omitempty" tf:"respect_strong_etag,omitempty"` + + // Whether this action is "on" or "off". + ResponseBuffering *string `json:"responseBuffering,omitempty" tf:"response_buffering,omitempty"` + + // Whether to set the rocket loader to "on", "off". + RocketLoader *string `json:"rocketLoader,omitempty" tf:"rocket_loader,omitempty"` + + // Whether to set the SSL mode to "off", "flexible", "full", "strict", or "origin_pull". + SSL *string `json:"ssl,omitempty" tf:"ssl,omitempty"` + + // Whether to set the security level to "off", "essentially_off", "low", "medium", "high", or "under_attack". + SecurityLevel *string `json:"securityLevel,omitempty" tf:"security_level,omitempty"` + + // Whether this action is "on" or "off". + ServerSideExclude *string `json:"serverSideExclude,omitempty" tf:"server_side_exclude,omitempty"` + + // Whether this action is "on" or "off". + SortQueryStringForCache *string `json:"sortQueryStringForCache,omitempty" tf:"sort_query_string_for_cache,omitempty"` + + // Whether this action is "on" or "off". + TrueClientIPHeader *string `json:"trueClientIpHeader,omitempty" tf:"true_client_ip_header,omitempty"` + + // Whether this action is "on" or "off". + Waf *string `json:"waf,omitempty" tf:"waf,omitempty"` } type ActionsParameters struct { + // Boolean of whether this action is enabled. Default: false. // Defaults to `false`. // +kubebuilder:validation:Optional AlwaysUseHTTPS *bool `json:"alwaysUseHttps,omitempty" tf:"always_use_https,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional AutomaticHTTPSRewrites *string `json:"automaticHttpsRewrites,omitempty" tf:"automatic_https_rewrites,omitempty"` + // The Time To Live for the browser cache. 0 means 'Respect Existing Headers' // +kubebuilder:validation:Optional BrowserCacheTTL *string `json:"browserCacheTtl,omitempty" tf:"browser_cache_ttl,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional BrowserCheck *string `json:"browserCheck,omitempty" tf:"browser_check,omitempty"` + // String value of cookie name to conditionally bypass cache the page. // +kubebuilder:validation:Optional BypassCacheOnCookie *string `json:"bypassCacheOnCookie,omitempty" tf:"bypass_cache_on_cookie,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional CacheByDeviceType *string `json:"cacheByDeviceType,omitempty" tf:"cache_by_device_type,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional CacheDeceptionArmor *string `json:"cacheDeceptionArmor,omitempty" tf:"cache_deception_armor,omitempty"` + // Controls how Cloudflare creates Cache Keys used to identify files in cache. See below for full description. // +kubebuilder:validation:Optional CacheKeyFields []CacheKeyFieldsParameters `json:"cacheKeyFields,omitempty" tf:"cache_key_fields,omitempty"` + // Whether to set the cache level to "bypass", "basic", "simplified", "aggressive", or "cache_everything". // +kubebuilder:validation:Optional CacheLevel *string `json:"cacheLevel,omitempty" tf:"cache_level,omitempty"` + // String value of cookie name to conditionally cache the page. // +kubebuilder:validation:Optional CacheOnCookie *string `json:"cacheOnCookie,omitempty" tf:"cache_on_cookie,omitempty"` + // Set cache TTL based on the response status from the origin web server. Can be specified multiple times. See below for full description. // +kubebuilder:validation:Optional CacheTTLByStatus []CacheTTLByStatusParameters `json:"cacheTtlByStatus,omitempty" tf:"cache_ttl_by_status,omitempty"` + // Boolean of whether this action is enabled. Default: false. // Defaults to `false`. // +kubebuilder:validation:Optional DisableApps *bool `json:"disableApps,omitempty" tf:"disable_apps,omitempty"` + // Boolean of whether this action is enabled. Default: false. // Defaults to `false`. // +kubebuilder:validation:Optional DisablePerformance *bool `json:"disablePerformance,omitempty" tf:"disable_performance,omitempty"` + // Boolean of whether this action is enabled. Default: false. // Defaults to `false`. // +kubebuilder:validation:Optional DisableRailgun *bool `json:"disableRailgun,omitempty" tf:"disable_railgun,omitempty"` + // Boolean of whether this action is enabled. Default: false. // Defaults to `false`. // +kubebuilder:validation:Optional DisableSecurity *bool `json:"disableSecurity,omitempty" tf:"disable_security,omitempty"` + // Boolean of whether this action is enabled. Default: false. // Defaults to `false`. // +kubebuilder:validation:Optional DisableZaraz *bool `json:"disableZaraz,omitempty" tf:"disable_zaraz,omitempty"` + // The Time To Live for the edge cache. // +kubebuilder:validation:Optional EdgeCacheTTL *float64 `json:"edgeCacheTtl,omitempty" tf:"edge_cache_ttl,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional EmailObfuscation *string `json:"emailObfuscation,omitempty" tf:"email_obfuscation,omitempty"` + // Whether origin Cache-Control action is "on" or "off". // +kubebuilder:validation:Optional ExplicitCacheControl *string `json:"explicitCacheControl,omitempty" tf:"explicit_cache_control,omitempty"` + // The URL to forward to, and with what status. See below. // +kubebuilder:validation:Optional ForwardingURL []ForwardingURLParameters `json:"forwardingUrl,omitempty" tf:"forwarding_url,omitempty"` + // Value of the Host header to send. // +kubebuilder:validation:Optional HostHeaderOverride *string `json:"hostHeaderOverride,omitempty" tf:"host_header_override,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional IPGeolocation *string `json:"ipGeolocation,omitempty" tf:"ip_geolocation,omitempty"` + // The configuration for HTML, CSS and JS minification. See below for full list of options. // +kubebuilder:validation:Optional Minify []MinifyParameters `json:"minify,omitempty" tf:"minify,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional Mirage *string `json:"mirage,omitempty" tf:"mirage,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional OpportunisticEncryption *string `json:"opportunisticEncryption,omitempty" tf:"opportunistic_encryption,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional OriginErrorPagePassThru *string `json:"originErrorPagePassThru,omitempty" tf:"origin_error_page_pass_thru,omitempty"` + // Whether this action is "off", "lossless" or "lossy". // +kubebuilder:validation:Optional Polish *string `json:"polish,omitempty" tf:"polish,omitempty"` + // Overridden origin server name. // +kubebuilder:validation:Optional ResolveOverride *string `json:"resolveOverride,omitempty" tf:"resolve_override,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional RespectStrongEtag *string `json:"respectStrongEtag,omitempty" tf:"respect_strong_etag,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional ResponseBuffering *string `json:"responseBuffering,omitempty" tf:"response_buffering,omitempty"` + // Whether to set the rocket loader to "on", "off". // +kubebuilder:validation:Optional RocketLoader *string `json:"rocketLoader,omitempty" tf:"rocket_loader,omitempty"` + // Whether to set the SSL mode to "off", "flexible", "full", "strict", or "origin_pull". // +kubebuilder:validation:Optional SSL *string `json:"ssl,omitempty" tf:"ssl,omitempty"` + // Whether to set the security level to "off", "essentially_off", "low", "medium", "high", or "under_attack". // +kubebuilder:validation:Optional SecurityLevel *string `json:"securityLevel,omitempty" tf:"security_level,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional ServerSideExclude *string `json:"serverSideExclude,omitempty" tf:"server_side_exclude,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional SortQueryStringForCache *string `json:"sortQueryStringForCache,omitempty" tf:"sort_query_string_for_cache,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional TrueClientIPHeader *string `json:"trueClientIpHeader,omitempty" tf:"true_client_ip_header,omitempty"` + // Whether this action is "on" or "off". // +kubebuilder:validation:Optional Waf *string `json:"waf,omitempty" tf:"waf,omitempty"` } +type CacheKeyFieldsInitParameters struct { + + // Controls what cookies go into Cache Key: + Cookie []CookieInitParameters `json:"cookie,omitempty" tf:"cookie,omitempty"` + + // Controls what HTTP headers go into Cache Key: + Header []HeaderInitParameters `json:"header,omitempty" tf:"header,omitempty"` + + // Controls which Host header goes into Cache Key: + Host []HostInitParameters `json:"host,omitempty" tf:"host,omitempty"` + + // Controls which URL query string parameters go into the Cache Key. + QueryString []QueryStringInitParameters `json:"queryString,omitempty" tf:"query_string,omitempty"` + + // Controls which end user-related features go into the Cache Key. + User []UserInitParameters `json:"user,omitempty" tf:"user,omitempty"` +} + type CacheKeyFieldsObservation struct { + + // Controls what cookies go into Cache Key: + Cookie []CookieObservation `json:"cookie,omitempty" tf:"cookie,omitempty"` + + // Controls what HTTP headers go into Cache Key: + Header []HeaderObservation `json:"header,omitempty" tf:"header,omitempty"` + + // Controls which Host header goes into Cache Key: + Host []HostObservation `json:"host,omitempty" tf:"host,omitempty"` + + // Controls which URL query string parameters go into the Cache Key. + QueryString []QueryStringObservation `json:"queryString,omitempty" tf:"query_string,omitempty"` + + // Controls which end user-related features go into the Cache Key. + User []UserObservation `json:"user,omitempty" tf:"user,omitempty"` } type CacheKeyFieldsParameters struct { - // +kubebuilder:validation:Required + // Controls what cookies go into Cache Key: + // +kubebuilder:validation:Optional Cookie []CookieParameters `json:"cookie" tf:"cookie,omitempty"` - // +kubebuilder:validation:Required + // Controls what HTTP headers go into Cache Key: + // +kubebuilder:validation:Optional Header []HeaderParameters `json:"header" tf:"header,omitempty"` - // +kubebuilder:validation:Required + // Controls which Host header goes into Cache Key: + // +kubebuilder:validation:Optional Host []HostParameters `json:"host" tf:"host,omitempty"` - // +kubebuilder:validation:Required + // Controls which URL query string parameters go into the Cache Key. + // +kubebuilder:validation:Optional QueryString []QueryStringParameters `json:"queryString" tf:"query_string,omitempty"` - // +kubebuilder:validation:Required + // Controls which end user-related features go into the Cache Key. + // +kubebuilder:validation:Optional User []UserParameters `json:"user" tf:"user,omitempty"` } +type CacheTTLByStatusInitParameters struct { + + // A HTTP code (e.g. 404) or range of codes (e.g. 400-499) + Codes *string `json:"codes,omitempty" tf:"codes,omitempty"` + + // Duration a resource lives in the Cloudflare cache. + TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` +} + type CacheTTLByStatusObservation struct { + + // A HTTP code (e.g. 404) or range of codes (e.g. 400-499) + Codes *string `json:"codes,omitempty" tf:"codes,omitempty"` + + // Duration a resource lives in the Cloudflare cache. + TTL *float64 `json:"ttl,omitempty" tf:"ttl,omitempty"` } type CacheTTLByStatusParameters struct { - // +kubebuilder:validation:Required + // A HTTP code (e.g. 404) or range of codes (e.g. 400-499) + // +kubebuilder:validation:Optional Codes *string `json:"codes" tf:"codes,omitempty"` - // +kubebuilder:validation:Required + // Duration a resource lives in the Cloudflare cache. + // +kubebuilder:validation:Optional TTL *float64 `json:"ttl" tf:"ttl,omitempty"` } +type CookieInitParameters struct { + + // Check for presence of specified cookies, without including their actual values. + // +listType=set + CheckPresence []*string `json:"checkPresence,omitempty" tf:"check_presence,omitempty"` + + // Use values of specified cookies in Cache Key. + // +listType=set + Include []*string `json:"include,omitempty" tf:"include,omitempty"` +} + type CookieObservation struct { + + // Check for presence of specified cookies, without including their actual values. + // +listType=set + CheckPresence []*string `json:"checkPresence,omitempty" tf:"check_presence,omitempty"` + + // Use values of specified cookies in Cache Key. + // +listType=set + Include []*string `json:"include,omitempty" tf:"include,omitempty"` } type CookieParameters struct { + // Check for presence of specified cookies, without including their actual values. // +kubebuilder:validation:Optional + // +listType=set CheckPresence []*string `json:"checkPresence,omitempty" tf:"check_presence,omitempty"` + // Use values of specified cookies in Cache Key. // +kubebuilder:validation:Optional + // +listType=set Include []*string `json:"include,omitempty" tf:"include,omitempty"` } +type ForwardingURLInitParameters struct { + + // The status code to use for the redirection. + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + + // The URL to which the page rule should forward. + URL *string `json:"url,omitempty" tf:"url,omitempty"` +} + type ForwardingURLObservation struct { + + // The status code to use for the redirection. + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + + // The URL to which the page rule should forward. + URL *string `json:"url,omitempty" tf:"url,omitempty"` } type ForwardingURLParameters struct { - // +kubebuilder:validation:Required + // The status code to use for the redirection. + // +kubebuilder:validation:Optional StatusCode *float64 `json:"statusCode" tf:"status_code,omitempty"` - // +kubebuilder:validation:Required + // The URL to which the page rule should forward. + // +kubebuilder:validation:Optional URL *string `json:"url" tf:"url,omitempty"` } +type HeaderInitParameters struct { + + // Check for presence of specified cookies, without including their actual values. + // +listType=set + CheckPresence []*string `json:"checkPresence,omitempty" tf:"check_presence,omitempty"` + + // Exclude these HTTP headers from Cache Key. Currently, only the Origin header can be excluded. + // +listType=set + Exclude []*string `json:"exclude,omitempty" tf:"exclude,omitempty"` + + // Use values of specified cookies in Cache Key. + // +listType=set + Include []*string `json:"include,omitempty" tf:"include,omitempty"` +} + type HeaderObservation struct { + + // Check for presence of specified cookies, without including their actual values. + // +listType=set + CheckPresence []*string `json:"checkPresence,omitempty" tf:"check_presence,omitempty"` + + // Exclude these HTTP headers from Cache Key. Currently, only the Origin header can be excluded. + // +listType=set + Exclude []*string `json:"exclude,omitempty" tf:"exclude,omitempty"` + + // Use values of specified cookies in Cache Key. + // +listType=set + Include []*string `json:"include,omitempty" tf:"include,omitempty"` } type HeaderParameters struct { + // Check for presence of specified cookies, without including their actual values. // +kubebuilder:validation:Optional + // +listType=set CheckPresence []*string `json:"checkPresence,omitempty" tf:"check_presence,omitempty"` + // Exclude these HTTP headers from Cache Key. Currently, only the Origin header can be excluded. // +kubebuilder:validation:Optional + // +listType=set Exclude []*string `json:"exclude,omitempty" tf:"exclude,omitempty"` + // Use values of specified cookies in Cache Key. // +kubebuilder:validation:Optional + // +listType=set Include []*string `json:"include,omitempty" tf:"include,omitempty"` } +type HostInitParameters struct { + + // false (default) - includes the Host header in the HTTP request sent to the origin; true - includes the Host header that was resolved to get the origin IP for the request (e.g. changed with Resolve Override Page Rule). + // Defaults to `false`. + Resolved *bool `json:"resolved,omitempty" tf:"resolved,omitempty"` +} + type HostObservation struct { + + // false (default) - includes the Host header in the HTTP request sent to the origin; true - includes the Host header that was resolved to get the origin IP for the request (e.g. changed with Resolve Override Page Rule). + // Defaults to `false`. + Resolved *bool `json:"resolved,omitempty" tf:"resolved,omitempty"` } type HostParameters struct { + // false (default) - includes the Host header in the HTTP request sent to the origin; true - includes the Host header that was resolved to get the origin IP for the request (e.g. changed with Resolve Override Page Rule). // Defaults to `false`. // +kubebuilder:validation:Optional Resolved *bool `json:"resolved,omitempty" tf:"resolved,omitempty"` } +type MinifyInitParameters struct { + + // Whether CSS should be minified. Valid values are "on" or "off". + CSS *string `json:"css,omitempty" tf:"css,omitempty"` + + // Whether HTML should be minified. Valid values are "on" or "off". + HTML *string `json:"html,omitempty" tf:"html,omitempty"` + + // Whether Javascript should be minified. Valid values are "on" or "off". + Js *string `json:"js,omitempty" tf:"js,omitempty"` +} + type MinifyObservation struct { + + // Whether CSS should be minified. Valid values are "on" or "off". + CSS *string `json:"css,omitempty" tf:"css,omitempty"` + + // Whether HTML should be minified. Valid values are "on" or "off". + HTML *string `json:"html,omitempty" tf:"html,omitempty"` + + // Whether Javascript should be minified. Valid values are "on" or "off". + Js *string `json:"js,omitempty" tf:"js,omitempty"` } type MinifyParameters struct { - // +kubebuilder:validation:Required + // Whether CSS should be minified. Valid values are "on" or "off". + // +kubebuilder:validation:Optional CSS *string `json:"css" tf:"css,omitempty"` - // +kubebuilder:validation:Required + // Whether HTML should be minified. Valid values are "on" or "off". + // +kubebuilder:validation:Optional HTML *string `json:"html" tf:"html,omitempty"` - // +kubebuilder:validation:Required + // Whether Javascript should be minified. Valid values are "on" or "off". + // +kubebuilder:validation:Optional Js *string `json:"js" tf:"js,omitempty"` } +type QueryStringInitParameters struct { + + // Exclude these HTTP headers from Cache Key. Currently, only the Origin header can be excluded. + // +listType=set + Exclude []*string `json:"exclude,omitempty" tf:"exclude,omitempty"` + + // false (default) - all query string parameters are used for Cache Key, unless explicitly excluded; true - all query string parameters are ignored; value should be false if any of exclude or include is non-empty. + Ignore *bool `json:"ignore,omitempty" tf:"ignore,omitempty"` + + // Use values of specified cookies in Cache Key. + // +listType=set + Include []*string `json:"include,omitempty" tf:"include,omitempty"` +} + type QueryStringObservation struct { + + // Exclude these HTTP headers from Cache Key. Currently, only the Origin header can be excluded. + // +listType=set + Exclude []*string `json:"exclude,omitempty" tf:"exclude,omitempty"` + + // false (default) - all query string parameters are used for Cache Key, unless explicitly excluded; true - all query string parameters are ignored; value should be false if any of exclude or include is non-empty. + Ignore *bool `json:"ignore,omitempty" tf:"ignore,omitempty"` + + // Use values of specified cookies in Cache Key. + // +listType=set + Include []*string `json:"include,omitempty" tf:"include,omitempty"` } type QueryStringParameters struct { + // Exclude these HTTP headers from Cache Key. Currently, only the Origin header can be excluded. // +kubebuilder:validation:Optional + // +listType=set Exclude []*string `json:"exclude,omitempty" tf:"exclude,omitempty"` + // false (default) - all query string parameters are used for Cache Key, unless explicitly excluded; true - all query string parameters are ignored; value should be false if any of exclude or include is non-empty. // +kubebuilder:validation:Optional Ignore *bool `json:"ignore,omitempty" tf:"ignore,omitempty"` + // Use values of specified cookies in Cache Key. // +kubebuilder:validation:Optional + // +listType=set Include []*string `json:"include,omitempty" tf:"include,omitempty"` } +type RuleInitParameters struct { + + // The actions taken by the page rule, options given below. + Actions []ActionsInitParameters `json:"actions,omitempty" tf:"actions,omitempty"` + + // The priority of the page rule among others for this target, the higher the number the higher the priority as per API documentation. + // Defaults to `1`. + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // Whether the page rule is active or disabled. + // Defaults to `active`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` + + // The URL pattern to target with the page rule. + Target *string `json:"target,omitempty" tf:"target,omitempty"` + + // The DNS zone ID to which the page rule should be added. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type RuleObservation struct { + + // The actions taken by the page rule, options given below. + Actions []ActionsObservation `json:"actions,omitempty" tf:"actions,omitempty"` + + // The page rule ID. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // The priority of the page rule among others for this target, the higher the number the higher the priority as per API documentation. + // Defaults to `1`. + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // Whether the page rule is active or disabled. + // Defaults to `active`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` + + // The URL pattern to target with the page rule. + Target *string `json:"target,omitempty" tf:"target,omitempty"` + + // The DNS zone ID to which the page rule should be added. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type RuleParameters struct { - // +kubebuilder:validation:Required - Actions []ActionsParameters `json:"actions" tf:"actions,omitempty"` + // The actions taken by the page rule, options given below. + // +kubebuilder:validation:Optional + Actions []ActionsParameters `json:"actions,omitempty" tf:"actions,omitempty"` + // The priority of the page rule among others for this target, the higher the number the higher the priority as per API documentation. // Defaults to `1`. // +kubebuilder:validation:Optional Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + // Whether the page rule is active or disabled. // Defaults to `active`. // +kubebuilder:validation:Optional Status *string `json:"status,omitempty" tf:"status,omitempty"` - // +kubebuilder:validation:Required - Target *string `json:"target" tf:"target,omitempty"` + // The URL pattern to target with the page rule. + // +kubebuilder:validation:Optional + Target *string `json:"target,omitempty" tf:"target,omitempty"` + // The DNS zone ID to which the page rule should be added. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -282,17 +809,41 @@ type RuleParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type UserInitParameters struct { + + // true - classifies a request as “mobile”, “desktop”, or “tablet” based on the User Agent; defaults to false. + DeviceType *bool `json:"deviceType,omitempty" tf:"device_type,omitempty"` + + // true - includes the client’s country, derived from the IP address; defaults to false. + Geo *bool `json:"geo,omitempty" tf:"geo,omitempty"` + + // true - includes the first language code contained in the Accept-Language header sent by the client; defaults to false. + Lang *bool `json:"lang,omitempty" tf:"lang,omitempty"` +} + type UserObservation struct { + + // true - classifies a request as “mobile”, “desktop”, or “tablet” based on the User Agent; defaults to false. + DeviceType *bool `json:"deviceType,omitempty" tf:"device_type,omitempty"` + + // true - includes the client’s country, derived from the IP address; defaults to false. + Geo *bool `json:"geo,omitempty" tf:"geo,omitempty"` + + // true - includes the first language code contained in the Accept-Language header sent by the client; defaults to false. + Lang *bool `json:"lang,omitempty" tf:"lang,omitempty"` } type UserParameters struct { + // true - classifies a request as “mobile”, “desktop”, or “tablet” based on the User Agent; defaults to false. // +kubebuilder:validation:Optional DeviceType *bool `json:"deviceType,omitempty" tf:"device_type,omitempty"` + // true - includes the client’s country, derived from the IP address; defaults to false. // +kubebuilder:validation:Optional Geo *bool `json:"geo,omitempty" tf:"geo,omitempty"` + // true - includes the first language code contained in the Accept-Language header sent by the client; defaults to false. // +kubebuilder:validation:Optional Lang *bool `json:"lang,omitempty" tf:"lang,omitempty"` } @@ -301,6 +852,17 @@ type UserParameters struct { type RuleSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RuleParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RuleInitParameters `json:"initProvider,omitempty"` } // RuleStatus defines the observed state of Rule. @@ -310,19 +872,22 @@ type RuleStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Rule is the Schema for the Rules API. +// Rule is the Schema for the Rules API. Provides a Cloudflare page rule resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Rule struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RuleSpec `json:"spec"` - Status RuleStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.actions) || (has(self.initProvider) && has(self.initProvider.actions))",message="spec.forProvider.actions is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.target) || (has(self.initProvider) && has(self.initProvider.target))",message="spec.forProvider.target is a required parameter" + Spec RuleSpec `json:"spec"` + Status RuleStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/pages/v1alpha1/zz_domain_terraformed.go b/apis/pages/v1alpha1/zz_domain_terraformed.go new file mode 100755 index 0000000..234f685 --- /dev/null +++ b/apis/pages/v1alpha1/zz_domain_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Domain +func (mg *Domain) GetTerraformResourceType() string { + return "cloudflare_pages_domain" +} + +// GetConnectionDetailsMapping for this Domain +func (tr *Domain) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Domain +func (tr *Domain) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Domain +func (tr *Domain) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Domain +func (tr *Domain) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Domain +func (tr *Domain) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Domain +func (tr *Domain) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Domain +func (tr *Domain) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Domain +func (tr *Domain) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Domain using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Domain) LateInitialize(attrs []byte) (bool, error) { + params := &DomainParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Domain) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/pages/v1alpha1/zz_domain_types.go b/apis/pages/v1alpha1/zz_domain_types.go index f6149d6..1f91d61 100755 --- a/apis/pages/v1alpha1/zz_domain_types.go +++ b/apis/pages/v1alpha1/zz_domain_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,15 +17,64 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type DomainInitParameters struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) Custom domain. Modifying this attribute will force creation of a new resource. + // Custom domain. **Modifying this attribute will force creation of a new resource.** + Domain *string `json:"domain,omitempty" tf:"domain,omitempty"` + + // (String) Name of the Pages Project. Modifying this attribute will force creation of a new resource. + // Name of the Pages Project. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=Project + ProjectName *string `json:"projectName,omitempty" tf:"project_name,omitempty"` + + // Reference to a Project to populate projectName. + // +kubebuilder:validation:Optional + ProjectNameRef *v1.Reference `json:"projectNameRef,omitempty" tf:"-"` + + // Selector for a Project to populate projectName. + // +kubebuilder:validation:Optional + ProjectNameSelector *v1.Selector `json:"projectNameSelector,omitempty" tf:"-"` +} + type DomainObservation struct { + + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) Custom domain. Modifying this attribute will force creation of a new resource. + // Custom domain. **Modifying this attribute will force creation of a new resource.** + Domain *string `json:"domain,omitempty" tf:"domain,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (String) Name of the Pages Project. Modifying this attribute will force creation of a new resource. + // Name of the Pages Project. **Modifying this attribute will force creation of a new resource.** + ProjectName *string `json:"projectName,omitempty" tf:"project_name,omitempty"` + + // (String) Status of the custom domain. // Status of the custom domain. Status *string `json:"status,omitempty" tf:"status,omitempty"` } type DomainParameters struct { + // (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -35,10 +88,12 @@ type DomainParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) Custom domain. Modifying this attribute will force creation of a new resource. // Custom domain. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Domain *string `json:"domain" tf:"domain,omitempty"` + // +kubebuilder:validation:Optional + Domain *string `json:"domain,omitempty" tf:"domain,omitempty"` + // (String) Name of the Pages Project. Modifying this attribute will force creation of a new resource. // Name of the Pages Project. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=Project // +kubebuilder:validation:Optional @@ -57,6 +112,17 @@ type DomainParameters struct { type DomainSpec struct { v1.ResourceSpec `json:",inline"` ForProvider DomainParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider DomainInitParameters `json:"initProvider,omitempty"` } // DomainStatus defines the observed state of Domain. @@ -66,19 +132,21 @@ type DomainStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Domain is the Schema for the Domains API. +// Domain is the Schema for the Domains API. Provides a resource for managing Cloudflare Pages domains. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Domain struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec DomainSpec `json:"spec"` - Status DomainStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.domain) || (has(self.initProvider) && has(self.initProvider.domain))",message="spec.forProvider.domain is a required parameter" + Spec DomainSpec `json:"spec"` + Status DomainStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/pages/v1alpha1/zz_generated.conversion_hubs.go b/apis/pages/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..3e64243 --- /dev/null +++ b/apis/pages/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,17 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Domain) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Project) Hub() {} diff --git a/apis/pages/v1alpha1/zz_generated.deepcopy.go b/apis/pages/v1alpha1/zz_generated.deepcopy.go index 3f577a5..2b6c6e3 100644 --- a/apis/pages/v1alpha1/zz_generated.deepcopy.go +++ b/apis/pages/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -14,9 +13,74 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BuildConfigInitParameters) DeepCopyInto(out *BuildConfigInitParameters) { + *out = *in + if in.BuildCommand != nil { + in, out := &in.BuildCommand, &out.BuildCommand + *out = new(string) + **out = **in + } + if in.DestinationDir != nil { + in, out := &in.DestinationDir, &out.DestinationDir + *out = new(string) + **out = **in + } + if in.RootDir != nil { + in, out := &in.RootDir, &out.RootDir + *out = new(string) + **out = **in + } + if in.WebAnalyticsTag != nil { + in, out := &in.WebAnalyticsTag, &out.WebAnalyticsTag + *out = new(string) + **out = **in + } + if in.WebAnalyticsToken != nil { + in, out := &in.WebAnalyticsToken, &out.WebAnalyticsToken + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BuildConfigInitParameters. +func (in *BuildConfigInitParameters) DeepCopy() *BuildConfigInitParameters { + if in == nil { + return nil + } + out := new(BuildConfigInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BuildConfigObservation) DeepCopyInto(out *BuildConfigObservation) { *out = *in + if in.BuildCommand != nil { + in, out := &in.BuildCommand, &out.BuildCommand + *out = new(string) + **out = **in + } + if in.DestinationDir != nil { + in, out := &in.DestinationDir, &out.DestinationDir + *out = new(string) + **out = **in + } + if in.RootDir != nil { + in, out := &in.RootDir, &out.RootDir + *out = new(string) + **out = **in + } + if in.WebAnalyticsTag != nil { + in, out := &in.WebAnalyticsTag, &out.WebAnalyticsTag + *out = new(string) + **out = **in + } + if in.WebAnalyticsToken != nil { + in, out := &in.WebAnalyticsToken, &out.WebAnalyticsToken + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BuildConfigObservation. @@ -69,9 +133,138 @@ func (in *BuildConfigParameters) DeepCopy() *BuildConfigParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConfigInitParameters) DeepCopyInto(out *ConfigInitParameters) { + *out = *in + if in.DeploymentsEnabled != nil { + in, out := &in.DeploymentsEnabled, &out.DeploymentsEnabled + *out = new(bool) + **out = **in + } + if in.Owner != nil { + in, out := &in.Owner, &out.Owner + *out = new(string) + **out = **in + } + if in.PrCommentsEnabled != nil { + in, out := &in.PrCommentsEnabled, &out.PrCommentsEnabled + *out = new(bool) + **out = **in + } + if in.PreviewBranchExcludes != nil { + in, out := &in.PreviewBranchExcludes, &out.PreviewBranchExcludes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PreviewBranchIncludes != nil { + in, out := &in.PreviewBranchIncludes, &out.PreviewBranchIncludes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PreviewDeploymentSetting != nil { + in, out := &in.PreviewDeploymentSetting, &out.PreviewDeploymentSetting + *out = new(string) + **out = **in + } + if in.ProductionBranch != nil { + in, out := &in.ProductionBranch, &out.ProductionBranch + *out = new(string) + **out = **in + } + if in.ProductionDeploymentEnabled != nil { + in, out := &in.ProductionDeploymentEnabled, &out.ProductionDeploymentEnabled + *out = new(bool) + **out = **in + } + if in.RepoName != nil { + in, out := &in.RepoName, &out.RepoName + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigInitParameters. +func (in *ConfigInitParameters) DeepCopy() *ConfigInitParameters { + if in == nil { + return nil + } + out := new(ConfigInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ConfigObservation) DeepCopyInto(out *ConfigObservation) { *out = *in + if in.DeploymentsEnabled != nil { + in, out := &in.DeploymentsEnabled, &out.DeploymentsEnabled + *out = new(bool) + **out = **in + } + if in.Owner != nil { + in, out := &in.Owner, &out.Owner + *out = new(string) + **out = **in + } + if in.PrCommentsEnabled != nil { + in, out := &in.PrCommentsEnabled, &out.PrCommentsEnabled + *out = new(bool) + **out = **in + } + if in.PreviewBranchExcludes != nil { + in, out := &in.PreviewBranchExcludes, &out.PreviewBranchExcludes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PreviewBranchIncludes != nil { + in, out := &in.PreviewBranchIncludes, &out.PreviewBranchIncludes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PreviewDeploymentSetting != nil { + in, out := &in.PreviewDeploymentSetting, &out.PreviewDeploymentSetting + *out = new(string) + **out = **in + } + if in.ProductionBranch != nil { + in, out := &in.ProductionBranch, &out.ProductionBranch + *out = new(string) + **out = **in + } + if in.ProductionDeploymentEnabled != nil { + in, out := &in.ProductionDeploymentEnabled, &out.ProductionDeploymentEnabled + *out = new(bool) + **out = **in + } + if in.RepoName != nil { + in, out := &in.RepoName, &out.RepoName + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigObservation. @@ -156,9 +349,52 @@ func (in *ConfigParameters) DeepCopy() *ConfigParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeploymentConfigsInitParameters) DeepCopyInto(out *DeploymentConfigsInitParameters) { + *out = *in + if in.Preview != nil { + in, out := &in.Preview, &out.Preview + *out = make([]PreviewInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Production != nil { + in, out := &in.Production, &out.Production + *out = make([]ProductionInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentConfigsInitParameters. +func (in *DeploymentConfigsInitParameters) DeepCopy() *DeploymentConfigsInitParameters { + if in == nil { + return nil + } + out := new(DeploymentConfigsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DeploymentConfigsObservation) DeepCopyInto(out *DeploymentConfigsObservation) { *out = *in + if in.Preview != nil { + in, out := &in.Preview, &out.Preview + *out = make([]PreviewObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Production != nil { + in, out := &in.Production, &out.Production + *out = make([]ProductionObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentConfigsObservation. @@ -228,45 +464,110 @@ func (in *Domain) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DomainList) DeepCopyInto(out *DomainList) { +func (in *DomainInitParameters) DeepCopyInto(out *DomainInitParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Domain, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainList. -func (in *DomainList) DeepCopy() *DomainList { - if in == nil { - return nil + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in } - out := new(DomainList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *DomainList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) } - return nil -} + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Domain != nil { + in, out := &in.Domain, &out.Domain + *out = new(string) + **out = **in + } + if in.ProjectName != nil { + in, out := &in.ProjectName, &out.ProjectName + *out = new(string) + **out = **in + } + if in.ProjectNameRef != nil { + in, out := &in.ProjectNameRef, &out.ProjectNameRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ProjectNameSelector != nil { + in, out := &in.ProjectNameSelector, &out.ProjectNameSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainInitParameters. +func (in *DomainInitParameters) DeepCopy() *DomainInitParameters { + if in == nil { + return nil + } + out := new(DomainInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainList) DeepCopyInto(out *DomainList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Domain, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainList. +func (in *DomainList) DeepCopy() *DomainList { + if in == nil { + return nil + } + out := new(DomainList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *DomainList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DomainObservation) DeepCopyInto(out *DomainObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Domain != nil { + in, out := &in.Domain, &out.Domain + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.ProjectName != nil { + in, out := &in.ProjectName, &out.ProjectName + *out = new(string) + **out = **in + } if in.Status != nil { in, out := &in.Status, &out.Status *out = new(string) @@ -339,6 +640,7 @@ func (in *DomainSpec) DeepCopyInto(out *DomainSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainSpec. @@ -346,45 +648,363 @@ func (in *DomainSpec) DeepCopy() *DomainSpec { if in == nil { return nil } - out := new(DomainSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DomainStatus) DeepCopyInto(out *DomainStatus) { - *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainStatus. -func (in *DomainStatus) DeepCopy() *DomainStatus { - if in == nil { - return nil + out := new(DomainSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainStatus) DeepCopyInto(out *DomainStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainStatus. +func (in *DomainStatus) DeepCopy() *DomainStatus { + if in == nil { + return nil + } + out := new(DomainStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PreviewInitParameters) DeepCopyInto(out *PreviewInitParameters) { + *out = *in + if in.CompatibilityDate != nil { + in, out := &in.CompatibilityDate, &out.CompatibilityDate + *out = new(string) + **out = **in + } + if in.CompatibilityFlags != nil { + in, out := &in.CompatibilityFlags, &out.CompatibilityFlags + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.D1Databases != nil { + in, out := &in.D1Databases, &out.D1Databases + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.DurableObjectNamespaces != nil { + in, out := &in.DurableObjectNamespaces, &out.DurableObjectNamespaces + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.EnvironmentVariables != nil { + in, out := &in.EnvironmentVariables, &out.EnvironmentVariables + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.KvNamespaces != nil { + in, out := &in.KvNamespaces, &out.KvNamespaces + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.R2Buckets != nil { + in, out := &in.R2Buckets, &out.R2Buckets + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PreviewInitParameters. +func (in *PreviewInitParameters) DeepCopy() *PreviewInitParameters { + if in == nil { + return nil + } + out := new(PreviewInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PreviewObservation) DeepCopyInto(out *PreviewObservation) { + *out = *in + if in.CompatibilityDate != nil { + in, out := &in.CompatibilityDate, &out.CompatibilityDate + *out = new(string) + **out = **in + } + if in.CompatibilityFlags != nil { + in, out := &in.CompatibilityFlags, &out.CompatibilityFlags + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.D1Databases != nil { + in, out := &in.D1Databases, &out.D1Databases + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.DurableObjectNamespaces != nil { + in, out := &in.DurableObjectNamespaces, &out.DurableObjectNamespaces + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.EnvironmentVariables != nil { + in, out := &in.EnvironmentVariables, &out.EnvironmentVariables + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.KvNamespaces != nil { + in, out := &in.KvNamespaces, &out.KvNamespaces + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.R2Buckets != nil { + in, out := &in.R2Buckets, &out.R2Buckets + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PreviewObservation. +func (in *PreviewObservation) DeepCopy() *PreviewObservation { + if in == nil { + return nil + } + out := new(PreviewObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PreviewParameters) DeepCopyInto(out *PreviewParameters) { + *out = *in + if in.CompatibilityDate != nil { + in, out := &in.CompatibilityDate, &out.CompatibilityDate + *out = new(string) + **out = **in + } + if in.CompatibilityFlags != nil { + in, out := &in.CompatibilityFlags, &out.CompatibilityFlags + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.D1Databases != nil { + in, out := &in.D1Databases, &out.D1Databases + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.DurableObjectNamespaces != nil { + in, out := &in.DurableObjectNamespaces, &out.DurableObjectNamespaces + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.EnvironmentVariables != nil { + in, out := &in.EnvironmentVariables, &out.EnvironmentVariables + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.KvNamespaces != nil { + in, out := &in.KvNamespaces, &out.KvNamespaces + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.R2Buckets != nil { + in, out := &in.R2Buckets, &out.R2Buckets + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } } - out := new(DomainStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PreviewObservation) DeepCopyInto(out *PreviewObservation) { - *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PreviewObservation. -func (in *PreviewObservation) DeepCopy() *PreviewObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PreviewParameters. +func (in *PreviewParameters) DeepCopy() *PreviewParameters { if in == nil { return nil } - out := new(PreviewObservation) + out := new(PreviewParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PreviewParameters) DeepCopyInto(out *PreviewParameters) { +func (in *ProductionInitParameters) DeepCopyInto(out *ProductionInitParameters) { *out = *in if in.CompatibilityDate != nil { in, out := &in.CompatibilityDate, &out.CompatibilityDate @@ -410,7 +1030,8 @@ func (in *PreviewParameters) DeepCopyInto(out *PreviewParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -425,7 +1046,8 @@ func (in *PreviewParameters) DeepCopyInto(out *PreviewParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -440,7 +1062,8 @@ func (in *PreviewParameters) DeepCopyInto(out *PreviewParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -455,7 +1078,8 @@ func (in *PreviewParameters) DeepCopyInto(out *PreviewParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -470,7 +1094,8 @@ func (in *PreviewParameters) DeepCopyInto(out *PreviewParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -479,12 +1104,12 @@ func (in *PreviewParameters) DeepCopyInto(out *PreviewParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PreviewParameters. -func (in *PreviewParameters) DeepCopy() *PreviewParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProductionInitParameters. +func (in *ProductionInitParameters) DeepCopy() *ProductionInitParameters { if in == nil { return nil } - out := new(PreviewParameters) + out := new(ProductionInitParameters) in.DeepCopyInto(out) return out } @@ -492,6 +1117,102 @@ func (in *PreviewParameters) DeepCopy() *PreviewParameters { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProductionObservation) DeepCopyInto(out *ProductionObservation) { *out = *in + if in.CompatibilityDate != nil { + in, out := &in.CompatibilityDate, &out.CompatibilityDate + *out = new(string) + **out = **in + } + if in.CompatibilityFlags != nil { + in, out := &in.CompatibilityFlags, &out.CompatibilityFlags + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.D1Databases != nil { + in, out := &in.D1Databases, &out.D1Databases + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.DurableObjectNamespaces != nil { + in, out := &in.DurableObjectNamespaces, &out.DurableObjectNamespaces + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.EnvironmentVariables != nil { + in, out := &in.EnvironmentVariables, &out.EnvironmentVariables + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.KvNamespaces != nil { + in, out := &in.KvNamespaces, &out.KvNamespaces + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.R2Buckets != nil { + in, out := &in.R2Buckets, &out.R2Buckets + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProductionObservation. @@ -531,7 +1252,8 @@ func (in *ProductionParameters) DeepCopyInto(out *ProductionParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -546,7 +1268,8 @@ func (in *ProductionParameters) DeepCopyInto(out *ProductionParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -561,7 +1284,8 @@ func (in *ProductionParameters) DeepCopyInto(out *ProductionParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -576,7 +1300,8 @@ func (in *ProductionParameters) DeepCopyInto(out *ProductionParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -591,7 +1316,8 @@ func (in *ProductionParameters) DeepCopyInto(out *ProductionParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -637,6 +1363,67 @@ func (in *Project) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ProjectInitParameters) DeepCopyInto(out *ProjectInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.BuildConfig != nil { + in, out := &in.BuildConfig, &out.BuildConfig + *out = make([]BuildConfigInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DeploymentConfigs != nil { + in, out := &in.DeploymentConfigs, &out.DeploymentConfigs + *out = make([]DeploymentConfigsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ProductionBranch != nil { + in, out := &in.ProductionBranch, &out.ProductionBranch + *out = new(string) + **out = **in + } + if in.Source != nil { + in, out := &in.Source, &out.Source + *out = make([]SourceInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectInitParameters. +func (in *ProjectInitParameters) DeepCopy() *ProjectInitParameters { + if in == nil { + return nil + } + out := new(ProjectInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProjectList) DeepCopyInto(out *ProjectList) { *out = *in @@ -672,11 +1459,30 @@ func (in *ProjectList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProjectObservation) DeepCopyInto(out *ProjectObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.BuildConfig != nil { + in, out := &in.BuildConfig, &out.BuildConfig + *out = make([]BuildConfigObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.CreatedOn != nil { in, out := &in.CreatedOn, &out.CreatedOn *out = new(string) **out = **in } + if in.DeploymentConfigs != nil { + in, out := &in.DeploymentConfigs, &out.DeploymentConfigs + *out = make([]DeploymentConfigsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Domains != nil { in, out := &in.Domains, &out.Domains *out = make([]*string, len(*in)) @@ -693,6 +1499,23 @@ func (in *ProjectObservation) DeepCopyInto(out *ProjectObservation) { *out = new(string) **out = **in } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.ProductionBranch != nil { + in, out := &in.ProductionBranch, &out.ProductionBranch + *out = new(string) + **out = **in + } + if in.Source != nil { + in, out := &in.Source, &out.Source + *out = make([]SourceObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Subdomain != nil { in, out := &in.Subdomain, &out.Subdomain *out = new(string) @@ -776,6 +1599,7 @@ func (in *ProjectSpec) DeepCopyInto(out *ProjectSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectSpec. @@ -805,9 +1629,48 @@ func (in *ProjectStatus) DeepCopy() *ProjectStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SourceInitParameters) DeepCopyInto(out *SourceInitParameters) { + *out = *in + if in.Config != nil { + in, out := &in.Config, &out.Config + *out = make([]ConfigInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SourceInitParameters. +func (in *SourceInitParameters) DeepCopy() *SourceInitParameters { + if in == nil { + return nil + } + out := new(SourceInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SourceObservation) DeepCopyInto(out *SourceObservation) { *out = *in + if in.Config != nil { + in, out := &in.Config, &out.Config + *out = make([]ConfigObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SourceObservation. diff --git a/apis/pages/v1alpha1/zz_generated.managed.go b/apis/pages/v1alpha1/zz_generated.managed.go index aa7c73f..283aa87 100644 --- a/apis/pages/v1alpha1/zz_generated.managed.go +++ b/apis/pages/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Domain) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Domain. +func (mg *Domain) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Domain. func (mg *Domain) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Domain. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Domain) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Domain. func (mg *Domain) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Domain) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Domain. +func (mg *Domain) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Domain. func (mg *Domain) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Domain. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Domain) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Domain. func (mg *Domain) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *Project) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Project. +func (mg *Project) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Project. func (mg *Project) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Project. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Project) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Project. func (mg *Project) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *Project) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Project. +func (mg *Project) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Project. func (mg *Project) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Project. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Project) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Project. func (mg *Project) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/pages/v1alpha1/zz_generated.resolvers.go b/apis/pages/v1alpha1/zz_generated.resolvers.go index 92091db..8118a30 100644 --- a/apis/pages/v1alpha1/zz_generated.resolvers.go +++ b/apis/pages/v1alpha1/zz_generated.resolvers.go @@ -52,6 +52,38 @@ func (mg *Domain) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.ProjectName = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ProjectNameRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ProjectName), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ProjectNameRef, + Selector: mg.Spec.InitProvider.ProjectNameSelector, + To: reference.To{ + List: &ProjectList{}, + Managed: &Project{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ProjectName") + } + mg.Spec.InitProvider.ProjectName = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ProjectNameRef = rsp.ResolvedReference + return nil } @@ -78,5 +110,21 @@ func (mg *Project) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/pages/v1alpha1/zz_groupversion_info.go b/apis/pages/v1alpha1/zz_groupversion_info.go index 8eb864f..e67434b 100755 --- a/apis/pages/v1alpha1/zz_groupversion_info.go +++ b/apis/pages/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/pages/v1alpha1/zz_generated_terraformed.go b/apis/pages/v1alpha1/zz_project_terraformed.go similarity index 54% rename from apis/pages/v1alpha1/zz_generated_terraformed.go rename to apis/pages/v1alpha1/zz_project_terraformed.go index 17989df..5d03114 100755 --- a/apis/pages/v1alpha1/zz_generated_terraformed.go +++ b/apis/pages/v1alpha1/zz_project_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,24 +11,25 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) -// GetTerraformResourceType returns Terraform resource type for this Domain -func (mg *Domain) GetTerraformResourceType() string { - return "cloudflare_pages_domain" +// GetTerraformResourceType returns Terraform resource type for this Project +func (mg *Project) GetTerraformResourceType() string { + return "cloudflare_pages_project" } -// GetConnectionDetailsMapping for this Domain -func (tr *Domain) GetConnectionDetailsMapping() map[string]string { +// GetConnectionDetailsMapping for this Project +func (tr *Project) GetConnectionDetailsMapping() map[string]string { return nil } -// GetObservation of this Domain -func (tr *Domain) GetObservation() (map[string]any, error) { +// GetObservation of this Project +func (tr *Project) GetObservation() (map[string]any, error) { o, err := json.TFParser.Marshal(tr.Status.AtProvider) if err != nil { return nil, err @@ -33,8 +38,8 @@ func (tr *Domain) GetObservation() (map[string]any, error) { return base, json.TFParser.Unmarshal(o, &base) } -// SetObservation for this Domain -func (tr *Domain) SetObservation(obs map[string]any) error { +// SetObservation for this Project +func (tr *Project) SetObservation(obs map[string]any) error { p, err := json.TFParser.Marshal(obs) if err != nil { return err @@ -42,16 +47,16 @@ func (tr *Domain) SetObservation(obs map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) } -// GetID returns ID of underlying Terraform resource of this Domain -func (tr *Domain) GetID() string { +// GetID returns ID of underlying Terraform resource of this Project +func (tr *Project) GetID() string { if tr.Status.AtProvider.ID == nil { return "" } return *tr.Status.AtProvider.ID } -// GetParameters of this Domain -func (tr *Domain) GetParameters() (map[string]any, error) { +// GetParameters of this Project +func (tr *Project) GetParameters() (map[string]any, error) { p, err := json.TFParser.Marshal(tr.Spec.ForProvider) if err != nil { return nil, err @@ -60,8 +65,8 @@ func (tr *Domain) GetParameters() (map[string]any, error) { return base, json.TFParser.Unmarshal(p, &base) } -// SetParameters for this Domain -func (tr *Domain) SetParameters(params map[string]any) error { +// SetParameters for this Project +func (tr *Project) SetParameters(params map[string]any) error { p, err := json.TFParser.Marshal(params) if err != nil { return err @@ -69,78 +74,44 @@ func (tr *Domain) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } -// LateInitialize this Domain using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Domain) LateInitialize(attrs []byte) (bool, error) { - params := &DomainParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Domain) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Project -func (mg *Project) GetTerraformResourceType() string { - return "cloudflare_pages_project" -} - -// GetConnectionDetailsMapping for this Project -func (tr *Project) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Project -func (tr *Project) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) +// GetInitParameters of this Project +func (tr *Project) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) if err != nil { return nil, err } base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) + return base, json.TFParser.Unmarshal(p, &base) } -// SetObservation for this Project -func (tr *Project) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) +// GetInitParameters of this Project +func (tr *Project) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() if err != nil { - return err + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Project -func (tr *Project) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" + if !shouldMergeInitProvider { + return params, nil } - return *tr.Status.AtProvider.ID -} -// GetParameters of this Project -func (tr *Project) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + initParams, err := tr.GetInitParameters() if err != nil { - return nil, err + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} -// SetParameters for this Project -func (tr *Project) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) if err != nil { - return err + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) + + return params, nil } // LateInitialize this Project using its observed tfState. diff --git a/apis/pages/v1alpha1/zz_project_types.go b/apis/pages/v1alpha1/zz_project_types.go index 7abc325..5ffc6ef 100755 --- a/apis/pages/v1alpha1/zz_project_types.go +++ b/apis/pages/v1alpha1/zz_project_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,172 +17,552 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type BuildConfigInitParameters struct { + + // (String) Command used to build project. + // Command used to build project. + BuildCommand *string `json:"buildCommand,omitempty" tf:"build_command,omitempty"` + + // (String) Output directory of the build. + // Output directory of the build. + DestinationDir *string `json:"destinationDir,omitempty" tf:"destination_dir,omitempty"` + + // (String) Directory to run the command. + // Directory to run the command. + RootDir *string `json:"rootDir,omitempty" tf:"root_dir,omitempty"` + + // (String) The classifying tag for analytics. + // The classifying tag for analytics. + WebAnalyticsTag *string `json:"webAnalyticsTag,omitempty" tf:"web_analytics_tag,omitempty"` + + // (String) The auth token for analytics. + // The auth token for analytics. + WebAnalyticsToken *string `json:"webAnalyticsToken,omitempty" tf:"web_analytics_token,omitempty"` +} + type BuildConfigObservation struct { + + // (String) Command used to build project. + // Command used to build project. + BuildCommand *string `json:"buildCommand,omitempty" tf:"build_command,omitempty"` + + // (String) Output directory of the build. + // Output directory of the build. + DestinationDir *string `json:"destinationDir,omitempty" tf:"destination_dir,omitempty"` + + // (String) Directory to run the command. + // Directory to run the command. + RootDir *string `json:"rootDir,omitempty" tf:"root_dir,omitempty"` + + // (String) The classifying tag for analytics. + // The classifying tag for analytics. + WebAnalyticsTag *string `json:"webAnalyticsTag,omitempty" tf:"web_analytics_tag,omitempty"` + + // (String) The auth token for analytics. + // The auth token for analytics. + WebAnalyticsToken *string `json:"webAnalyticsToken,omitempty" tf:"web_analytics_token,omitempty"` } type BuildConfigParameters struct { + // (String) Command used to build project. // Command used to build project. // +kubebuilder:validation:Optional BuildCommand *string `json:"buildCommand,omitempty" tf:"build_command,omitempty"` + // (String) Output directory of the build. // Output directory of the build. // +kubebuilder:validation:Optional DestinationDir *string `json:"destinationDir,omitempty" tf:"destination_dir,omitempty"` + // (String) Directory to run the command. // Directory to run the command. // +kubebuilder:validation:Optional RootDir *string `json:"rootDir,omitempty" tf:"root_dir,omitempty"` + // (String) The classifying tag for analytics. // The classifying tag for analytics. // +kubebuilder:validation:Optional WebAnalyticsTag *string `json:"webAnalyticsTag,omitempty" tf:"web_analytics_tag,omitempty"` + // (String) The auth token for analytics. // The auth token for analytics. // +kubebuilder:validation:Optional WebAnalyticsToken *string `json:"webAnalyticsToken,omitempty" tf:"web_analytics_token,omitempty"` } +type ConfigInitParameters struct { + + // (Boolean) Toggle deployments on this repo. Defaults to true. + // Toggle deployments on this repo. Defaults to `true`. + DeploymentsEnabled *bool `json:"deploymentsEnabled,omitempty" tf:"deployments_enabled,omitempty"` + + // (String) Project owner username. + // Project owner username. + Owner *string `json:"owner,omitempty" tf:"owner,omitempty"` + + // (Boolean) Enable Pages to comment on Pull Requests. Defaults to true. + // Enable Pages to comment on Pull Requests. Defaults to `true`. + PrCommentsEnabled *bool `json:"prCommentsEnabled,omitempty" tf:"pr_comments_enabled,omitempty"` + + // (List of String) Branches will be excluded from automatic deployment. + // Branches will be excluded from automatic deployment. + PreviewBranchExcludes []*string `json:"previewBranchExcludes,omitempty" tf:"preview_branch_excludes,omitempty"` + + // (List of String) Branches will be included for automatic deployment. + // Branches will be included for automatic deployment. + PreviewBranchIncludes []*string `json:"previewBranchIncludes,omitempty" tf:"preview_branch_includes,omitempty"` + + // (String) Preview Deployment Setting. Defaults to all. + // Preview Deployment Setting. Defaults to `all`. + PreviewDeploymentSetting *string `json:"previewDeploymentSetting,omitempty" tf:"preview_deployment_setting,omitempty"` + + // (String) The name of the branch that is used for the production environment. + // Project production branch name. + ProductionBranch *string `json:"productionBranch,omitempty" tf:"production_branch,omitempty"` + + // (Boolean) Enable production deployments. Defaults to true. + // Enable production deployments. Defaults to `true`. + ProductionDeploymentEnabled *bool `json:"productionDeploymentEnabled,omitempty" tf:"production_deployment_enabled,omitempty"` + + // (String) Project repository name. + // Project repository name. + RepoName *string `json:"repoName,omitempty" tf:"repo_name,omitempty"` +} + type ConfigObservation struct { + + // (Boolean) Toggle deployments on this repo. Defaults to true. + // Toggle deployments on this repo. Defaults to `true`. + DeploymentsEnabled *bool `json:"deploymentsEnabled,omitempty" tf:"deployments_enabled,omitempty"` + + // (String) Project owner username. + // Project owner username. + Owner *string `json:"owner,omitempty" tf:"owner,omitempty"` + + // (Boolean) Enable Pages to comment on Pull Requests. Defaults to true. + // Enable Pages to comment on Pull Requests. Defaults to `true`. + PrCommentsEnabled *bool `json:"prCommentsEnabled,omitempty" tf:"pr_comments_enabled,omitempty"` + + // (List of String) Branches will be excluded from automatic deployment. + // Branches will be excluded from automatic deployment. + PreviewBranchExcludes []*string `json:"previewBranchExcludes,omitempty" tf:"preview_branch_excludes,omitempty"` + + // (List of String) Branches will be included for automatic deployment. + // Branches will be included for automatic deployment. + PreviewBranchIncludes []*string `json:"previewBranchIncludes,omitempty" tf:"preview_branch_includes,omitempty"` + + // (String) Preview Deployment Setting. Defaults to all. + // Preview Deployment Setting. Defaults to `all`. + PreviewDeploymentSetting *string `json:"previewDeploymentSetting,omitempty" tf:"preview_deployment_setting,omitempty"` + + // (String) The name of the branch that is used for the production environment. + // Project production branch name. + ProductionBranch *string `json:"productionBranch,omitempty" tf:"production_branch,omitempty"` + + // (Boolean) Enable production deployments. Defaults to true. + // Enable production deployments. Defaults to `true`. + ProductionDeploymentEnabled *bool `json:"productionDeploymentEnabled,omitempty" tf:"production_deployment_enabled,omitempty"` + + // (String) Project repository name. + // Project repository name. + RepoName *string `json:"repoName,omitempty" tf:"repo_name,omitempty"` } type ConfigParameters struct { + // (Boolean) Toggle deployments on this repo. Defaults to true. // Toggle deployments on this repo. Defaults to `true`. // +kubebuilder:validation:Optional DeploymentsEnabled *bool `json:"deploymentsEnabled,omitempty" tf:"deployments_enabled,omitempty"` + // (String) Project owner username. // Project owner username. // +kubebuilder:validation:Optional Owner *string `json:"owner,omitempty" tf:"owner,omitempty"` + // (Boolean) Enable Pages to comment on Pull Requests. Defaults to true. // Enable Pages to comment on Pull Requests. Defaults to `true`. // +kubebuilder:validation:Optional PrCommentsEnabled *bool `json:"prCommentsEnabled,omitempty" tf:"pr_comments_enabled,omitempty"` + // (List of String) Branches will be excluded from automatic deployment. // Branches will be excluded from automatic deployment. // +kubebuilder:validation:Optional PreviewBranchExcludes []*string `json:"previewBranchExcludes,omitempty" tf:"preview_branch_excludes,omitempty"` + // (List of String) Branches will be included for automatic deployment. // Branches will be included for automatic deployment. // +kubebuilder:validation:Optional PreviewBranchIncludes []*string `json:"previewBranchIncludes,omitempty" tf:"preview_branch_includes,omitempty"` + // (String) Preview Deployment Setting. Defaults to all. // Preview Deployment Setting. Defaults to `all`. // +kubebuilder:validation:Optional PreviewDeploymentSetting *string `json:"previewDeploymentSetting,omitempty" tf:"preview_deployment_setting,omitempty"` + // (String) The name of the branch that is used for the production environment. // Project production branch name. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional ProductionBranch *string `json:"productionBranch" tf:"production_branch,omitempty"` + // (Boolean) Enable production deployments. Defaults to true. // Enable production deployments. Defaults to `true`. // +kubebuilder:validation:Optional ProductionDeploymentEnabled *bool `json:"productionDeploymentEnabled,omitempty" tf:"production_deployment_enabled,omitempty"` + // (String) Project repository name. // Project repository name. // +kubebuilder:validation:Optional RepoName *string `json:"repoName,omitempty" tf:"repo_name,omitempty"` } +type DeploymentConfigsInitParameters struct { + + // (Block List, Max: 1) Configuration for preview deploys. (see below for nested schema) + // Configuration for preview deploys. + Preview []PreviewInitParameters `json:"preview,omitempty" tf:"preview,omitempty"` + + // (Block List, Max: 1) Configuration for production deploys. (see below for nested schema) + // Configuration for production deploys. + Production []ProductionInitParameters `json:"production,omitempty" tf:"production,omitempty"` +} + type DeploymentConfigsObservation struct { + + // (Block List, Max: 1) Configuration for preview deploys. (see below for nested schema) + // Configuration for preview deploys. + Preview []PreviewObservation `json:"preview,omitempty" tf:"preview,omitempty"` + + // (Block List, Max: 1) Configuration for production deploys. (see below for nested schema) + // Configuration for production deploys. + Production []ProductionObservation `json:"production,omitempty" tf:"production,omitempty"` } type DeploymentConfigsParameters struct { + // (Block List, Max: 1) Configuration for preview deploys. (see below for nested schema) // Configuration for preview deploys. // +kubebuilder:validation:Optional Preview []PreviewParameters `json:"preview,omitempty" tf:"preview,omitempty"` + // (Block List, Max: 1) Configuration for production deploys. (see below for nested schema) // Configuration for production deploys. // +kubebuilder:validation:Optional Production []ProductionParameters `json:"production,omitempty" tf:"production,omitempty"` } +type PreviewInitParameters struct { + + // (String) Compatibility date used for Pages Functions. + // Compatibility date used for Pages Functions. + CompatibilityDate *string `json:"compatibilityDate,omitempty" tf:"compatibility_date,omitempty"` + + // (List of String) Compatibility flags used for Pages Functions. + // Compatibility flags used for Pages Functions. + CompatibilityFlags []*string `json:"compatibilityFlags,omitempty" tf:"compatibility_flags,omitempty"` + + // (Map of String) D1 Databases used for Pages Functions. + // D1 Databases used for Pages Functions. + // +mapType=granular + D1Databases map[string]*string `json:"d1Databases,omitempty" tf:"d1_databases,omitempty"` + + // (Map of String) Durable Object namespaces used for Pages Functions. + // Durable Object namespaces used for Pages Functions. + // +mapType=granular + DurableObjectNamespaces map[string]*string `json:"durableObjectNamespaces,omitempty" tf:"durable_object_namespaces,omitempty"` + + // (Map of String) Environment variables for Pages Functions. + // Environment variables for Pages Functions. + // +mapType=granular + EnvironmentVariables map[string]*string `json:"environmentVariables,omitempty" tf:"environment_variables,omitempty"` + + // (Map of String) KV namespaces used for Pages Functions. + // KV namespaces used for Pages Functions. + // +mapType=granular + KvNamespaces map[string]*string `json:"kvNamespaces,omitempty" tf:"kv_namespaces,omitempty"` + + // (Map of String) R2 Buckets used for Pages Functions. + // R2 Buckets used for Pages Functions. + // +mapType=granular + R2Buckets map[string]*string `json:"r2Buckets,omitempty" tf:"r2_buckets,omitempty"` +} + type PreviewObservation struct { + + // (String) Compatibility date used for Pages Functions. + // Compatibility date used for Pages Functions. + CompatibilityDate *string `json:"compatibilityDate,omitempty" tf:"compatibility_date,omitempty"` + + // (List of String) Compatibility flags used for Pages Functions. + // Compatibility flags used for Pages Functions. + CompatibilityFlags []*string `json:"compatibilityFlags,omitempty" tf:"compatibility_flags,omitempty"` + + // (Map of String) D1 Databases used for Pages Functions. + // D1 Databases used for Pages Functions. + // +mapType=granular + D1Databases map[string]*string `json:"d1Databases,omitempty" tf:"d1_databases,omitempty"` + + // (Map of String) Durable Object namespaces used for Pages Functions. + // Durable Object namespaces used for Pages Functions. + // +mapType=granular + DurableObjectNamespaces map[string]*string `json:"durableObjectNamespaces,omitempty" tf:"durable_object_namespaces,omitempty"` + + // (Map of String) Environment variables for Pages Functions. + // Environment variables for Pages Functions. + // +mapType=granular + EnvironmentVariables map[string]*string `json:"environmentVariables,omitempty" tf:"environment_variables,omitempty"` + + // (Map of String) KV namespaces used for Pages Functions. + // KV namespaces used for Pages Functions. + // +mapType=granular + KvNamespaces map[string]*string `json:"kvNamespaces,omitempty" tf:"kv_namespaces,omitempty"` + + // (Map of String) R2 Buckets used for Pages Functions. + // R2 Buckets used for Pages Functions. + // +mapType=granular + R2Buckets map[string]*string `json:"r2Buckets,omitempty" tf:"r2_buckets,omitempty"` } type PreviewParameters struct { + // (String) Compatibility date used for Pages Functions. // Compatibility date used for Pages Functions. // +kubebuilder:validation:Optional CompatibilityDate *string `json:"compatibilityDate,omitempty" tf:"compatibility_date,omitempty"` + // (List of String) Compatibility flags used for Pages Functions. // Compatibility flags used for Pages Functions. // +kubebuilder:validation:Optional CompatibilityFlags []*string `json:"compatibilityFlags,omitempty" tf:"compatibility_flags,omitempty"` + // (Map of String) D1 Databases used for Pages Functions. // D1 Databases used for Pages Functions. // +kubebuilder:validation:Optional + // +mapType=granular D1Databases map[string]*string `json:"d1Databases,omitempty" tf:"d1_databases,omitempty"` + // (Map of String) Durable Object namespaces used for Pages Functions. // Durable Object namespaces used for Pages Functions. // +kubebuilder:validation:Optional + // +mapType=granular DurableObjectNamespaces map[string]*string `json:"durableObjectNamespaces,omitempty" tf:"durable_object_namespaces,omitempty"` + // (Map of String) Environment variables for Pages Functions. // Environment variables for Pages Functions. // +kubebuilder:validation:Optional + // +mapType=granular EnvironmentVariables map[string]*string `json:"environmentVariables,omitempty" tf:"environment_variables,omitempty"` + // (Map of String) KV namespaces used for Pages Functions. // KV namespaces used for Pages Functions. // +kubebuilder:validation:Optional + // +mapType=granular KvNamespaces map[string]*string `json:"kvNamespaces,omitempty" tf:"kv_namespaces,omitempty"` + // (Map of String) R2 Buckets used for Pages Functions. // R2 Buckets used for Pages Functions. // +kubebuilder:validation:Optional + // +mapType=granular + R2Buckets map[string]*string `json:"r2Buckets,omitempty" tf:"r2_buckets,omitempty"` +} + +type ProductionInitParameters struct { + + // (String) Compatibility date used for Pages Functions. + // Compatibility date used for Pages Functions. + CompatibilityDate *string `json:"compatibilityDate,omitempty" tf:"compatibility_date,omitempty"` + + // (List of String) Compatibility flags used for Pages Functions. + // Compatibility flags used for Pages Functions. + CompatibilityFlags []*string `json:"compatibilityFlags,omitempty" tf:"compatibility_flags,omitempty"` + + // (Map of String) D1 Databases used for Pages Functions. + // D1 Databases used for Pages Functions. + // +mapType=granular + D1Databases map[string]*string `json:"d1Databases,omitempty" tf:"d1_databases,omitempty"` + + // (Map of String) Durable Object namespaces used for Pages Functions. + // Durable Object namespaces used for Pages Functions. + // +mapType=granular + DurableObjectNamespaces map[string]*string `json:"durableObjectNamespaces,omitempty" tf:"durable_object_namespaces,omitempty"` + + // (Map of String) Environment variables for Pages Functions. + // Environment variables for Pages Functions. + // +mapType=granular + EnvironmentVariables map[string]*string `json:"environmentVariables,omitempty" tf:"environment_variables,omitempty"` + + // (Map of String) KV namespaces used for Pages Functions. + // KV namespaces used for Pages Functions. + // +mapType=granular + KvNamespaces map[string]*string `json:"kvNamespaces,omitempty" tf:"kv_namespaces,omitempty"` + + // (Map of String) R2 Buckets used for Pages Functions. + // R2 Buckets used for Pages Functions. + // +mapType=granular R2Buckets map[string]*string `json:"r2Buckets,omitempty" tf:"r2_buckets,omitempty"` } type ProductionObservation struct { + + // (String) Compatibility date used for Pages Functions. + // Compatibility date used for Pages Functions. + CompatibilityDate *string `json:"compatibilityDate,omitempty" tf:"compatibility_date,omitempty"` + + // (List of String) Compatibility flags used for Pages Functions. + // Compatibility flags used for Pages Functions. + CompatibilityFlags []*string `json:"compatibilityFlags,omitempty" tf:"compatibility_flags,omitempty"` + + // (Map of String) D1 Databases used for Pages Functions. + // D1 Databases used for Pages Functions. + // +mapType=granular + D1Databases map[string]*string `json:"d1Databases,omitempty" tf:"d1_databases,omitempty"` + + // (Map of String) Durable Object namespaces used for Pages Functions. + // Durable Object namespaces used for Pages Functions. + // +mapType=granular + DurableObjectNamespaces map[string]*string `json:"durableObjectNamespaces,omitempty" tf:"durable_object_namespaces,omitempty"` + + // (Map of String) Environment variables for Pages Functions. + // Environment variables for Pages Functions. + // +mapType=granular + EnvironmentVariables map[string]*string `json:"environmentVariables,omitempty" tf:"environment_variables,omitempty"` + + // (Map of String) KV namespaces used for Pages Functions. + // KV namespaces used for Pages Functions. + // +mapType=granular + KvNamespaces map[string]*string `json:"kvNamespaces,omitempty" tf:"kv_namespaces,omitempty"` + + // (Map of String) R2 Buckets used for Pages Functions. + // R2 Buckets used for Pages Functions. + // +mapType=granular + R2Buckets map[string]*string `json:"r2Buckets,omitempty" tf:"r2_buckets,omitempty"` } type ProductionParameters struct { + // (String) Compatibility date used for Pages Functions. // Compatibility date used for Pages Functions. // +kubebuilder:validation:Optional CompatibilityDate *string `json:"compatibilityDate,omitempty" tf:"compatibility_date,omitempty"` + // (List of String) Compatibility flags used for Pages Functions. // Compatibility flags used for Pages Functions. // +kubebuilder:validation:Optional CompatibilityFlags []*string `json:"compatibilityFlags,omitempty" tf:"compatibility_flags,omitempty"` + // (Map of String) D1 Databases used for Pages Functions. // D1 Databases used for Pages Functions. // +kubebuilder:validation:Optional + // +mapType=granular D1Databases map[string]*string `json:"d1Databases,omitempty" tf:"d1_databases,omitempty"` + // (Map of String) Durable Object namespaces used for Pages Functions. // Durable Object namespaces used for Pages Functions. // +kubebuilder:validation:Optional + // +mapType=granular DurableObjectNamespaces map[string]*string `json:"durableObjectNamespaces,omitempty" tf:"durable_object_namespaces,omitempty"` + // (Map of String) Environment variables for Pages Functions. // Environment variables for Pages Functions. // +kubebuilder:validation:Optional + // +mapType=granular EnvironmentVariables map[string]*string `json:"environmentVariables,omitempty" tf:"environment_variables,omitempty"` + // (Map of String) KV namespaces used for Pages Functions. // KV namespaces used for Pages Functions. // +kubebuilder:validation:Optional + // +mapType=granular KvNamespaces map[string]*string `json:"kvNamespaces,omitempty" tf:"kv_namespaces,omitempty"` + // (Map of String) R2 Buckets used for Pages Functions. // R2 Buckets used for Pages Functions. // +kubebuilder:validation:Optional + // +mapType=granular R2Buckets map[string]*string `json:"r2Buckets,omitempty" tf:"r2_buckets,omitempty"` } +type ProjectInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (Block List, Max: 1) Configuration for the project build process. (see below for nested schema) + // Configuration for the project build process. + BuildConfig []BuildConfigInitParameters `json:"buildConfig,omitempty" tf:"build_config,omitempty"` + + // (Block List, Max: 1) Configuration for deployments in a project. (see below for nested schema) + // Configuration for deployments in a project. + DeploymentConfigs []DeploymentConfigsInitParameters `json:"deploymentConfigs,omitempty" tf:"deployment_configs,omitempty"` + + // (String) Name of the project. + // Name of the project. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The name of the branch that is used for the production environment. + // The name of the branch that is used for the production environment. + ProductionBranch *string `json:"productionBranch,omitempty" tf:"production_branch,omitempty"` + + // (Block List, Max: 1) Configuration for the project source. (see below for nested schema) + // Configuration for the project source. + Source []SourceInitParameters `json:"source,omitempty" tf:"source,omitempty"` +} + type ProjectObservation struct { + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (Block List, Max: 1) Configuration for the project build process. (see below for nested schema) + // Configuration for the project build process. + BuildConfig []BuildConfigObservation `json:"buildConfig,omitempty" tf:"build_config,omitempty"` + + // (String) When the project was created. // When the project was created. CreatedOn *string `json:"createdOn,omitempty" tf:"created_on,omitempty"` + // (Block List, Max: 1) Configuration for deployments in a project. (see below for nested schema) + // Configuration for deployments in a project. + DeploymentConfigs []DeploymentConfigsObservation `json:"deploymentConfigs,omitempty" tf:"deployment_configs,omitempty"` + + // (List of String) A list of associated custom domains for the project. // A list of associated custom domains for the project. Domains []*string `json:"domains,omitempty" tf:"domains,omitempty"` + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (String) Name of the project. + // Name of the project. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The name of the branch that is used for the production environment. + // The name of the branch that is used for the production environment. + ProductionBranch *string `json:"productionBranch,omitempty" tf:"production_branch,omitempty"` + + // (Block List, Max: 1) Configuration for the project source. (see below for nested schema) + // Configuration for the project source. + Source []SourceObservation `json:"source,omitempty" tf:"source,omitempty"` + + // (String) The Cloudflare subdomain associated with the project. // The Cloudflare subdomain associated with the project. Subdomain *string `json:"subdomain,omitempty" tf:"subdomain,omitempty"` } type ProjectParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -192,36 +576,62 @@ type ProjectParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (Block List, Max: 1) Configuration for the project build process. (see below for nested schema) // Configuration for the project build process. // +kubebuilder:validation:Optional BuildConfig []BuildConfigParameters `json:"buildConfig,omitempty" tf:"build_config,omitempty"` + // (Block List, Max: 1) Configuration for deployments in a project. (see below for nested schema) // Configuration for deployments in a project. // +kubebuilder:validation:Optional DeploymentConfigs []DeploymentConfigsParameters `json:"deploymentConfigs,omitempty" tf:"deployment_configs,omitempty"` + // (String) Name of the project. // Name of the project. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) The name of the branch that is used for the production environment. // The name of the branch that is used for the production environment. - // +kubebuilder:validation:Required - ProductionBranch *string `json:"productionBranch" tf:"production_branch,omitempty"` + // +kubebuilder:validation:Optional + ProductionBranch *string `json:"productionBranch,omitempty" tf:"production_branch,omitempty"` + // (Block List, Max: 1) Configuration for the project source. (see below for nested schema) // Configuration for the project source. // +kubebuilder:validation:Optional Source []SourceParameters `json:"source,omitempty" tf:"source,omitempty"` } +type SourceInitParameters struct { + + // (Block List, Max: 1) Configuration for the source of the Cloudflare Pages project. (see below for nested schema) + // Configuration for the source of the Cloudflare Pages project. + Config []ConfigInitParameters `json:"config,omitempty" tf:"config,omitempty"` + + // (String) Project host type. + // Project host type. + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type SourceObservation struct { + + // (Block List, Max: 1) Configuration for the source of the Cloudflare Pages project. (see below for nested schema) + // Configuration for the source of the Cloudflare Pages project. + Config []ConfigObservation `json:"config,omitempty" tf:"config,omitempty"` + + // (String) Project host type. + // Project host type. + Type *string `json:"type,omitempty" tf:"type,omitempty"` } type SourceParameters struct { + // (Block List, Max: 1) Configuration for the source of the Cloudflare Pages project. (see below for nested schema) // Configuration for the source of the Cloudflare Pages project. // +kubebuilder:validation:Optional Config []ConfigParameters `json:"config,omitempty" tf:"config,omitempty"` + // (String) Project host type. // Project host type. // +kubebuilder:validation:Optional Type *string `json:"type,omitempty" tf:"type,omitempty"` @@ -231,6 +641,17 @@ type SourceParameters struct { type ProjectSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ProjectParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ProjectInitParameters `json:"initProvider,omitempty"` } // ProjectStatus defines the observed state of Project. @@ -240,19 +661,22 @@ type ProjectStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Project is the Schema for the Projects API. +// Project is the Schema for the Projects API. Provides a resource which manages Cloudflare Pages projects. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Project struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec ProjectSpec `json:"spec"` - Status ProjectStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.productionBranch) || (has(self.initProvider) && has(self.initProvider.productionBranch))",message="spec.forProvider.productionBranch is a required parameter" + Spec ProjectSpec `json:"spec"` + Status ProjectStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/ruleset/v1alpha1/zz_generated.conversion_hubs.go b/apis/ruleset/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..7df1da5 --- /dev/null +++ b/apis/ruleset/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,14 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Ruleset) Hub() {} diff --git a/apis/ruleset/v1alpha1/zz_generated.deepcopy.go b/apis/ruleset/v1alpha1/zz_generated.deepcopy.go index f9ac541..275c0ce 100644 --- a/apis/ruleset/v1alpha1/zz_generated.deepcopy.go +++ b/apis/ruleset/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -15,29 +14,7 @@ import ( ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActionParametersObservation) DeepCopyInto(out *ActionParametersObservation) { - *out = *in - if in.Overrides != nil { - in, out := &in.Overrides, &out.Overrides - *out = make([]OverridesObservation, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionParametersObservation. -func (in *ActionParametersObservation) DeepCopy() *ActionParametersObservation { - if in == nil { - return nil - } - out := new(ActionParametersObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParameters) { +func (in *ActionParametersInitParameters) DeepCopyInto(out *ActionParametersInitParameters) { *out = *in if in.AutomaticHTTPSRewrites != nil { in, out := &in.AutomaticHTTPSRewrites, &out.AutomaticHTTPSRewrites @@ -46,7 +23,7 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } if in.Autominify != nil { in, out := &in.Autominify, &out.Autominify - *out = make([]AutominifyParameters, len(*in)) + *out = make([]AutominifyInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -58,7 +35,7 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } if in.BrowserTTL != nil { in, out := &in.BrowserTTL, &out.BrowserTTL - *out = make([]BrowserTTLParameters, len(*in)) + *out = make([]BrowserTTLInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -70,7 +47,7 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } if in.CacheKey != nil { in, out := &in.CacheKey, &out.CacheKey - *out = make([]CacheKeyParameters, len(*in)) + *out = make([]CacheKeyInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -113,7 +90,7 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } if in.EdgeTTL != nil { in, out := &in.EdgeTTL, &out.EdgeTTL - *out = make([]EdgeTTLParameters, len(*in)) + *out = make([]EdgeTTLInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -125,21 +102,21 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } if in.FromList != nil { in, out := &in.FromList, &out.FromList - *out = make([]FromListParameters, len(*in)) + *out = make([]FromListInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } if in.FromValue != nil { in, out := &in.FromValue, &out.FromValue - *out = make([]FromValueParameters, len(*in)) + *out = make([]FromValueInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } if in.Headers != nil { in, out := &in.Headers, &out.Headers - *out = make([]HeadersParameters, len(*in)) + *out = make([]HeadersInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -166,7 +143,7 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } if in.MatchedData != nil { in, out := &in.MatchedData, &out.MatchedData - *out = make([]MatchedDataParameters, len(*in)) + *out = make([]MatchedDataInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -183,7 +160,7 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } if in.Origin != nil { in, out := &in.Origin, &out.Origin - *out = make([]OriginParameters, len(*in)) + *out = make([]OriginInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -195,7 +172,7 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } if in.Overrides != nil { in, out := &in.Overrides, &out.Overrides - *out = make([]OverridesParameters, len(*in)) + *out = make([]OverridesInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -245,7 +222,7 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } if in.Response != nil { in, out := &in.Response, &out.Response - *out = make([]ResponseParameters, len(*in)) + *out = make([]ResponseInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -274,7 +251,8 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -309,7 +287,7 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } if in.ServeStale != nil { in, out := &in.ServeStale, &out.ServeStale - *out = make([]ServeStaleParameters, len(*in)) + *out = make([]ServeStaleInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -321,7 +299,7 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } if in.Sni != nil { in, out := &in.Sni, &out.Sni - *out = make([]SniParameters, len(*in)) + *out = make([]SniInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -338,7 +316,7 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } if in.URI != nil { in, out := &in.URI, &out.URI - *out = make([]URIParameters, len(*in)) + *out = make([]URIInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -350,199 +328,1070 @@ func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParamete } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionParametersParameters. -func (in *ActionParametersParameters) DeepCopy() *ActionParametersParameters { - if in == nil { - return nil - } - out := new(ActionParametersParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AutominifyObservation) DeepCopyInto(out *AutominifyObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AutominifyObservation. -func (in *AutominifyObservation) DeepCopy() *AutominifyObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionParametersInitParameters. +func (in *ActionParametersInitParameters) DeepCopy() *ActionParametersInitParameters { if in == nil { return nil } - out := new(AutominifyObservation) + out := new(ActionParametersInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AutominifyParameters) DeepCopyInto(out *AutominifyParameters) { +func (in *ActionParametersObservation) DeepCopyInto(out *ActionParametersObservation) { *out = *in - if in.CSS != nil { - in, out := &in.CSS, &out.CSS + if in.AutomaticHTTPSRewrites != nil { + in, out := &in.AutomaticHTTPSRewrites, &out.AutomaticHTTPSRewrites *out = new(bool) **out = **in } - if in.HTML != nil { - in, out := &in.HTML, &out.HTML + if in.Autominify != nil { + in, out := &in.Autominify, &out.Autominify + *out = make([]AutominifyObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Bic != nil { + in, out := &in.Bic, &out.Bic *out = new(bool) **out = **in } - if in.Js != nil { - in, out := &in.Js, &out.Js + if in.BrowserTTL != nil { + in, out := &in.BrowserTTL, &out.BrowserTTL + *out = make([]BrowserTTLObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Cache != nil { + in, out := &in.Cache, &out.Cache *out = new(bool) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AutominifyParameters. -func (in *AutominifyParameters) DeepCopy() *AutominifyParameters { - if in == nil { - return nil - } - out := new(AutominifyParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *BrowserTTLObservation) DeepCopyInto(out *BrowserTTLObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BrowserTTLObservation. -func (in *BrowserTTLObservation) DeepCopy() *BrowserTTLObservation { - if in == nil { - return nil + if in.CacheKey != nil { + in, out := &in.CacheKey, &out.CacheKey + *out = make([]CacheKeyObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - out := new(BrowserTTLObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *BrowserTTLParameters) DeepCopyInto(out *BrowserTTLParameters) { - *out = *in - if in.Default != nil { - in, out := &in.Default, &out.Default - *out = new(float64) + if in.Content != nil { + in, out := &in.Content, &out.Content + *out = new(string) **out = **in } - if in.Mode != nil { - in, out := &in.Mode, &out.Mode + if in.ContentType != nil { + in, out := &in.ContentType, &out.ContentType *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BrowserTTLParameters. -func (in *BrowserTTLParameters) DeepCopy() *BrowserTTLParameters { - if in == nil { - return nil + if in.CookieFields != nil { + in, out := &in.CookieFields, &out.CookieFields + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } - out := new(BrowserTTLParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CacheKeyObservation) DeepCopyInto(out *CacheKeyObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheKeyObservation. -func (in *CacheKeyObservation) DeepCopy() *CacheKeyObservation { - if in == nil { - return nil + if in.DisableApps != nil { + in, out := &in.DisableApps, &out.DisableApps + *out = new(bool) + **out = **in } - out := new(CacheKeyObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CacheKeyParameters) DeepCopyInto(out *CacheKeyParameters) { - *out = *in - if in.CacheByDeviceType != nil { - in, out := &in.CacheByDeviceType, &out.CacheByDeviceType + if in.DisableRailgun != nil { + in, out := &in.DisableRailgun, &out.DisableRailgun *out = new(bool) **out = **in } - if in.CacheDeceptionArmor != nil { - in, out := &in.CacheDeceptionArmor, &out.CacheDeceptionArmor + if in.DisableZaraz != nil { + in, out := &in.DisableZaraz, &out.DisableZaraz *out = new(bool) **out = **in } - if in.CustomKey != nil { - in, out := &in.CustomKey, &out.CustomKey - *out = make([]CustomKeyParameters, len(*in)) + if in.EdgeTTL != nil { + in, out := &in.EdgeTTL, &out.EdgeTTL + *out = make([]EdgeTTLObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.IgnoreQueryStringsOrder != nil { - in, out := &in.IgnoreQueryStringsOrder, &out.IgnoreQueryStringsOrder + if in.EmailObfuscation != nil { + in, out := &in.EmailObfuscation, &out.EmailObfuscation *out = new(bool) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheKeyParameters. -func (in *CacheKeyParameters) DeepCopy() *CacheKeyParameters { - if in == nil { - return nil + if in.FromList != nil { + in, out := &in.FromList, &out.FromList + *out = make([]FromListObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - out := new(CacheKeyParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CategoriesObservation) DeepCopyInto(out *CategoriesObservation) { - *out = *in - if in.Enabled != nil { - in, out := &in.Enabled, &out.Enabled - *out = new(bool) - **out = **in + if in.FromValue != nil { + in, out := &in.FromValue, &out.FromValue + *out = make([]FromValueObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CategoriesObservation. -func (in *CategoriesObservation) DeepCopy() *CategoriesObservation { - if in == nil { - return nil + if in.Headers != nil { + in, out := &in.Headers, &out.Headers + *out = make([]HeadersObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - out := new(CategoriesObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CategoriesParameters) DeepCopyInto(out *CategoriesParameters) { - *out = *in - if in.Action != nil { - in, out := &in.Action, &out.Action + if in.HostHeader != nil { + in, out := &in.HostHeader, &out.HostHeader *out = new(string) **out = **in } - if in.Category != nil { - in, out := &in.Category, &out.Category - *out = new(string) + if in.HotlinkProtection != nil { + in, out := &in.HotlinkProtection, &out.HotlinkProtection + *out = new(bool) **out = **in } - if in.Status != nil { - in, out := &in.Status, &out.Status + if in.ID != nil { + in, out := &in.ID, &out.ID *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CategoriesParameters. -func (in *CategoriesParameters) DeepCopy() *CategoriesParameters { - if in == nil { - return nil + if in.Increment != nil { + in, out := &in.Increment, &out.Increment + *out = new(float64) + **out = **in } - out := new(CategoriesParameters) + if in.MatchedData != nil { + in, out := &in.MatchedData, &out.MatchedData + *out = make([]MatchedDataObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Mirage != nil { + in, out := &in.Mirage, &out.Mirage + *out = new(bool) + **out = **in + } + if in.OpportunisticEncryption != nil { + in, out := &in.OpportunisticEncryption, &out.OpportunisticEncryption + *out = new(bool) + **out = **in + } + if in.Origin != nil { + in, out := &in.Origin, &out.Origin + *out = make([]OriginObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.OriginErrorPagePassthru != nil { + in, out := &in.OriginErrorPagePassthru, &out.OriginErrorPagePassthru + *out = new(bool) + **out = **in + } + if in.Overrides != nil { + in, out := &in.Overrides, &out.Overrides + *out = make([]OverridesObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Phases != nil { + in, out := &in.Phases, &out.Phases + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Polish != nil { + in, out := &in.Polish, &out.Polish + *out = new(string) + **out = **in + } + if in.Products != nil { + in, out := &in.Products, &out.Products + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.RequestFields != nil { + in, out := &in.RequestFields, &out.RequestFields + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.RespectStrongEtags != nil { + in, out := &in.RespectStrongEtags, &out.RespectStrongEtags + *out = new(bool) + **out = **in + } + if in.Response != nil { + in, out := &in.Response, &out.Response + *out = make([]ResponseObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ResponseFields != nil { + in, out := &in.ResponseFields, &out.ResponseFields + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.RocketLoader != nil { + in, out := &in.RocketLoader, &out.RocketLoader + *out = new(bool) + **out = **in + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.Ruleset != nil { + in, out := &in.Ruleset, &out.Ruleset + *out = new(string) + **out = **in + } + if in.Rulesets != nil { + in, out := &in.Rulesets, &out.Rulesets + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.SSL != nil { + in, out := &in.SSL, &out.SSL + *out = new(string) + **out = **in + } + if in.SecurityLevel != nil { + in, out := &in.SecurityLevel, &out.SecurityLevel + *out = new(string) + **out = **in + } + if in.ServeStale != nil { + in, out := &in.ServeStale, &out.ServeStale + *out = make([]ServeStaleObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServerSideExcludes != nil { + in, out := &in.ServerSideExcludes, &out.ServerSideExcludes + *out = new(bool) + **out = **in + } + if in.Sni != nil { + in, out := &in.Sni, &out.Sni + *out = make([]SniObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } + if in.Sxg != nil { + in, out := &in.Sxg, &out.Sxg + *out = new(bool) + **out = **in + } + if in.URI != nil { + in, out := &in.URI, &out.URI + *out = make([]URIObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Version != nil { + in, out := &in.Version, &out.Version + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionParametersObservation. +func (in *ActionParametersObservation) DeepCopy() *ActionParametersObservation { + if in == nil { + return nil + } + out := new(ActionParametersObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActionParametersParameters) DeepCopyInto(out *ActionParametersParameters) { + *out = *in + if in.AutomaticHTTPSRewrites != nil { + in, out := &in.AutomaticHTTPSRewrites, &out.AutomaticHTTPSRewrites + *out = new(bool) + **out = **in + } + if in.Autominify != nil { + in, out := &in.Autominify, &out.Autominify + *out = make([]AutominifyParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Bic != nil { + in, out := &in.Bic, &out.Bic + *out = new(bool) + **out = **in + } + if in.BrowserTTL != nil { + in, out := &in.BrowserTTL, &out.BrowserTTL + *out = make([]BrowserTTLParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Cache != nil { + in, out := &in.Cache, &out.Cache + *out = new(bool) + **out = **in + } + if in.CacheKey != nil { + in, out := &in.CacheKey, &out.CacheKey + *out = make([]CacheKeyParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Content != nil { + in, out := &in.Content, &out.Content + *out = new(string) + **out = **in + } + if in.ContentType != nil { + in, out := &in.ContentType, &out.ContentType + *out = new(string) + **out = **in + } + if in.CookieFields != nil { + in, out := &in.CookieFields, &out.CookieFields + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.DisableApps != nil { + in, out := &in.DisableApps, &out.DisableApps + *out = new(bool) + **out = **in + } + if in.DisableRailgun != nil { + in, out := &in.DisableRailgun, &out.DisableRailgun + *out = new(bool) + **out = **in + } + if in.DisableZaraz != nil { + in, out := &in.DisableZaraz, &out.DisableZaraz + *out = new(bool) + **out = **in + } + if in.EdgeTTL != nil { + in, out := &in.EdgeTTL, &out.EdgeTTL + *out = make([]EdgeTTLParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.EmailObfuscation != nil { + in, out := &in.EmailObfuscation, &out.EmailObfuscation + *out = new(bool) + **out = **in + } + if in.FromList != nil { + in, out := &in.FromList, &out.FromList + *out = make([]FromListParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.FromValue != nil { + in, out := &in.FromValue, &out.FromValue + *out = make([]FromValueParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Headers != nil { + in, out := &in.Headers, &out.Headers + *out = make([]HeadersParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.HostHeader != nil { + in, out := &in.HostHeader, &out.HostHeader + *out = new(string) + **out = **in + } + if in.HotlinkProtection != nil { + in, out := &in.HotlinkProtection, &out.HotlinkProtection + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Increment != nil { + in, out := &in.Increment, &out.Increment + *out = new(float64) + **out = **in + } + if in.MatchedData != nil { + in, out := &in.MatchedData, &out.MatchedData + *out = make([]MatchedDataParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Mirage != nil { + in, out := &in.Mirage, &out.Mirage + *out = new(bool) + **out = **in + } + if in.OpportunisticEncryption != nil { + in, out := &in.OpportunisticEncryption, &out.OpportunisticEncryption + *out = new(bool) + **out = **in + } + if in.Origin != nil { + in, out := &in.Origin, &out.Origin + *out = make([]OriginParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.OriginErrorPagePassthru != nil { + in, out := &in.OriginErrorPagePassthru, &out.OriginErrorPagePassthru + *out = new(bool) + **out = **in + } + if in.Overrides != nil { + in, out := &in.Overrides, &out.Overrides + *out = make([]OverridesParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Phases != nil { + in, out := &in.Phases, &out.Phases + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Polish != nil { + in, out := &in.Polish, &out.Polish + *out = new(string) + **out = **in + } + if in.Products != nil { + in, out := &in.Products, &out.Products + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.RequestFields != nil { + in, out := &in.RequestFields, &out.RequestFields + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.RespectStrongEtags != nil { + in, out := &in.RespectStrongEtags, &out.RespectStrongEtags + *out = new(bool) + **out = **in + } + if in.Response != nil { + in, out := &in.Response, &out.Response + *out = make([]ResponseParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ResponseFields != nil { + in, out := &in.ResponseFields, &out.ResponseFields + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.RocketLoader != nil { + in, out := &in.RocketLoader, &out.RocketLoader + *out = new(bool) + **out = **in + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.Ruleset != nil { + in, out := &in.Ruleset, &out.Ruleset + *out = new(string) + **out = **in + } + if in.Rulesets != nil { + in, out := &in.Rulesets, &out.Rulesets + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.SSL != nil { + in, out := &in.SSL, &out.SSL + *out = new(string) + **out = **in + } + if in.SecurityLevel != nil { + in, out := &in.SecurityLevel, &out.SecurityLevel + *out = new(string) + **out = **in + } + if in.ServeStale != nil { + in, out := &in.ServeStale, &out.ServeStale + *out = make([]ServeStaleParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServerSideExcludes != nil { + in, out := &in.ServerSideExcludes, &out.ServerSideExcludes + *out = new(bool) + **out = **in + } + if in.Sni != nil { + in, out := &in.Sni, &out.Sni + *out = make([]SniParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } + if in.Sxg != nil { + in, out := &in.Sxg, &out.Sxg + *out = new(bool) + **out = **in + } + if in.URI != nil { + in, out := &in.URI, &out.URI + *out = make([]URIParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Version != nil { + in, out := &in.Version, &out.Version + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionParametersParameters. +func (in *ActionParametersParameters) DeepCopy() *ActionParametersParameters { + if in == nil { + return nil + } + out := new(ActionParametersParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AutominifyInitParameters) DeepCopyInto(out *AutominifyInitParameters) { + *out = *in + if in.CSS != nil { + in, out := &in.CSS, &out.CSS + *out = new(bool) + **out = **in + } + if in.HTML != nil { + in, out := &in.HTML, &out.HTML + *out = new(bool) + **out = **in + } + if in.Js != nil { + in, out := &in.Js, &out.Js + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AutominifyInitParameters. +func (in *AutominifyInitParameters) DeepCopy() *AutominifyInitParameters { + if in == nil { + return nil + } + out := new(AutominifyInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AutominifyObservation) DeepCopyInto(out *AutominifyObservation) { + *out = *in + if in.CSS != nil { + in, out := &in.CSS, &out.CSS + *out = new(bool) + **out = **in + } + if in.HTML != nil { + in, out := &in.HTML, &out.HTML + *out = new(bool) + **out = **in + } + if in.Js != nil { + in, out := &in.Js, &out.Js + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AutominifyObservation. +func (in *AutominifyObservation) DeepCopy() *AutominifyObservation { + if in == nil { + return nil + } + out := new(AutominifyObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AutominifyParameters) DeepCopyInto(out *AutominifyParameters) { + *out = *in + if in.CSS != nil { + in, out := &in.CSS, &out.CSS + *out = new(bool) + **out = **in + } + if in.HTML != nil { + in, out := &in.HTML, &out.HTML + *out = new(bool) + **out = **in + } + if in.Js != nil { + in, out := &in.Js, &out.Js + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AutominifyParameters. +func (in *AutominifyParameters) DeepCopy() *AutominifyParameters { + if in == nil { + return nil + } + out := new(AutominifyParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BrowserTTLInitParameters) DeepCopyInto(out *BrowserTTLInitParameters) { + *out = *in + if in.Default != nil { + in, out := &in.Default, &out.Default + *out = new(float64) + **out = **in + } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BrowserTTLInitParameters. +func (in *BrowserTTLInitParameters) DeepCopy() *BrowserTTLInitParameters { + if in == nil { + return nil + } + out := new(BrowserTTLInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BrowserTTLObservation) DeepCopyInto(out *BrowserTTLObservation) { + *out = *in + if in.Default != nil { + in, out := &in.Default, &out.Default + *out = new(float64) + **out = **in + } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BrowserTTLObservation. +func (in *BrowserTTLObservation) DeepCopy() *BrowserTTLObservation { + if in == nil { + return nil + } + out := new(BrowserTTLObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BrowserTTLParameters) DeepCopyInto(out *BrowserTTLParameters) { + *out = *in + if in.Default != nil { + in, out := &in.Default, &out.Default + *out = new(float64) + **out = **in + } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BrowserTTLParameters. +func (in *BrowserTTLParameters) DeepCopy() *BrowserTTLParameters { + if in == nil { + return nil + } + out := new(BrowserTTLParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CacheKeyInitParameters) DeepCopyInto(out *CacheKeyInitParameters) { + *out = *in + if in.CacheByDeviceType != nil { + in, out := &in.CacheByDeviceType, &out.CacheByDeviceType + *out = new(bool) + **out = **in + } + if in.CacheDeceptionArmor != nil { + in, out := &in.CacheDeceptionArmor, &out.CacheDeceptionArmor + *out = new(bool) + **out = **in + } + if in.CustomKey != nil { + in, out := &in.CustomKey, &out.CustomKey + *out = make([]CustomKeyInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IgnoreQueryStringsOrder != nil { + in, out := &in.IgnoreQueryStringsOrder, &out.IgnoreQueryStringsOrder + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheKeyInitParameters. +func (in *CacheKeyInitParameters) DeepCopy() *CacheKeyInitParameters { + if in == nil { + return nil + } + out := new(CacheKeyInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CacheKeyObservation) DeepCopyInto(out *CacheKeyObservation) { + *out = *in + if in.CacheByDeviceType != nil { + in, out := &in.CacheByDeviceType, &out.CacheByDeviceType + *out = new(bool) + **out = **in + } + if in.CacheDeceptionArmor != nil { + in, out := &in.CacheDeceptionArmor, &out.CacheDeceptionArmor + *out = new(bool) + **out = **in + } + if in.CustomKey != nil { + in, out := &in.CustomKey, &out.CustomKey + *out = make([]CustomKeyObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IgnoreQueryStringsOrder != nil { + in, out := &in.IgnoreQueryStringsOrder, &out.IgnoreQueryStringsOrder + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheKeyObservation. +func (in *CacheKeyObservation) DeepCopy() *CacheKeyObservation { + if in == nil { + return nil + } + out := new(CacheKeyObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CacheKeyParameters) DeepCopyInto(out *CacheKeyParameters) { + *out = *in + if in.CacheByDeviceType != nil { + in, out := &in.CacheByDeviceType, &out.CacheByDeviceType + *out = new(bool) + **out = **in + } + if in.CacheDeceptionArmor != nil { + in, out := &in.CacheDeceptionArmor, &out.CacheDeceptionArmor + *out = new(bool) + **out = **in + } + if in.CustomKey != nil { + in, out := &in.CustomKey, &out.CustomKey + *out = make([]CustomKeyParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IgnoreQueryStringsOrder != nil { + in, out := &in.IgnoreQueryStringsOrder, &out.IgnoreQueryStringsOrder + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CacheKeyParameters. +func (in *CacheKeyParameters) DeepCopy() *CacheKeyParameters { + if in == nil { + return nil + } + out := new(CacheKeyParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CategoriesInitParameters) DeepCopyInto(out *CategoriesInitParameters) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + if in.Category != nil { + in, out := &in.Category, &out.Category + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CategoriesInitParameters. +func (in *CategoriesInitParameters) DeepCopy() *CategoriesInitParameters { + if in == nil { + return nil + } + out := new(CategoriesInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CategoriesObservation) DeepCopyInto(out *CategoriesObservation) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + if in.Category != nil { + in, out := &in.Category, &out.Category + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CategoriesObservation. +func (in *CategoriesObservation) DeepCopy() *CategoriesObservation { + if in == nil { + return nil + } + out := new(CategoriesObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CategoriesParameters) DeepCopyInto(out *CategoriesParameters) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + if in.Category != nil { + in, out := &in.Category, &out.Category + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CategoriesParameters. +func (in *CategoriesParameters) DeepCopy() *CategoriesParameters { + if in == nil { + return nil + } + out := new(CategoriesParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CookieInitParameters) DeepCopyInto(out *CookieInitParameters) { + *out = *in + if in.CheckPresence != nil { + in, out := &in.CheckPresence, &out.CheckPresence + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CookieInitParameters. +func (in *CookieInitParameters) DeepCopy() *CookieInitParameters { + if in == nil { + return nil + } + out := new(CookieInitParameters) in.DeepCopyInto(out) return out } @@ -550,6 +1399,28 @@ func (in *CategoriesParameters) DeepCopy() *CategoriesParameters { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CookieObservation) DeepCopyInto(out *CookieObservation) { *out = *in + if in.CheckPresence != nil { + in, out := &in.CheckPresence, &out.CheckPresence + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CookieObservation. @@ -576,34 +1447,119 @@ func (in *CookieParameters) DeepCopyInto(out *CookieParameters) { } } } - if in.Include != nil { - in, out := &in.Include, &out.Include - *out = make([]*string, len(*in)) + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CookieParameters. +func (in *CookieParameters) DeepCopy() *CookieParameters { + if in == nil { + return nil + } + out := new(CookieParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CustomKeyInitParameters) DeepCopyInto(out *CustomKeyInitParameters) { + *out = *in + if in.Cookie != nil { + in, out := &in.Cookie, &out.Cookie + *out = make([]CookieInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = make([]HeaderInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = make([]HostInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.QueryString != nil { + in, out := &in.QueryString, &out.QueryString + *out = make([]QueryStringInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.User != nil { + in, out := &in.User, &out.User + *out = make([]UserInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomKeyInitParameters. +func (in *CustomKeyInitParameters) DeepCopy() *CustomKeyInitParameters { + if in == nil { + return nil + } + out := new(CustomKeyInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CustomKeyObservation) DeepCopyInto(out *CustomKeyObservation) { + *out = *in + if in.Cookie != nil { + in, out := &in.Cookie, &out.Cookie + *out = make([]CookieObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = make([]HeaderObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = make([]HostObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.QueryString != nil { + in, out := &in.QueryString, &out.QueryString + *out = make([]QueryStringObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.User != nil { + in, out := &in.User, &out.User + *out = make([]UserObservation, len(*in)) for i := range *in { - if (*in)[i] != nil { - in, out := &(*in)[i], &(*out)[i] - *out = new(string) - **out = **in - } + (*in)[i].DeepCopyInto(&(*out)[i]) } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CookieParameters. -func (in *CookieParameters) DeepCopy() *CookieParameters { - if in == nil { - return nil - } - out := new(CookieParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CustomKeyObservation) DeepCopyInto(out *CustomKeyObservation) { - *out = *in -} - // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomKeyObservation. func (in *CustomKeyObservation) DeepCopy() *CustomKeyObservation { if in == nil { @@ -664,9 +1620,58 @@ func (in *CustomKeyParameters) DeepCopy() *CustomKeyParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EdgeTTLInitParameters) DeepCopyInto(out *EdgeTTLInitParameters) { + *out = *in + if in.Default != nil { + in, out := &in.Default, &out.Default + *out = new(float64) + **out = **in + } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.StatusCodeTTL != nil { + in, out := &in.StatusCodeTTL, &out.StatusCodeTTL + *out = make([]StatusCodeTTLInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EdgeTTLInitParameters. +func (in *EdgeTTLInitParameters) DeepCopy() *EdgeTTLInitParameters { + if in == nil { + return nil + } + out := new(EdgeTTLInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *EdgeTTLObservation) DeepCopyInto(out *EdgeTTLObservation) { *out = *in + if in.Default != nil { + in, out := &in.Default, &out.Default + *out = new(float64) + **out = **in + } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.StatusCodeTTL != nil { + in, out := &in.StatusCodeTTL, &out.StatusCodeTTL + *out = make([]StatusCodeTTLObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EdgeTTLObservation. @@ -711,9 +1716,44 @@ func (in *EdgeTTLParameters) DeepCopy() *EdgeTTLParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExposedCredentialCheckInitParameters) DeepCopyInto(out *ExposedCredentialCheckInitParameters) { + *out = *in + if in.PasswordExpression != nil { + in, out := &in.PasswordExpression, &out.PasswordExpression + *out = new(string) + **out = **in + } + if in.UsernameExpression != nil { + in, out := &in.UsernameExpression, &out.UsernameExpression + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExposedCredentialCheckInitParameters. +func (in *ExposedCredentialCheckInitParameters) DeepCopy() *ExposedCredentialCheckInitParameters { + if in == nil { + return nil + } + out := new(ExposedCredentialCheckInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ExposedCredentialCheckObservation) DeepCopyInto(out *ExposedCredentialCheckObservation) { *out = *in + if in.PasswordExpression != nil { + in, out := &in.PasswordExpression, &out.PasswordExpression + *out = new(string) + **out = **in + } + if in.UsernameExpression != nil { + in, out := &in.UsernameExpression, &out.UsernameExpression + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExposedCredentialCheckObservation. @@ -751,9 +1791,44 @@ func (in *ExposedCredentialCheckParameters) DeepCopy() *ExposedCredentialCheckPa return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FromListInitParameters) DeepCopyInto(out *FromListInitParameters) { + *out = *in + if in.Key != nil { + in, out := &in.Key, &out.Key + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FromListInitParameters. +func (in *FromListInitParameters) DeepCopy() *FromListInitParameters { + if in == nil { + return nil + } + out := new(FromListInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FromListObservation) DeepCopyInto(out *FromListObservation) { *out = *in + if in.Key != nil { + in, out := &in.Key, &out.Key + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FromListObservation. @@ -791,9 +1866,58 @@ func (in *FromListParameters) DeepCopy() *FromListParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FromValueInitParameters) DeepCopyInto(out *FromValueInitParameters) { + *out = *in + if in.PreserveQueryString != nil { + in, out := &in.PreserveQueryString, &out.PreserveQueryString + *out = new(bool) + **out = **in + } + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } + if in.TargetURL != nil { + in, out := &in.TargetURL, &out.TargetURL + *out = make([]TargetURLInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FromValueInitParameters. +func (in *FromValueInitParameters) DeepCopy() *FromValueInitParameters { + if in == nil { + return nil + } + out := new(FromValueInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FromValueObservation) DeepCopyInto(out *FromValueObservation) { *out = *in + if in.PreserveQueryString != nil { + in, out := &in.PreserveQueryString, &out.PreserveQueryString + *out = new(bool) + **out = **in + } + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } + if in.TargetURL != nil { + in, out := &in.TargetURL, &out.TargetURL + *out = make([]TargetURLObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FromValueObservation. @@ -828,21 +1952,90 @@ func (in *FromValueParameters) DeepCopyInto(out *FromValueParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FromValueParameters. -func (in *FromValueParameters) DeepCopy() *FromValueParameters { - if in == nil { - return nil - } - out := new(FromValueParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HeaderObservation) DeepCopyInto(out *HeaderObservation) { - *out = *in -} - +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FromValueParameters. +func (in *FromValueParameters) DeepCopy() *FromValueParameters { + if in == nil { + return nil + } + out := new(FromValueParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HeaderInitParameters) DeepCopyInto(out *HeaderInitParameters) { + *out = *in + if in.CheckPresence != nil { + in, out := &in.CheckPresence, &out.CheckPresence + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ExcludeOrigin != nil { + in, out := &in.ExcludeOrigin, &out.ExcludeOrigin + *out = new(bool) + **out = **in + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeaderInitParameters. +func (in *HeaderInitParameters) DeepCopy() *HeaderInitParameters { + if in == nil { + return nil + } + out := new(HeaderInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HeaderObservation) DeepCopyInto(out *HeaderObservation) { + *out = *in + if in.CheckPresence != nil { + in, out := &in.CheckPresence, &out.CheckPresence + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ExcludeOrigin != nil { + in, out := &in.ExcludeOrigin, &out.ExcludeOrigin + *out = new(bool) + **out = **in + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeaderObservation. func (in *HeaderObservation) DeepCopy() *HeaderObservation { if in == nil { @@ -895,9 +2088,64 @@ func (in *HeaderParameters) DeepCopy() *HeaderParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HeadersInitParameters) DeepCopyInto(out *HeadersInitParameters) { + *out = *in + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Operation != nil { + in, out := &in.Operation, &out.Operation + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeadersInitParameters. +func (in *HeadersInitParameters) DeepCopy() *HeadersInitParameters { + if in == nil { + return nil + } + out := new(HeadersInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HeadersObservation) DeepCopyInto(out *HeadersObservation) { *out = *in + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Operation != nil { + in, out := &in.Operation, &out.Operation + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeadersObservation. @@ -945,9 +2193,34 @@ func (in *HeadersParameters) DeepCopy() *HeadersParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HostInitParameters) DeepCopyInto(out *HostInitParameters) { + *out = *in + if in.Resolved != nil { + in, out := &in.Resolved, &out.Resolved + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostInitParameters. +func (in *HostInitParameters) DeepCopy() *HostInitParameters { + if in == nil { + return nil + } + out := new(HostInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HostObservation) DeepCopyInto(out *HostObservation) { *out = *in + if in.Resolved != nil { + in, out := &in.Resolved, &out.Resolved + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostObservation. @@ -980,6 +2253,26 @@ func (in *HostParameters) DeepCopy() *HostParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoggingInitParameters) DeepCopyInto(out *LoggingInitParameters) { + *out = *in + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoggingInitParameters. +func (in *LoggingInitParameters) DeepCopy() *LoggingInitParameters { + if in == nil { + return nil + } + out := new(LoggingInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LoggingObservation) DeepCopyInto(out *LoggingObservation) { *out = *in @@ -988,6 +2281,11 @@ func (in *LoggingObservation) DeepCopyInto(out *LoggingObservation) { *out = new(bool) **out = **in } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoggingObservation. @@ -1020,9 +2318,34 @@ func (in *LoggingParameters) DeepCopy() *LoggingParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchedDataInitParameters) DeepCopyInto(out *MatchedDataInitParameters) { + *out = *in + if in.PublicKey != nil { + in, out := &in.PublicKey, &out.PublicKey + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchedDataInitParameters. +func (in *MatchedDataInitParameters) DeepCopy() *MatchedDataInitParameters { + if in == nil { + return nil + } + out := new(MatchedDataInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MatchedDataObservation) DeepCopyInto(out *MatchedDataObservation) { *out = *in + if in.PublicKey != nil { + in, out := &in.PublicKey, &out.PublicKey + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchedDataObservation. @@ -1055,9 +2378,44 @@ func (in *MatchedDataParameters) DeepCopy() *MatchedDataParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OriginInitParameters) DeepCopyInto(out *OriginInitParameters) { + *out = *in + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = new(string) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginInitParameters. +func (in *OriginInitParameters) DeepCopy() *OriginInitParameters { + if in == nil { + return nil + } + out := new(OriginInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OriginObservation) DeepCopyInto(out *OriginObservation) { *out = *in + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = new(string) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginObservation. @@ -1095,9 +2453,58 @@ func (in *OriginParameters) DeepCopy() *OriginParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OverridesInitParameters) DeepCopyInto(out *OverridesInitParameters) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + if in.Categories != nil { + in, out := &in.Categories, &out.Categories + *out = make([]CategoriesInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]OverridesRulesInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SensitivityLevel != nil { + in, out := &in.SensitivityLevel, &out.SensitivityLevel + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesInitParameters. +func (in *OverridesInitParameters) DeepCopy() *OverridesInitParameters { + if in == nil { + return nil + } + out := new(OverridesInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OverridesObservation) DeepCopyInto(out *OverridesObservation) { *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } if in.Categories != nil { in, out := &in.Categories, &out.Categories *out = make([]CategoriesObservation, len(*in)) @@ -1117,39 +2524,89 @@ func (in *OverridesObservation) DeepCopyInto(out *OverridesObservation) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.SensitivityLevel != nil { + in, out := &in.SensitivityLevel, &out.SensitivityLevel + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesObservation. +func (in *OverridesObservation) DeepCopy() *OverridesObservation { + if in == nil { + return nil + } + out := new(OverridesObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OverridesParameters) DeepCopyInto(out *OverridesParameters) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + if in.Categories != nil { + in, out := &in.Categories, &out.Categories + *out = make([]CategoriesParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]OverridesRulesParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SensitivityLevel != nil { + in, out := &in.SensitivityLevel, &out.SensitivityLevel + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesObservation. -func (in *OverridesObservation) DeepCopy() *OverridesObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesParameters. +func (in *OverridesParameters) DeepCopy() *OverridesParameters { if in == nil { return nil } - out := new(OverridesObservation) + out := new(OverridesParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OverridesParameters) DeepCopyInto(out *OverridesParameters) { +func (in *OverridesRulesInitParameters) DeepCopyInto(out *OverridesRulesInitParameters) { *out = *in if in.Action != nil { in, out := &in.Action, &out.Action *out = new(string) **out = **in } - if in.Categories != nil { - in, out := &in.Categories, &out.Categories - *out = make([]CategoriesParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in } - if in.Rules != nil { - in, out := &in.Rules, &out.Rules - *out = make([]OverridesRulesParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.ScoreThreshold != nil { + in, out := &in.ScoreThreshold, &out.ScoreThreshold + *out = new(float64) + **out = **in } if in.SensitivityLevel != nil { in, out := &in.SensitivityLevel, &out.SensitivityLevel @@ -1163,12 +2620,12 @@ func (in *OverridesParameters) DeepCopyInto(out *OverridesParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesParameters. -func (in *OverridesParameters) DeepCopy() *OverridesParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesRulesInitParameters. +func (in *OverridesRulesInitParameters) DeepCopy() *OverridesRulesInitParameters { if in == nil { return nil } - out := new(OverridesParameters) + out := new(OverridesRulesInitParameters) in.DeepCopyInto(out) return out } @@ -1176,11 +2633,36 @@ func (in *OverridesParameters) DeepCopy() *OverridesParameters { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OverridesRulesObservation) DeepCopyInto(out *OverridesRulesObservation) { *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } if in.Enabled != nil { in, out := &in.Enabled, &out.Enabled *out = new(bool) **out = **in } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.ScoreThreshold != nil { + in, out := &in.ScoreThreshold, &out.ScoreThreshold + *out = new(float64) + **out = **in + } + if in.SensitivityLevel != nil { + in, out := &in.SensitivityLevel, &out.SensitivityLevel + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverridesRulesObservation. @@ -1233,9 +2715,44 @@ func (in *OverridesRulesParameters) DeepCopy() *OverridesRulesParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PathInitParameters) DeepCopyInto(out *PathInitParameters) { + *out = *in + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PathInitParameters. +func (in *PathInitParameters) DeepCopy() *PathInitParameters { + if in == nil { + return nil + } + out := new(PathInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PathObservation) DeepCopyInto(out *PathObservation) { *out = *in + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PathObservation. @@ -1273,9 +2790,44 @@ func (in *PathParameters) DeepCopy() *PathParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *QueryInitParameters) DeepCopyInto(out *QueryInitParameters) { + *out = *in + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueryInitParameters. +func (in *QueryInitParameters) DeepCopy() *QueryInitParameters { + if in == nil { + return nil + } + out := new(QueryInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *QueryObservation) DeepCopyInto(out *QueryObservation) { *out = *in + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueryObservation. @@ -1313,9 +2865,68 @@ func (in *QueryParameters) DeepCopy() *QueryParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *QueryStringInitParameters) DeepCopyInto(out *QueryStringInitParameters) { + *out = *in + if in.Exclude != nil { + in, out := &in.Exclude, &out.Exclude + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueryStringInitParameters. +func (in *QueryStringInitParameters) DeepCopy() *QueryStringInitParameters { + if in == nil { + return nil + } + out := new(QueryStringInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *QueryStringObservation) DeepCopyInto(out *QueryStringObservation) { *out = *in + if in.Exclude != nil { + in, out := &in.Exclude, &out.Exclude + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueryStringObservation. @@ -1353,21 +2964,108 @@ func (in *QueryStringParameters) DeepCopyInto(out *QueryStringParameters) { } } } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueryStringParameters. -func (in *QueryStringParameters) DeepCopy() *QueryStringParameters { - if in == nil { - return nil +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueryStringParameters. +func (in *QueryStringParameters) DeepCopy() *QueryStringParameters { + if in == nil { + return nil + } + out := new(QueryStringParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RatelimitInitParameters) DeepCopyInto(out *RatelimitInitParameters) { + *out = *in + if in.Characteristics != nil { + in, out := &in.Characteristics, &out.Characteristics + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.CountingExpression != nil { + in, out := &in.CountingExpression, &out.CountingExpression + *out = new(string) + **out = **in + } + if in.MitigationTimeout != nil { + in, out := &in.MitigationTimeout, &out.MitigationTimeout + *out = new(float64) + **out = **in + } + if in.Period != nil { + in, out := &in.Period, &out.Period + *out = new(float64) + **out = **in + } + if in.RequestsPerPeriod != nil { + in, out := &in.RequestsPerPeriod, &out.RequestsPerPeriod + *out = new(float64) + **out = **in + } + if in.RequestsToOrigin != nil { + in, out := &in.RequestsToOrigin, &out.RequestsToOrigin + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RatelimitInitParameters. +func (in *RatelimitInitParameters) DeepCopy() *RatelimitInitParameters { + if in == nil { + return nil + } + out := new(RatelimitInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RatelimitObservation) DeepCopyInto(out *RatelimitObservation) { + *out = *in + if in.Characteristics != nil { + in, out := &in.Characteristics, &out.Characteristics + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.CountingExpression != nil { + in, out := &in.CountingExpression, &out.CountingExpression + *out = new(string) + **out = **in + } + if in.MitigationTimeout != nil { + in, out := &in.MitigationTimeout, &out.MitigationTimeout + *out = new(float64) + **out = **in + } + if in.Period != nil { + in, out := &in.Period, &out.Period + *out = new(float64) + **out = **in + } + if in.RequestsPerPeriod != nil { + in, out := &in.RequestsPerPeriod, &out.RequestsPerPeriod + *out = new(float64) + **out = **in + } + if in.RequestsToOrigin != nil { + in, out := &in.RequestsToOrigin, &out.RequestsToOrigin + *out = new(bool) + **out = **in } - out := new(QueryStringParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RatelimitObservation) DeepCopyInto(out *RatelimitObservation) { - *out = *in } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RatelimitObservation. @@ -1431,9 +3129,54 @@ func (in *RatelimitParameters) DeepCopy() *RatelimitParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ResponseInitParameters) DeepCopyInto(out *ResponseInitParameters) { + *out = *in + if in.Content != nil { + in, out := &in.Content, &out.Content + *out = new(string) + **out = **in + } + if in.ContentType != nil { + in, out := &in.ContentType, &out.ContentType + *out = new(string) + **out = **in + } + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResponseInitParameters. +func (in *ResponseInitParameters) DeepCopy() *ResponseInitParameters { + if in == nil { + return nil + } + out := new(ResponseInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ResponseObservation) DeepCopyInto(out *ResponseObservation) { *out = *in + if in.Content != nil { + in, out := &in.Content, &out.Content + *out = new(string) + **out = **in + } + if in.ContentType != nil { + in, out := &in.ContentType, &out.ContentType + *out = new(string) + **out = **in + } + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResponseObservation. @@ -1476,9 +3219,77 @@ func (in *ResponseParameters) DeepCopy() *ResponseParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RulesInitParameters) DeepCopyInto(out *RulesInitParameters) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + if in.ActionParameters != nil { + in, out := &in.ActionParameters, &out.ActionParameters + *out = make([]ActionParametersInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ExposedCredentialCheck != nil { + in, out := &in.ExposedCredentialCheck, &out.ExposedCredentialCheck + *out = make([]ExposedCredentialCheckInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } + if in.Logging != nil { + in, out := &in.Logging, &out.Logging + *out = make([]LoggingInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Ratelimit != nil { + in, out := &in.Ratelimit, &out.Ratelimit + *out = make([]RatelimitInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesInitParameters. +func (in *RulesInitParameters) DeepCopy() *RulesInitParameters { + if in == nil { + return nil + } + out := new(RulesInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RulesObservation) DeepCopyInto(out *RulesObservation) { *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } if in.ActionParameters != nil { in, out := &in.ActionParameters, &out.ActionParameters *out = make([]ActionParametersObservation, len(*in)) @@ -1486,6 +3297,28 @@ func (in *RulesObservation) DeepCopyInto(out *RulesObservation) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ExposedCredentialCheck != nil { + in, out := &in.ExposedCredentialCheck, &out.ExposedCredentialCheck + *out = make([]ExposedCredentialCheckObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) @@ -1498,6 +3331,13 @@ func (in *RulesObservation) DeepCopyInto(out *RulesObservation) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.Ratelimit != nil { + in, out := &in.Ratelimit, &out.Ratelimit + *out = make([]RatelimitObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Ref != nil { in, out := &in.Ref, &out.Ref *out = new(string) @@ -1610,6 +3450,83 @@ func (in *Ruleset) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RulesetInitParameters) DeepCopyInto(out *RulesetInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Phase != nil { + in, out := &in.Phase, &out.Phase + *out = new(string) + **out = **in + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]RulesInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ShareableEntitlementName != nil { + in, out := &in.ShareableEntitlementName, &out.ShareableEntitlementName + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesetInitParameters. +func (in *RulesetInitParameters) DeepCopy() *RulesetInitParameters { + if in == nil { + return nil + } + out := new(RulesetInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RulesetList) DeepCopyInto(out *RulesetList) { *out = *in @@ -1639,14 +3556,39 @@ func (in *RulesetList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RulesetObservation) DeepCopyInto(out *RulesetObservation) { - *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RulesetObservation) DeepCopyInto(out *RulesetObservation) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Phase != nil { + in, out := &in.Phase, &out.Phase *out = new(string) **out = **in } @@ -1657,6 +3599,16 @@ func (in *RulesetObservation) DeepCopyInto(out *RulesetObservation) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.ShareableEntitlementName != nil { + in, out := &in.ShareableEntitlementName, &out.ShareableEntitlementName + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesetObservation. @@ -1751,6 +3703,7 @@ func (in *RulesetSpec) DeepCopyInto(out *RulesetSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesetSpec. @@ -1780,9 +3733,34 @@ func (in *RulesetStatus) DeepCopy() *RulesetStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServeStaleInitParameters) DeepCopyInto(out *ServeStaleInitParameters) { + *out = *in + if in.DisableStaleWhileUpdating != nil { + in, out := &in.DisableStaleWhileUpdating, &out.DisableStaleWhileUpdating + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServeStaleInitParameters. +func (in *ServeStaleInitParameters) DeepCopy() *ServeStaleInitParameters { + if in == nil { + return nil + } + out := new(ServeStaleInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ServeStaleObservation) DeepCopyInto(out *ServeStaleObservation) { *out = *in + if in.DisableStaleWhileUpdating != nil { + in, out := &in.DisableStaleWhileUpdating, &out.DisableStaleWhileUpdating + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServeStaleObservation. @@ -1815,9 +3793,34 @@ func (in *ServeStaleParameters) DeepCopy() *ServeStaleParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SniInitParameters) DeepCopyInto(out *SniInitParameters) { + *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SniInitParameters. +func (in *SniInitParameters) DeepCopy() *SniInitParameters { + if in == nil { + return nil + } + out := new(SniInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SniObservation) DeepCopyInto(out *SniObservation) { *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SniObservation. @@ -1850,9 +3853,44 @@ func (in *SniParameters) DeepCopy() *SniParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *StatusCodeRangeInitParameters) DeepCopyInto(out *StatusCodeRangeInitParameters) { + *out = *in + if in.From != nil { + in, out := &in.From, &out.From + *out = new(float64) + **out = **in + } + if in.To != nil { + in, out := &in.To, &out.To + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatusCodeRangeInitParameters. +func (in *StatusCodeRangeInitParameters) DeepCopy() *StatusCodeRangeInitParameters { + if in == nil { + return nil + } + out := new(StatusCodeRangeInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *StatusCodeRangeObservation) DeepCopyInto(out *StatusCodeRangeObservation) { *out = *in + if in.From != nil { + in, out := &in.From, &out.From + *out = new(float64) + **out = **in + } + if in.To != nil { + in, out := &in.To, &out.To + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatusCodeRangeObservation. @@ -1890,9 +3928,58 @@ func (in *StatusCodeRangeParameters) DeepCopy() *StatusCodeRangeParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *StatusCodeTTLInitParameters) DeepCopyInto(out *StatusCodeTTLInitParameters) { + *out = *in + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } + if in.StatusCodeRange != nil { + in, out := &in.StatusCodeRange, &out.StatusCodeRange + *out = make([]StatusCodeRangeInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatusCodeTTLInitParameters. +func (in *StatusCodeTTLInitParameters) DeepCopy() *StatusCodeTTLInitParameters { + if in == nil { + return nil + } + out := new(StatusCodeTTLInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *StatusCodeTTLObservation) DeepCopyInto(out *StatusCodeTTLObservation) { *out = *in + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(float64) + **out = **in + } + if in.StatusCodeRange != nil { + in, out := &in.StatusCodeRange, &out.StatusCodeRange + *out = make([]StatusCodeRangeObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatusCodeTTLObservation. @@ -1937,9 +4024,44 @@ func (in *StatusCodeTTLParameters) DeepCopy() *StatusCodeTTLParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TargetURLInitParameters) DeepCopyInto(out *TargetURLInitParameters) { + *out = *in + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetURLInitParameters. +func (in *TargetURLInitParameters) DeepCopy() *TargetURLInitParameters { + if in == nil { + return nil + } + out := new(TargetURLInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TargetURLObservation) DeepCopyInto(out *TargetURLObservation) { *out = *in + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetURLObservation. @@ -1977,9 +4099,62 @@ func (in *TargetURLParameters) DeepCopy() *TargetURLParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *URIInitParameters) DeepCopyInto(out *URIInitParameters) { + *out = *in + if in.Origin != nil { + in, out := &in.Origin, &out.Origin + *out = new(bool) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = make([]PathInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Query != nil { + in, out := &in.Query, &out.Query + *out = make([]QueryInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new URIInitParameters. +func (in *URIInitParameters) DeepCopy() *URIInitParameters { + if in == nil { + return nil + } + out := new(URIInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *URIObservation) DeepCopyInto(out *URIObservation) { *out = *in + if in.Origin != nil { + in, out := &in.Origin, &out.Origin + *out = new(bool) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = make([]PathObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Query != nil { + in, out := &in.Query, &out.Query + *out = make([]QueryObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new URIObservation. @@ -2026,9 +4201,54 @@ func (in *URIParameters) DeepCopy() *URIParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserInitParameters) DeepCopyInto(out *UserInitParameters) { + *out = *in + if in.DeviceType != nil { + in, out := &in.DeviceType, &out.DeviceType + *out = new(bool) + **out = **in + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = new(bool) + **out = **in + } + if in.Lang != nil { + in, out := &in.Lang, &out.Lang + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInitParameters. +func (in *UserInitParameters) DeepCopy() *UserInitParameters { + if in == nil { + return nil + } + out := new(UserInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UserObservation) DeepCopyInto(out *UserObservation) { *out = *in + if in.DeviceType != nil { + in, out := &in.DeviceType, &out.DeviceType + *out = new(bool) + **out = **in + } + if in.Geo != nil { + in, out := &in.Geo, &out.Geo + *out = new(bool) + **out = **in + } + if in.Lang != nil { + in, out := &in.Lang, &out.Lang + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserObservation. diff --git a/apis/ruleset/v1alpha1/zz_generated.managed.go b/apis/ruleset/v1alpha1/zz_generated.managed.go index dfd2b21..f33cdb8 100644 --- a/apis/ruleset/v1alpha1/zz_generated.managed.go +++ b/apis/ruleset/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Ruleset) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Ruleset. +func (mg *Ruleset) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Ruleset. func (mg *Ruleset) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Ruleset. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Ruleset) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Ruleset. func (mg *Ruleset) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Ruleset) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Ruleset. +func (mg *Ruleset) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Ruleset. func (mg *Ruleset) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Ruleset. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Ruleset) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Ruleset. func (mg *Ruleset) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/ruleset/v1alpha1/zz_generated.resolvers.go b/apis/ruleset/v1alpha1/zz_generated.resolvers.go index 56256ba..2964ccf 100644 --- a/apis/ruleset/v1alpha1/zz_generated.resolvers.go +++ b/apis/ruleset/v1alpha1/zz_generated.resolvers.go @@ -53,5 +53,37 @@ func (mg *Ruleset) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/ruleset/v1alpha1/zz_groupversion_info.go b/apis/ruleset/v1alpha1/zz_groupversion_info.go index 334e1c7..fe8f131 100755 --- a/apis/ruleset/v1alpha1/zz_groupversion_info.go +++ b/apis/ruleset/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/ruleset/v1alpha1/zz_generated_terraformed.go b/apis/ruleset/v1alpha1/zz_ruleset_terraformed.go similarity index 69% rename from apis/ruleset/v1alpha1/zz_generated_terraformed.go rename to apis/ruleset/v1alpha1/zz_ruleset_terraformed.go index b3787d3..5ee699b 100755 --- a/apis/ruleset/v1alpha1/zz_generated_terraformed.go +++ b/apis/ruleset/v1alpha1/zz_ruleset_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this Ruleset @@ -69,6 +74,46 @@ func (tr *Ruleset) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Ruleset +func (tr *Ruleset) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Ruleset +func (tr *Ruleset) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + // LateInitialize this Ruleset using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Ruleset) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/ruleset/v1alpha1/zz_ruleset_types.go b/apis/ruleset/v1alpha1/zz_ruleset_types.go index 1ccd67b..4ab2fca 100755 --- a/apis/ruleset/v1alpha1/zz_ruleset_types.go +++ b/apis/ruleset/v1alpha1/zz_ruleset_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,690 +17,1947 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ActionParametersInitParameters struct { + + // (Boolean) Turn on or off Cloudflare Automatic HTTPS rewrites. + // Turn on or off Cloudflare Automatic HTTPS rewrites. + AutomaticHTTPSRewrites *bool `json:"automaticHttpsRewrites,omitempty" tf:"automatic_https_rewrites,omitempty"` + + // (Block List) Indicate which file extensions to minify automatically. (see below for nested schema) + // Indicate which file extensions to minify automatically. + Autominify []AutominifyInitParameters `json:"autominify,omitempty" tf:"autominify,omitempty"` + + // (Boolean) Inspect the visitor's browser for headers commonly associated with spammers and certain bots. + // Inspect the visitor's browser for headers commonly associated with spammers and certain bots. + Bic *bool `json:"bic,omitempty" tf:"bic,omitempty"` + + // (Block List, Max: 1) List of browser TTL parameters to apply to the request. (see below for nested schema) + // List of browser TTL parameters to apply to the request. + BrowserTTL []BrowserTTLInitParameters `json:"browserTtl,omitempty" tf:"browser_ttl,omitempty"` + + // (Boolean) Whether to cache if expression matches. + // Whether to cache if expression matches. + Cache *bool `json:"cache,omitempty" tf:"cache,omitempty"` + + // (Block List, Max: 1) List of cache key parameters to apply to the request. (see below for nested schema) + // List of cache key parameters to apply to the request. + CacheKey []CacheKeyInitParameters `json:"cacheKey,omitempty" tf:"cache_key,omitempty"` + + // (String) Content of the custom error response. + // Content of the custom error response. + Content *string `json:"content,omitempty" tf:"content,omitempty"` + + // Type of the custom error response. + // Content-Type of the custom error response. + ContentType *string `json:"contentType,omitempty" tf:"content_type,omitempty"` + + // (Set of String) List of cookie values to include as part of custom fields logging. + // List of cookie values to include as part of custom fields logging. + // +listType=set + CookieFields []*string `json:"cookieFields,omitempty" tf:"cookie_fields,omitempty"` + + // (Boolean) Turn off all active Cloudflare Apps. + // Turn off all active Cloudflare Apps. + DisableApps *bool `json:"disableApps,omitempty" tf:"disable_apps,omitempty"` + + // (Boolean) Turn off railgun feature of the Cloudflare Speed app. + // Turn off railgun feature of the Cloudflare Speed app. + DisableRailgun *bool `json:"disableRailgun,omitempty" tf:"disable_railgun,omitempty"` + + // (Boolean) Turn off zaraz feature. + // Turn off zaraz feature. + DisableZaraz *bool `json:"disableZaraz,omitempty" tf:"disable_zaraz,omitempty"` + + // (Block List, Max: 1) List of edge TTL parameters to apply to the request. (see below for nested schema) + // List of edge TTL parameters to apply to the request. + EdgeTTL []EdgeTTLInitParameters `json:"edgeTtl,omitempty" tf:"edge_ttl,omitempty"` + + // (Boolean) Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. + // Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. + EmailObfuscation *bool `json:"emailObfuscation,omitempty" tf:"email_obfuscation,omitempty"` + + // (Block List, Max: 1) Use a list to lookup information for the action. (see below for nested schema) + // Use a list to lookup information for the action. + FromList []FromListInitParameters `json:"fromList,omitempty" tf:"from_list,omitempty"` + + // (Block List, Max: 1) Use a value to lookup information for the action. (see below for nested schema) + // Use a value to lookup information for the action. + FromValue []FromValueInitParameters `json:"fromValue,omitempty" tf:"from_value,omitempty"` + + // (Block List) List of HTTP header modifications to perform in the ruleset rule. (see below for nested schema) + // List of HTTP header modifications to perform in the ruleset rule. + Headers []HeadersInitParameters `json:"headers,omitempty" tf:"headers,omitempty"` + + // (String) Host Header that request origin receives. + // Host Header that request origin receives. + HostHeader *string `json:"hostHeader,omitempty" tf:"host_header,omitempty"` + + // (Boolean) Turn on or off the hotlink protection feature. + // Turn on or off the hotlink protection feature. + HotlinkProtection *bool `json:"hotlinkProtection,omitempty" tf:"hotlink_protection,omitempty"` + + // (String) The ID of this resource. + // Identifier of the action parameter to modify. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Number) + Increment *float64 `json:"increment,omitempty" tf:"increment,omitempty"` + + // (Block List, Max: 1) List of properties to configure WAF payload logging. (see below for nested schema) + // List of properties to configure WAF payload logging. + MatchedData []MatchedDataInitParameters `json:"matchedData,omitempty" tf:"matched_data,omitempty"` + + // (Boolean) Turn on or off Cloudflare Mirage of the Cloudflare Speed app. + // Turn on or off Cloudflare Mirage of the Cloudflare Speed app. + Mirage *bool `json:"mirage,omitempty" tf:"mirage,omitempty"` + + // (Boolean) Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + // Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + OpportunisticEncryption *bool `json:"opportunisticEncryption,omitempty" tf:"opportunistic_encryption,omitempty"` + + // (Block List, Max: 1) List of properties to change request origin. (see below for nested schema) + // List of properties to change request origin. + Origin []OriginInitParameters `json:"origin,omitempty" tf:"origin,omitempty"` + + // through error page for origin. + // Pass-through error page for origin. + OriginErrorPagePassthru *bool `json:"originErrorPagePassthru,omitempty" tf:"origin_error_page_passthru,omitempty"` + + // (Block List, Max: 1) List of override configurations to apply to the ruleset. (see below for nested schema) + // List of override configurations to apply to the ruleset. + Overrides []OverridesInitParameters `json:"overrides,omitempty" tf:"overrides,omitempty"` + + // (Set of String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings. + // Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_late_transform_managed`, `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, `http_response_firewall_managed`, `http_response_headers_transform`, `http_response_headers_transform_managed`, `magic_transit`, `http_ratelimit`, `http_request_sbfm`, `http_config_settings`. + // +listType=set + Phases []*string `json:"phases,omitempty" tf:"phases,omitempty"` + + // (String) Apply options from the Polish feature of the Cloudflare Speed app. + // Apply options from the Polish feature of the Cloudflare Speed app. + Polish *string `json:"polish,omitempty" tf:"polish,omitempty"` + + // (Set of String) Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown. + // Products to target with the actions. Available values: `bic`, `hot`, `ratelimit`, `securityLevel`, `uablock`, `waf`, `zonelockdown`. + // +listType=set + Products []*string `json:"products,omitempty" tf:"products,omitempty"` + + // (Set of String) List of request headers to include as part of custom fields logging, in lowercase. + // List of request headers to include as part of custom fields logging, in lowercase. + // +listType=set + RequestFields []*string `json:"requestFields,omitempty" tf:"request_fields,omitempty"` + + // (Boolean) Respect strong ETags. + // Respect strong ETags. + RespectStrongEtags *bool `json:"respectStrongEtags,omitempty" tf:"respect_strong_etags,omitempty"` + + // (Block List) List of parameters that configure the response given to end users. (see below for nested schema) + // List of parameters that configure the response given to end users. + Response []ResponseInitParameters `json:"response,omitempty" tf:"response,omitempty"` + + // (Set of String) List of response headers to include as part of custom fields logging, in lowercase. + // List of response headers to include as part of custom fields logging, in lowercase. + // +listType=set + ResponseFields []*string `json:"responseFields,omitempty" tf:"response_fields,omitempty"` + + // (Boolean) Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. + // Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. + RocketLoader *bool `json:"rocketLoader,omitempty" tf:"rocket_loader,omitempty"` + + // (Block List) List of rules to apply to the ruleset. (see below for nested schema) + // Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: `rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }`. + // +mapType=granular + Rules map[string]*string `json:"rules,omitempty" tf:"rules,omitempty"` + + // (String) Which ruleset ID to target. + // Which ruleset ID to target. + Ruleset *string `json:"ruleset,omitempty" tf:"ruleset,omitempty"` + + // (Set of String) List of managed WAF rule IDs to target. Only valid when the "action" is set to skip. + // List of managed WAF rule IDs to target. Only valid when the `"action"` is set to skip. + // +listType=set + Rulesets []*string `json:"rulesets,omitempty" tf:"rulesets,omitempty"` + + // (String) Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + // Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + SSL *string `json:"ssl,omitempty" tf:"ssl,omitempty"` + + // (String) Control options for the Security Level feature from the Security app. + // Control options for the Security Level feature from the Security app. + SecurityLevel *string `json:"securityLevel,omitempty" tf:"security_level,omitempty"` + + // (Block List, Max: 1) List of serve stale parameters to apply to the request. (see below for nested schema) + // List of serve stale parameters to apply to the request. + ServeStale []ServeStaleInitParameters `json:"serveStale,omitempty" tf:"serve_stale,omitempty"` + + // (Boolean) Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. + // Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. + ServerSideExcludes *bool `json:"serverSideExcludes,omitempty" tf:"server_side_excludes,omitempty"` + + // (Block List, Max: 1) List of properties to manange Server Name Indication. (see below for nested schema) + // List of properties to manange Server Name Indication. + Sni []SniInitParameters `json:"sni,omitempty" tf:"sni,omitempty"` + + // (Number) HTTP status code of the custom error response. + // HTTP status code of the custom error response. + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + + // (Boolean) Turn on or off the SXG feature. + // Turn on or off the SXG feature. + Sxg *bool `json:"sxg,omitempty" tf:"sxg,omitempty"` + + // (Block List, Max: 1) List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. (see below for nested schema) + // List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. + URI []URIInitParameters `json:"uri,omitempty" tf:"uri,omitempty"` + + // (String) Version of the ruleset to deploy. + // Version of the ruleset to deploy. + Version *string `json:"version,omitempty" tf:"version,omitempty"` +} + type ActionParametersObservation struct { + // (Boolean) Turn on or off Cloudflare Automatic HTTPS rewrites. + // Turn on or off Cloudflare Automatic HTTPS rewrites. + AutomaticHTTPSRewrites *bool `json:"automaticHttpsRewrites,omitempty" tf:"automatic_https_rewrites,omitempty"` + + // (Block List) Indicate which file extensions to minify automatically. (see below for nested schema) + // Indicate which file extensions to minify automatically. + Autominify []AutominifyObservation `json:"autominify,omitempty" tf:"autominify,omitempty"` + + // (Boolean) Inspect the visitor's browser for headers commonly associated with spammers and certain bots. + // Inspect the visitor's browser for headers commonly associated with spammers and certain bots. + Bic *bool `json:"bic,omitempty" tf:"bic,omitempty"` + + // (Block List, Max: 1) List of browser TTL parameters to apply to the request. (see below for nested schema) + // List of browser TTL parameters to apply to the request. + BrowserTTL []BrowserTTLObservation `json:"browserTtl,omitempty" tf:"browser_ttl,omitempty"` + + // (Boolean) Whether to cache if expression matches. + // Whether to cache if expression matches. + Cache *bool `json:"cache,omitempty" tf:"cache,omitempty"` + + // (Block List, Max: 1) List of cache key parameters to apply to the request. (see below for nested schema) + // List of cache key parameters to apply to the request. + CacheKey []CacheKeyObservation `json:"cacheKey,omitempty" tf:"cache_key,omitempty"` + + // (String) Content of the custom error response. + // Content of the custom error response. + Content *string `json:"content,omitempty" tf:"content,omitempty"` + + // Type of the custom error response. + // Content-Type of the custom error response. + ContentType *string `json:"contentType,omitempty" tf:"content_type,omitempty"` + + // (Set of String) List of cookie values to include as part of custom fields logging. + // List of cookie values to include as part of custom fields logging. + // +listType=set + CookieFields []*string `json:"cookieFields,omitempty" tf:"cookie_fields,omitempty"` + + // (Boolean) Turn off all active Cloudflare Apps. + // Turn off all active Cloudflare Apps. + DisableApps *bool `json:"disableApps,omitempty" tf:"disable_apps,omitempty"` + + // (Boolean) Turn off railgun feature of the Cloudflare Speed app. + // Turn off railgun feature of the Cloudflare Speed app. + DisableRailgun *bool `json:"disableRailgun,omitempty" tf:"disable_railgun,omitempty"` + + // (Boolean) Turn off zaraz feature. + // Turn off zaraz feature. + DisableZaraz *bool `json:"disableZaraz,omitempty" tf:"disable_zaraz,omitempty"` + + // (Block List, Max: 1) List of edge TTL parameters to apply to the request. (see below for nested schema) + // List of edge TTL parameters to apply to the request. + EdgeTTL []EdgeTTLObservation `json:"edgeTtl,omitempty" tf:"edge_ttl,omitempty"` + + // (Boolean) Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. + // Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. + EmailObfuscation *bool `json:"emailObfuscation,omitempty" tf:"email_obfuscation,omitempty"` + + // (Block List, Max: 1) Use a list to lookup information for the action. (see below for nested schema) + // Use a list to lookup information for the action. + FromList []FromListObservation `json:"fromList,omitempty" tf:"from_list,omitempty"` + + // (Block List, Max: 1) Use a value to lookup information for the action. (see below for nested schema) + // Use a value to lookup information for the action. + FromValue []FromValueObservation `json:"fromValue,omitempty" tf:"from_value,omitempty"` + + // (Block List) List of HTTP header modifications to perform in the ruleset rule. (see below for nested schema) + // List of HTTP header modifications to perform in the ruleset rule. + Headers []HeadersObservation `json:"headers,omitempty" tf:"headers,omitempty"` + + // (String) Host Header that request origin receives. + // Host Header that request origin receives. + HostHeader *string `json:"hostHeader,omitempty" tf:"host_header,omitempty"` + + // (Boolean) Turn on or off the hotlink protection feature. + // Turn on or off the hotlink protection feature. + HotlinkProtection *bool `json:"hotlinkProtection,omitempty" tf:"hotlink_protection,omitempty"` + + // (String) The ID of this resource. + // Identifier of the action parameter to modify. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Number) + Increment *float64 `json:"increment,omitempty" tf:"increment,omitempty"` + + // (Block List, Max: 1) List of properties to configure WAF payload logging. (see below for nested schema) + // List of properties to configure WAF payload logging. + MatchedData []MatchedDataObservation `json:"matchedData,omitempty" tf:"matched_data,omitempty"` + + // (Boolean) Turn on or off Cloudflare Mirage of the Cloudflare Speed app. + // Turn on or off Cloudflare Mirage of the Cloudflare Speed app. + Mirage *bool `json:"mirage,omitempty" tf:"mirage,omitempty"` + + // (Boolean) Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + // Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + OpportunisticEncryption *bool `json:"opportunisticEncryption,omitempty" tf:"opportunistic_encryption,omitempty"` + + // (Block List, Max: 1) List of properties to change request origin. (see below for nested schema) + // List of properties to change request origin. + Origin []OriginObservation `json:"origin,omitempty" tf:"origin,omitempty"` + + // through error page for origin. + // Pass-through error page for origin. + OriginErrorPagePassthru *bool `json:"originErrorPagePassthru,omitempty" tf:"origin_error_page_passthru,omitempty"` + + // (Block List, Max: 1) List of override configurations to apply to the ruleset. (see below for nested schema) // List of override configurations to apply to the ruleset. - // +kubebuilder:validation:Optional Overrides []OverridesObservation `json:"overrides,omitempty" tf:"overrides,omitempty"` + + // (Set of String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings. + // Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_late_transform_managed`, `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, `http_response_firewall_managed`, `http_response_headers_transform`, `http_response_headers_transform_managed`, `magic_transit`, `http_ratelimit`, `http_request_sbfm`, `http_config_settings`. + // +listType=set + Phases []*string `json:"phases,omitempty" tf:"phases,omitempty"` + + // (String) Apply options from the Polish feature of the Cloudflare Speed app. + // Apply options from the Polish feature of the Cloudflare Speed app. + Polish *string `json:"polish,omitempty" tf:"polish,omitempty"` + + // (Set of String) Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown. + // Products to target with the actions. Available values: `bic`, `hot`, `ratelimit`, `securityLevel`, `uablock`, `waf`, `zonelockdown`. + // +listType=set + Products []*string `json:"products,omitempty" tf:"products,omitempty"` + + // (Set of String) List of request headers to include as part of custom fields logging, in lowercase. + // List of request headers to include as part of custom fields logging, in lowercase. + // +listType=set + RequestFields []*string `json:"requestFields,omitempty" tf:"request_fields,omitempty"` + + // (Boolean) Respect strong ETags. + // Respect strong ETags. + RespectStrongEtags *bool `json:"respectStrongEtags,omitempty" tf:"respect_strong_etags,omitempty"` + + // (Block List) List of parameters that configure the response given to end users. (see below for nested schema) + // List of parameters that configure the response given to end users. + Response []ResponseObservation `json:"response,omitempty" tf:"response,omitempty"` + + // (Set of String) List of response headers to include as part of custom fields logging, in lowercase. + // List of response headers to include as part of custom fields logging, in lowercase. + // +listType=set + ResponseFields []*string `json:"responseFields,omitempty" tf:"response_fields,omitempty"` + + // (Boolean) Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. + // Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. + RocketLoader *bool `json:"rocketLoader,omitempty" tf:"rocket_loader,omitempty"` + + // (Block List) List of rules to apply to the ruleset. (see below for nested schema) + // Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: `rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }`. + // +mapType=granular + Rules map[string]*string `json:"rules,omitempty" tf:"rules,omitempty"` + + // (String) Which ruleset ID to target. + // Which ruleset ID to target. + Ruleset *string `json:"ruleset,omitempty" tf:"ruleset,omitempty"` + + // (Set of String) List of managed WAF rule IDs to target. Only valid when the "action" is set to skip. + // List of managed WAF rule IDs to target. Only valid when the `"action"` is set to skip. + // +listType=set + Rulesets []*string `json:"rulesets,omitempty" tf:"rulesets,omitempty"` + + // (String) Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + // Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + SSL *string `json:"ssl,omitempty" tf:"ssl,omitempty"` + + // (String) Control options for the Security Level feature from the Security app. + // Control options for the Security Level feature from the Security app. + SecurityLevel *string `json:"securityLevel,omitempty" tf:"security_level,omitempty"` + + // (Block List, Max: 1) List of serve stale parameters to apply to the request. (see below for nested schema) + // List of serve stale parameters to apply to the request. + ServeStale []ServeStaleObservation `json:"serveStale,omitempty" tf:"serve_stale,omitempty"` + + // (Boolean) Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. + // Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. + ServerSideExcludes *bool `json:"serverSideExcludes,omitempty" tf:"server_side_excludes,omitempty"` + + // (Block List, Max: 1) List of properties to manange Server Name Indication. (see below for nested schema) + // List of properties to manange Server Name Indication. + Sni []SniObservation `json:"sni,omitempty" tf:"sni,omitempty"` + + // (Number) HTTP status code of the custom error response. + // HTTP status code of the custom error response. + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + + // (Boolean) Turn on or off the SXG feature. + // Turn on or off the SXG feature. + Sxg *bool `json:"sxg,omitempty" tf:"sxg,omitempty"` + + // (Block List, Max: 1) List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. (see below for nested schema) + // List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. + URI []URIObservation `json:"uri,omitempty" tf:"uri,omitempty"` + + // (String) Version of the ruleset to deploy. + // Version of the ruleset to deploy. + Version *string `json:"version,omitempty" tf:"version,omitempty"` } type ActionParametersParameters struct { + // (Boolean) Turn on or off Cloudflare Automatic HTTPS rewrites. // Turn on or off Cloudflare Automatic HTTPS rewrites. // +kubebuilder:validation:Optional AutomaticHTTPSRewrites *bool `json:"automaticHttpsRewrites,omitempty" tf:"automatic_https_rewrites,omitempty"` + // (Block List) Indicate which file extensions to minify automatically. (see below for nested schema) // Indicate which file extensions to minify automatically. // +kubebuilder:validation:Optional Autominify []AutominifyParameters `json:"autominify,omitempty" tf:"autominify,omitempty"` + // (Boolean) Inspect the visitor's browser for headers commonly associated with spammers and certain bots. // Inspect the visitor's browser for headers commonly associated with spammers and certain bots. // +kubebuilder:validation:Optional Bic *bool `json:"bic,omitempty" tf:"bic,omitempty"` + // (Block List, Max: 1) List of browser TTL parameters to apply to the request. (see below for nested schema) // List of browser TTL parameters to apply to the request. // +kubebuilder:validation:Optional BrowserTTL []BrowserTTLParameters `json:"browserTtl,omitempty" tf:"browser_ttl,omitempty"` + // (Boolean) Whether to cache if expression matches. // Whether to cache if expression matches. // +kubebuilder:validation:Optional Cache *bool `json:"cache,omitempty" tf:"cache,omitempty"` + // (Block List, Max: 1) List of cache key parameters to apply to the request. (see below for nested schema) // List of cache key parameters to apply to the request. // +kubebuilder:validation:Optional CacheKey []CacheKeyParameters `json:"cacheKey,omitempty" tf:"cache_key,omitempty"` + // (String) Content of the custom error response. // Content of the custom error response. // +kubebuilder:validation:Optional Content *string `json:"content,omitempty" tf:"content,omitempty"` + // Type of the custom error response. // Content-Type of the custom error response. // +kubebuilder:validation:Optional ContentType *string `json:"contentType,omitempty" tf:"content_type,omitempty"` + // (Set of String) List of cookie values to include as part of custom fields logging. // List of cookie values to include as part of custom fields logging. // +kubebuilder:validation:Optional + // +listType=set CookieFields []*string `json:"cookieFields,omitempty" tf:"cookie_fields,omitempty"` + // (Boolean) Turn off all active Cloudflare Apps. // Turn off all active Cloudflare Apps. // +kubebuilder:validation:Optional DisableApps *bool `json:"disableApps,omitempty" tf:"disable_apps,omitempty"` + // (Boolean) Turn off railgun feature of the Cloudflare Speed app. // Turn off railgun feature of the Cloudflare Speed app. // +kubebuilder:validation:Optional DisableRailgun *bool `json:"disableRailgun,omitempty" tf:"disable_railgun,omitempty"` + // (Boolean) Turn off zaraz feature. // Turn off zaraz feature. // +kubebuilder:validation:Optional DisableZaraz *bool `json:"disableZaraz,omitempty" tf:"disable_zaraz,omitempty"` + // (Block List, Max: 1) List of edge TTL parameters to apply to the request. (see below for nested schema) // List of edge TTL parameters to apply to the request. // +kubebuilder:validation:Optional EdgeTTL []EdgeTTLParameters `json:"edgeTtl,omitempty" tf:"edge_ttl,omitempty"` + // (Boolean) Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. // Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. // +kubebuilder:validation:Optional EmailObfuscation *bool `json:"emailObfuscation,omitempty" tf:"email_obfuscation,omitempty"` + // (Block List, Max: 1) Use a list to lookup information for the action. (see below for nested schema) // Use a list to lookup information for the action. // +kubebuilder:validation:Optional FromList []FromListParameters `json:"fromList,omitempty" tf:"from_list,omitempty"` + // (Block List, Max: 1) Use a value to lookup information for the action. (see below for nested schema) // Use a value to lookup information for the action. // +kubebuilder:validation:Optional FromValue []FromValueParameters `json:"fromValue,omitempty" tf:"from_value,omitempty"` + // (Block List) List of HTTP header modifications to perform in the ruleset rule. (see below for nested schema) // List of HTTP header modifications to perform in the ruleset rule. // +kubebuilder:validation:Optional Headers []HeadersParameters `json:"headers,omitempty" tf:"headers,omitempty"` + // (String) Host Header that request origin receives. // Host Header that request origin receives. // +kubebuilder:validation:Optional HostHeader *string `json:"hostHeader,omitempty" tf:"host_header,omitempty"` + // (Boolean) Turn on or off the hotlink protection feature. // Turn on or off the hotlink protection feature. // +kubebuilder:validation:Optional HotlinkProtection *bool `json:"hotlinkProtection,omitempty" tf:"hotlink_protection,omitempty"` + // (String) The ID of this resource. // Identifier of the action parameter to modify. // +kubebuilder:validation:Optional ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (Number) // +kubebuilder:validation:Optional Increment *float64 `json:"increment,omitempty" tf:"increment,omitempty"` + // (Block List, Max: 1) List of properties to configure WAF payload logging. (see below for nested schema) // List of properties to configure WAF payload logging. // +kubebuilder:validation:Optional MatchedData []MatchedDataParameters `json:"matchedData,omitempty" tf:"matched_data,omitempty"` + // (Boolean) Turn on or off Cloudflare Mirage of the Cloudflare Speed app. // Turn on or off Cloudflare Mirage of the Cloudflare Speed app. // +kubebuilder:validation:Optional Mirage *bool `json:"mirage,omitempty" tf:"mirage,omitempty"` + // (Boolean) Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. // Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. // +kubebuilder:validation:Optional OpportunisticEncryption *bool `json:"opportunisticEncryption,omitempty" tf:"opportunistic_encryption,omitempty"` + // (Block List, Max: 1) List of properties to change request origin. (see below for nested schema) // List of properties to change request origin. // +kubebuilder:validation:Optional Origin []OriginParameters `json:"origin,omitempty" tf:"origin,omitempty"` + // through error page for origin. // Pass-through error page for origin. // +kubebuilder:validation:Optional OriginErrorPagePassthru *bool `json:"originErrorPagePassthru,omitempty" tf:"origin_error_page_passthru,omitempty"` + // (Block List, Max: 1) List of override configurations to apply to the ruleset. (see below for nested schema) // List of override configurations to apply to the ruleset. // +kubebuilder:validation:Optional Overrides []OverridesParameters `json:"overrides,omitempty" tf:"overrides,omitempty"` + // (Set of String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings. // Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_late_transform_managed`, `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, `http_response_firewall_managed`, `http_response_headers_transform`, `http_response_headers_transform_managed`, `magic_transit`, `http_ratelimit`, `http_request_sbfm`, `http_config_settings`. // +kubebuilder:validation:Optional + // +listType=set Phases []*string `json:"phases,omitempty" tf:"phases,omitempty"` + // (String) Apply options from the Polish feature of the Cloudflare Speed app. // Apply options from the Polish feature of the Cloudflare Speed app. // +kubebuilder:validation:Optional Polish *string `json:"polish,omitempty" tf:"polish,omitempty"` + // (Set of String) Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown. // Products to target with the actions. Available values: `bic`, `hot`, `ratelimit`, `securityLevel`, `uablock`, `waf`, `zonelockdown`. // +kubebuilder:validation:Optional + // +listType=set Products []*string `json:"products,omitempty" tf:"products,omitempty"` + // (Set of String) List of request headers to include as part of custom fields logging, in lowercase. // List of request headers to include as part of custom fields logging, in lowercase. // +kubebuilder:validation:Optional + // +listType=set RequestFields []*string `json:"requestFields,omitempty" tf:"request_fields,omitempty"` + // (Boolean) Respect strong ETags. // Respect strong ETags. // +kubebuilder:validation:Optional RespectStrongEtags *bool `json:"respectStrongEtags,omitempty" tf:"respect_strong_etags,omitempty"` + // (Block List) List of parameters that configure the response given to end users. (see below for nested schema) // List of parameters that configure the response given to end users. // +kubebuilder:validation:Optional Response []ResponseParameters `json:"response,omitempty" tf:"response,omitempty"` + // (Set of String) List of response headers to include as part of custom fields logging, in lowercase. // List of response headers to include as part of custom fields logging, in lowercase. // +kubebuilder:validation:Optional + // +listType=set ResponseFields []*string `json:"responseFields,omitempty" tf:"response_fields,omitempty"` + // (Boolean) Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. // Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. // +kubebuilder:validation:Optional RocketLoader *bool `json:"rocketLoader,omitempty" tf:"rocket_loader,omitempty"` + // (Block List) List of rules to apply to the ruleset. (see below for nested schema) // Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: `rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }`. // +kubebuilder:validation:Optional + // +mapType=granular Rules map[string]*string `json:"rules,omitempty" tf:"rules,omitempty"` + // (String) Which ruleset ID to target. // Which ruleset ID to target. // +kubebuilder:validation:Optional Ruleset *string `json:"ruleset,omitempty" tf:"ruleset,omitempty"` + // (Set of String) List of managed WAF rule IDs to target. Only valid when the "action" is set to skip. // List of managed WAF rule IDs to target. Only valid when the `"action"` is set to skip. // +kubebuilder:validation:Optional + // +listType=set Rulesets []*string `json:"rulesets,omitempty" tf:"rulesets,omitempty"` + // (String) Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. // Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. // +kubebuilder:validation:Optional SSL *string `json:"ssl,omitempty" tf:"ssl,omitempty"` + // (String) Control options for the Security Level feature from the Security app. // Control options for the Security Level feature from the Security app. // +kubebuilder:validation:Optional SecurityLevel *string `json:"securityLevel,omitempty" tf:"security_level,omitempty"` + // (Block List, Max: 1) List of serve stale parameters to apply to the request. (see below for nested schema) // List of serve stale parameters to apply to the request. // +kubebuilder:validation:Optional ServeStale []ServeStaleParameters `json:"serveStale,omitempty" tf:"serve_stale,omitempty"` + // (Boolean) Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. // Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. // +kubebuilder:validation:Optional ServerSideExcludes *bool `json:"serverSideExcludes,omitempty" tf:"server_side_excludes,omitempty"` + // (Block List, Max: 1) List of properties to manange Server Name Indication. (see below for nested schema) // List of properties to manange Server Name Indication. // +kubebuilder:validation:Optional Sni []SniParameters `json:"sni,omitempty" tf:"sni,omitempty"` + // (Number) HTTP status code of the custom error response. // HTTP status code of the custom error response. // +kubebuilder:validation:Optional StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + // (Boolean) Turn on or off the SXG feature. // Turn on or off the SXG feature. // +kubebuilder:validation:Optional Sxg *bool `json:"sxg,omitempty" tf:"sxg,omitempty"` + // (Block List, Max: 1) List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. (see below for nested schema) // List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. // +kubebuilder:validation:Optional URI []URIParameters `json:"uri,omitempty" tf:"uri,omitempty"` + // (String) Version of the ruleset to deploy. // Version of the ruleset to deploy. // +kubebuilder:validation:Optional Version *string `json:"version,omitempty" tf:"version,omitempty"` } +type AutominifyInitParameters struct { + + // (Boolean) SSL minification. + // SSL minification. + CSS *bool `json:"css,omitempty" tf:"css,omitempty"` + + // (Boolean) HTML minification. + // HTML minification. + HTML *bool `json:"html,omitempty" tf:"html,omitempty"` + + // (Boolean) JS minification. + // JS minification. + Js *bool `json:"js,omitempty" tf:"js,omitempty"` +} + type AutominifyObservation struct { + + // (Boolean) SSL minification. + // SSL minification. + CSS *bool `json:"css,omitempty" tf:"css,omitempty"` + + // (Boolean) HTML minification. + // HTML minification. + HTML *bool `json:"html,omitempty" tf:"html,omitempty"` + + // (Boolean) JS minification. + // JS minification. + Js *bool `json:"js,omitempty" tf:"js,omitempty"` } type AutominifyParameters struct { + // (Boolean) SSL minification. // SSL minification. // +kubebuilder:validation:Optional CSS *bool `json:"css,omitempty" tf:"css,omitempty"` + // (Boolean) HTML minification. // HTML minification. // +kubebuilder:validation:Optional HTML *bool `json:"html,omitempty" tf:"html,omitempty"` + // (Boolean) JS minification. // JS minification. // +kubebuilder:validation:Optional Js *bool `json:"js,omitempty" tf:"js,omitempty"` } +type BrowserTTLInitParameters struct { + + // (Number) Default browser TTL. + // Default browser TTL. + Default *float64 `json:"default,omitempty" tf:"default,omitempty"` + + // (String) Mode of the browser TTL. + // Mode of the browser TTL. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` +} + type BrowserTTLObservation struct { + + // (Number) Default browser TTL. + // Default browser TTL. + Default *float64 `json:"default,omitempty" tf:"default,omitempty"` + + // (String) Mode of the browser TTL. + // Mode of the browser TTL. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` } type BrowserTTLParameters struct { + // (Number) Default browser TTL. // Default browser TTL. // +kubebuilder:validation:Optional Default *float64 `json:"default,omitempty" tf:"default,omitempty"` + // (String) Mode of the browser TTL. // Mode of the browser TTL. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Mode *string `json:"mode" tf:"mode,omitempty"` } +type CacheKeyInitParameters struct { + + // (Boolean) Cache by device type. Conflicts with "custom_key.user.device_type". + // Cache by device type. Conflicts with "custom_key.user.device_type". + CacheByDeviceType *bool `json:"cacheByDeviceType,omitempty" tf:"cache_by_device_type,omitempty"` + + // (Boolean) Cache deception armor. + // Cache deception armor. + CacheDeceptionArmor *bool `json:"cacheDeceptionArmor,omitempty" tf:"cache_deception_armor,omitempty"` + + // (Block List, Max: 1) Custom key parameters for the request. (see below for nested schema) + // Custom key parameters for the request. + CustomKey []CustomKeyInitParameters `json:"customKey,omitempty" tf:"custom_key,omitempty"` + + // (Boolean) Ignore query strings order. + // Ignore query strings order. + IgnoreQueryStringsOrder *bool `json:"ignoreQueryStringsOrder,omitempty" tf:"ignore_query_strings_order,omitempty"` +} + type CacheKeyObservation struct { + + // (Boolean) Cache by device type. Conflicts with "custom_key.user.device_type". + // Cache by device type. Conflicts with "custom_key.user.device_type". + CacheByDeviceType *bool `json:"cacheByDeviceType,omitempty" tf:"cache_by_device_type,omitempty"` + + // (Boolean) Cache deception armor. + // Cache deception armor. + CacheDeceptionArmor *bool `json:"cacheDeceptionArmor,omitempty" tf:"cache_deception_armor,omitempty"` + + // (Block List, Max: 1) Custom key parameters for the request. (see below for nested schema) + // Custom key parameters for the request. + CustomKey []CustomKeyObservation `json:"customKey,omitempty" tf:"custom_key,omitempty"` + + // (Boolean) Ignore query strings order. + // Ignore query strings order. + IgnoreQueryStringsOrder *bool `json:"ignoreQueryStringsOrder,omitempty" tf:"ignore_query_strings_order,omitempty"` } type CacheKeyParameters struct { + // (Boolean) Cache by device type. Conflicts with "custom_key.user.device_type". // Cache by device type. Conflicts with "custom_key.user.device_type". // +kubebuilder:validation:Optional CacheByDeviceType *bool `json:"cacheByDeviceType,omitempty" tf:"cache_by_device_type,omitempty"` + // (Boolean) Cache deception armor. // Cache deception armor. // +kubebuilder:validation:Optional CacheDeceptionArmor *bool `json:"cacheDeceptionArmor,omitempty" tf:"cache_deception_armor,omitempty"` + // (Block List, Max: 1) Custom key parameters for the request. (see below for nested schema) // Custom key parameters for the request. // +kubebuilder:validation:Optional CustomKey []CustomKeyParameters `json:"customKey,omitempty" tf:"custom_key,omitempty"` + // (Boolean) Ignore query strings order. // Ignore query strings order. // +kubebuilder:validation:Optional IgnoreQueryStringsOrder *bool `json:"ignoreQueryStringsOrder,omitempty" tf:"ignore_query_strings_order,omitempty"` } +type CategoriesInitParameters struct { + + // (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + // Action to perform in the tag-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // (String) Tag name to apply the ruleset rule override to. + // Tag name to apply the ruleset rule override to. + Category *string `json:"category,omitempty" tf:"category,omitempty"` + + // level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + // Defines if the current tag-level override enables or disables the ruleset rules with the specified tag. Available values: `enabled`, `disabled`. Defaults to `""`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` +} + type CategoriesObservation struct { + // (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + // Action to perform in the tag-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // (String) Tag name to apply the ruleset rule override to. + // Tag name to apply the ruleset rule override to. + Category *string `json:"category,omitempty" tf:"category,omitempty"` + + // (Boolean) Whether the rule is active. // Defines if the current tag-level override enables or disables the ruleset rules with the specified tag. Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + // Defines if the current tag-level override enables or disables the ruleset rules with the specified tag. Available values: `enabled`, `disabled`. Defaults to `""`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` } type CategoriesParameters struct { + // (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. // Action to perform in the tag-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. // +kubebuilder:validation:Optional Action *string `json:"action,omitempty" tf:"action,omitempty"` + // (String) Tag name to apply the ruleset rule override to. // Tag name to apply the ruleset rule override to. // +kubebuilder:validation:Optional Category *string `json:"category,omitempty" tf:"category,omitempty"` + // level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". // Defines if the current tag-level override enables or disables the ruleset rules with the specified tag. Available values: `enabled`, `disabled`. Defaults to `""`. // +kubebuilder:validation:Optional Status *string `json:"status,omitempty" tf:"status,omitempty"` } +type CookieInitParameters struct { + + // (List of String) List of cookies to check for presence in the custom key. + // List of cookies to check for presence in the custom key. + CheckPresence []*string `json:"checkPresence,omitempty" tf:"check_presence,omitempty"` + + // (List of String) List of cookies to include in the custom key. + // List of cookies to include in the custom key. + Include []*string `json:"include,omitempty" tf:"include,omitempty"` +} + type CookieObservation struct { + + // (List of String) List of cookies to check for presence in the custom key. + // List of cookies to check for presence in the custom key. + CheckPresence []*string `json:"checkPresence,omitempty" tf:"check_presence,omitempty"` + + // (List of String) List of cookies to include in the custom key. + // List of cookies to include in the custom key. + Include []*string `json:"include,omitempty" tf:"include,omitempty"` } type CookieParameters struct { + // (List of String) List of cookies to check for presence in the custom key. // List of cookies to check for presence in the custom key. // +kubebuilder:validation:Optional CheckPresence []*string `json:"checkPresence,omitempty" tf:"check_presence,omitempty"` + // (List of String) List of cookies to include in the custom key. // List of cookies to include in the custom key. // +kubebuilder:validation:Optional Include []*string `json:"include,omitempty" tf:"include,omitempty"` } +type CustomKeyInitParameters struct { + + // (Block List, Max: 1) Cookie parameters for the custom key. (see below for nested schema) + // Cookie parameters for the custom key. + Cookie []CookieInitParameters `json:"cookie,omitempty" tf:"cookie,omitempty"` + + // (Block List, Max: 1) Header parameters for the custom key. (see below for nested schema) + // Header parameters for the custom key. + Header []HeaderInitParameters `json:"header,omitempty" tf:"header,omitempty"` + + // (Block List, Max: 1) Host parameters for the custom key. (see below for nested schema) + // Host parameters for the custom key. + Host []HostInitParameters `json:"host,omitempty" tf:"host,omitempty"` + + // (Block List, Max: 1) Query string parameters for the custom key. (see below for nested schema) + // Query string parameters for the custom key. + QueryString []QueryStringInitParameters `json:"queryString,omitempty" tf:"query_string,omitempty"` + + // (Block List, Max: 1) User parameters for the custom key. (see below for nested schema) + // User parameters for the custom key. + User []UserInitParameters `json:"user,omitempty" tf:"user,omitempty"` +} + type CustomKeyObservation struct { + + // (Block List, Max: 1) Cookie parameters for the custom key. (see below for nested schema) + // Cookie parameters for the custom key. + Cookie []CookieObservation `json:"cookie,omitempty" tf:"cookie,omitempty"` + + // (Block List, Max: 1) Header parameters for the custom key. (see below for nested schema) + // Header parameters for the custom key. + Header []HeaderObservation `json:"header,omitempty" tf:"header,omitempty"` + + // (Block List, Max: 1) Host parameters for the custom key. (see below for nested schema) + // Host parameters for the custom key. + Host []HostObservation `json:"host,omitempty" tf:"host,omitempty"` + + // (Block List, Max: 1) Query string parameters for the custom key. (see below for nested schema) + // Query string parameters for the custom key. + QueryString []QueryStringObservation `json:"queryString,omitempty" tf:"query_string,omitempty"` + + // (Block List, Max: 1) User parameters for the custom key. (see below for nested schema) + // User parameters for the custom key. + User []UserObservation `json:"user,omitempty" tf:"user,omitempty"` } type CustomKeyParameters struct { + // (Block List, Max: 1) Cookie parameters for the custom key. (see below for nested schema) // Cookie parameters for the custom key. // +kubebuilder:validation:Optional Cookie []CookieParameters `json:"cookie,omitempty" tf:"cookie,omitempty"` + // (Block List, Max: 1) Header parameters for the custom key. (see below for nested schema) // Header parameters for the custom key. // +kubebuilder:validation:Optional Header []HeaderParameters `json:"header,omitempty" tf:"header,omitempty"` + // (Block List, Max: 1) Host parameters for the custom key. (see below for nested schema) // Host parameters for the custom key. // +kubebuilder:validation:Optional Host []HostParameters `json:"host,omitempty" tf:"host,omitempty"` + // (Block List, Max: 1) Query string parameters for the custom key. (see below for nested schema) // Query string parameters for the custom key. // +kubebuilder:validation:Optional QueryString []QueryStringParameters `json:"queryString,omitempty" tf:"query_string,omitempty"` + // (Block List, Max: 1) User parameters for the custom key. (see below for nested schema) // User parameters for the custom key. // +kubebuilder:validation:Optional User []UserParameters `json:"user,omitempty" tf:"user,omitempty"` } +type EdgeTTLInitParameters struct { + + // (Number) Default browser TTL. + // Default edge TTL. + Default *float64 `json:"default,omitempty" tf:"default,omitempty"` + + // (String) Mode of the browser TTL. + // Mode of the edge TTL. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // (Block List) Edge TTL for the status codes. (see below for nested schema) + // Edge TTL for the status codes. + StatusCodeTTL []StatusCodeTTLInitParameters `json:"statusCodeTtl,omitempty" tf:"status_code_ttl,omitempty"` +} + type EdgeTTLObservation struct { + + // (Number) Default browser TTL. + // Default edge TTL. + Default *float64 `json:"default,omitempty" tf:"default,omitempty"` + + // (String) Mode of the browser TTL. + // Mode of the edge TTL. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // (Block List) Edge TTL for the status codes. (see below for nested schema) + // Edge TTL for the status codes. + StatusCodeTTL []StatusCodeTTLObservation `json:"statusCodeTtl,omitempty" tf:"status_code_ttl,omitempty"` } type EdgeTTLParameters struct { + // (Number) Default browser TTL. // Default edge TTL. // +kubebuilder:validation:Optional Default *float64 `json:"default,omitempty" tf:"default,omitempty"` + // (String) Mode of the browser TTL. // Mode of the edge TTL. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Mode *string `json:"mode" tf:"mode,omitempty"` + // (Block List) Edge TTL for the status codes. (see below for nested schema) // Edge TTL for the status codes. // +kubebuilder:validation:Optional StatusCodeTTL []StatusCodeTTLParameters `json:"statusCodeTtl,omitempty" tf:"status_code_ttl,omitempty"` } -type ExposedCredentialCheckObservation struct { +type ExposedCredentialCheckInitParameters struct { + + // (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language. + // Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). + PasswordExpression *string `json:"passwordExpression,omitempty" tf:"password_expression,omitempty"` + + // (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language. + // Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). + UsernameExpression *string `json:"usernameExpression,omitempty" tf:"username_expression,omitempty"` +} + +type ExposedCredentialCheckObservation struct { + + // (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language. + // Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). + PasswordExpression *string `json:"passwordExpression,omitempty" tf:"password_expression,omitempty"` + + // (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language. + // Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). + UsernameExpression *string `json:"usernameExpression,omitempty" tf:"username_expression,omitempty"` } type ExposedCredentialCheckParameters struct { + // (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language. // Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). // +kubebuilder:validation:Optional PasswordExpression *string `json:"passwordExpression,omitempty" tf:"password_expression,omitempty"` + // (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language. // Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). // +kubebuilder:validation:Optional UsernameExpression *string `json:"usernameExpression,omitempty" tf:"username_expression,omitempty"` } +type FromListInitParameters struct { + + // (String) Expression to use for the list lookup. + // Expression to use for the list lookup. + Key *string `json:"key,omitempty" tf:"key,omitempty"` + + // (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + // Name of the list. + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type FromListObservation struct { + + // (String) Expression to use for the list lookup. + // Expression to use for the list lookup. + Key *string `json:"key,omitempty" tf:"key,omitempty"` + + // (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + // Name of the list. + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type FromListParameters struct { + // (String) Expression to use for the list lookup. // Expression to use for the list lookup. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Key *string `json:"key" tf:"key,omitempty"` + // (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. // Name of the list. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` } +type FromValueInitParameters struct { + + // (Boolean) Preserve query string for redirect URL. + // Preserve query string for redirect URL. + PreserveQueryString *bool `json:"preserveQueryString,omitempty" tf:"preserve_query_string,omitempty"` + + // (Number) HTTP status code of the custom error response. + // Status code for redirect. + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + + // (Block List, Max: 1) Target URL for redirect. (see below for nested schema) + // Target URL for redirect. + TargetURL []TargetURLInitParameters `json:"targetUrl,omitempty" tf:"target_url,omitempty"` +} + type FromValueObservation struct { + + // (Boolean) Preserve query string for redirect URL. + // Preserve query string for redirect URL. + PreserveQueryString *bool `json:"preserveQueryString,omitempty" tf:"preserve_query_string,omitempty"` + + // (Number) HTTP status code of the custom error response. + // Status code for redirect. + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + + // (Block List, Max: 1) Target URL for redirect. (see below for nested schema) + // Target URL for redirect. + TargetURL []TargetURLObservation `json:"targetUrl,omitempty" tf:"target_url,omitempty"` } type FromValueParameters struct { + // (Boolean) Preserve query string for redirect URL. // Preserve query string for redirect URL. // +kubebuilder:validation:Optional PreserveQueryString *bool `json:"preserveQueryString,omitempty" tf:"preserve_query_string,omitempty"` + // (Number) HTTP status code of the custom error response. // Status code for redirect. // +kubebuilder:validation:Optional StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + // (Block List, Max: 1) Target URL for redirect. (see below for nested schema) // Target URL for redirect. // +kubebuilder:validation:Optional TargetURL []TargetURLParameters `json:"targetUrl,omitempty" tf:"target_url,omitempty"` } +type HeaderInitParameters struct { + + // (List of String) List of cookies to check for presence in the custom key. + // List of headers to check for presence in the custom key. + CheckPresence []*string `json:"checkPresence,omitempty" tf:"check_presence,omitempty"` + + // (Boolean) Exclude the origin header from the custom key. + // Exclude the origin header from the custom key. + ExcludeOrigin *bool `json:"excludeOrigin,omitempty" tf:"exclude_origin,omitempty"` + + // (List of String) List of cookies to include in the custom key. + // List of headers to include in the custom key. + Include []*string `json:"include,omitempty" tf:"include,omitempty"` +} + type HeaderObservation struct { + + // (List of String) List of cookies to check for presence in the custom key. + // List of headers to check for presence in the custom key. + CheckPresence []*string `json:"checkPresence,omitempty" tf:"check_presence,omitempty"` + + // (Boolean) Exclude the origin header from the custom key. + // Exclude the origin header from the custom key. + ExcludeOrigin *bool `json:"excludeOrigin,omitempty" tf:"exclude_origin,omitempty"` + + // (List of String) List of cookies to include in the custom key. + // List of headers to include in the custom key. + Include []*string `json:"include,omitempty" tf:"include,omitempty"` } type HeaderParameters struct { + // (List of String) List of cookies to check for presence in the custom key. // List of headers to check for presence in the custom key. // +kubebuilder:validation:Optional CheckPresence []*string `json:"checkPresence,omitempty" tf:"check_presence,omitempty"` + // (Boolean) Exclude the origin header from the custom key. // Exclude the origin header from the custom key. // +kubebuilder:validation:Optional ExcludeOrigin *bool `json:"excludeOrigin,omitempty" tf:"exclude_origin,omitempty"` + // (List of String) List of cookies to include in the custom key. // List of headers to include in the custom key. // +kubebuilder:validation:Optional Include []*string `json:"include,omitempty" tf:"include,omitempty"` } +type HeadersInitParameters struct { + + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + // Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. Conflicts with `"value"`. + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + // Name of the HTTP request header to target. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) Action to perform on the HTTP request header. Available values: remove, set. + // Action to perform on the HTTP request header. Available values: `remove`, `set`. + Operation *string `json:"operation,omitempty" tf:"operation,omitempty"` + + // (Number) Status code edge TTL value. + // Static value to provide as the HTTP request header value. Conflicts with `"expression"`. + Value *string `json:"value,omitempty" tf:"value,omitempty"` +} + type HeadersObservation struct { + + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + // Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. Conflicts with `"value"`. + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + // Name of the HTTP request header to target. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) Action to perform on the HTTP request header. Available values: remove, set. + // Action to perform on the HTTP request header. Available values: `remove`, `set`. + Operation *string `json:"operation,omitempty" tf:"operation,omitempty"` + + // (Number) Status code edge TTL value. + // Static value to provide as the HTTP request header value. Conflicts with `"expression"`. + Value *string `json:"value,omitempty" tf:"value,omitempty"` } type HeadersParameters struct { + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. // Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. Conflicts with `"value"`. // +kubebuilder:validation:Optional Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + // (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. // Name of the HTTP request header to target. // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) Action to perform on the HTTP request header. Available values: remove, set. // Action to perform on the HTTP request header. Available values: `remove`, `set`. // +kubebuilder:validation:Optional Operation *string `json:"operation,omitempty" tf:"operation,omitempty"` + // (Number) Status code edge TTL value. // Static value to provide as the HTTP request header value. Conflicts with `"expression"`. // +kubebuilder:validation:Optional Value *string `json:"value,omitempty" tf:"value,omitempty"` } +type HostInitParameters struct { + + // (Boolean) Resolve hostname to IP address. + // Resolve hostname to IP address. + Resolved *bool `json:"resolved,omitempty" tf:"resolved,omitempty"` +} + type HostObservation struct { + + // (Boolean) Resolve hostname to IP address. + // Resolve hostname to IP address. + Resolved *bool `json:"resolved,omitempty" tf:"resolved,omitempty"` } type HostParameters struct { + // (Boolean) Resolve hostname to IP address. // Resolve hostname to IP address. // +kubebuilder:validation:Optional Resolved *bool `json:"resolved,omitempty" tf:"resolved,omitempty"` } +type LoggingInitParameters struct { + + // level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + // Override the default logging behavior when a rule is matched. Available values: `enabled`, `disabled`. Defaults to `""`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` +} + type LoggingObservation struct { + // (Boolean) Whether the rule is active. // Override the default logging behavior when a rule is matched. Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + // Override the default logging behavior when a rule is matched. Available values: `enabled`, `disabled`. Defaults to `""`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` } type LoggingParameters struct { + // level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". // Override the default logging behavior when a rule is matched. Available values: `enabled`, `disabled`. Defaults to `""`. // +kubebuilder:validation:Optional Status *string `json:"status,omitempty" tf:"status,omitempty"` } +type MatchedDataInitParameters struct { + + // (String) Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the or in the Cloudflare dashboard. + // Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key [using the `matched-data-cli` command-line tool](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/command-line/generate-key-pair) or [in the Cloudflare dashboard](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/configure). + PublicKey *string `json:"publicKey,omitempty" tf:"public_key,omitempty"` +} + type MatchedDataObservation struct { + + // (String) Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the or in the Cloudflare dashboard. + // Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key [using the `matched-data-cli` command-line tool](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/command-line/generate-key-pair) or [in the Cloudflare dashboard](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/configure). + PublicKey *string `json:"publicKey,omitempty" tf:"public_key,omitempty"` } type MatchedDataParameters struct { + // (String) Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the or in the Cloudflare dashboard. // Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key [using the `matched-data-cli` command-line tool](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/command-line/generate-key-pair) or [in the Cloudflare dashboard](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/configure). // +kubebuilder:validation:Optional PublicKey *string `json:"publicKey,omitempty" tf:"public_key,omitempty"` } +type OriginInitParameters struct { + + // (Block List, Max: 1) Host parameters for the custom key. (see below for nested schema) + // Origin Hostname where request is sent. + Host *string `json:"host,omitempty" tf:"host,omitempty"` + + // (Number) Origin Port where request is sent. + // Origin Port where request is sent. + Port *float64 `json:"port,omitempty" tf:"port,omitempty"` +} + type OriginObservation struct { + + // (Block List, Max: 1) Host parameters for the custom key. (see below for nested schema) + // Origin Hostname where request is sent. + Host *string `json:"host,omitempty" tf:"host,omitempty"` + + // (Number) Origin Port where request is sent. + // Origin Port where request is sent. + Port *float64 `json:"port,omitempty" tf:"port,omitempty"` } type OriginParameters struct { + // (Block List, Max: 1) Host parameters for the custom key. (see below for nested schema) // Origin Hostname where request is sent. // +kubebuilder:validation:Optional Host *string `json:"host,omitempty" tf:"host,omitempty"` + // (Number) Origin Port where request is sent. // Origin Port where request is sent. // +kubebuilder:validation:Optional Port *float64 `json:"port,omitempty" tf:"port,omitempty"` } +type OverridesInitParameters struct { + + // (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + // Action to perform in the rule-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // based overrides. (see below for nested schema) + // List of tag-based overrides. + Categories []CategoriesInitParameters `json:"categories,omitempty" tf:"categories,omitempty"` + + // (Block List) List of rules to apply to the ruleset. (see below for nested schema) + // List of rule-based overrides. + Rules []OverridesRulesInitParameters `json:"rules,omitempty" tf:"rules,omitempty"` + + // (String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff. + // Sensitivity level to override for all ruleset rules. Available values: `default`, `medium`, `low`, `eoff`. + SensitivityLevel *string `json:"sensitivityLevel,omitempty" tf:"sensitivity_level,omitempty"` + + // level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + // Defines if the current ruleset-level override enables or disables the ruleset. Available values: `enabled`, `disabled`. Defaults to `""`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` +} + type OverridesObservation struct { + // (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + // Action to perform in the rule-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // based overrides. (see below for nested schema) // List of tag-based overrides. - // +kubebuilder:validation:Optional Categories []CategoriesObservation `json:"categories,omitempty" tf:"categories,omitempty"` + // (Boolean) Whether the rule is active. // Defines if the current ruleset-level override enables or disables the ruleset. Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // (Block List) List of rules to apply to the ruleset. (see below for nested schema) // List of rule-based overrides. - // +kubebuilder:validation:Optional Rules []OverridesRulesObservation `json:"rules,omitempty" tf:"rules,omitempty"` + + // (String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff. + // Sensitivity level to override for all ruleset rules. Available values: `default`, `medium`, `low`, `eoff`. + SensitivityLevel *string `json:"sensitivityLevel,omitempty" tf:"sensitivity_level,omitempty"` + + // level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + // Defines if the current ruleset-level override enables or disables the ruleset. Available values: `enabled`, `disabled`. Defaults to `""`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` } type OverridesParameters struct { + // (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. // Action to perform in the rule-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. // +kubebuilder:validation:Optional Action *string `json:"action,omitempty" tf:"action,omitempty"` + // based overrides. (see below for nested schema) // List of tag-based overrides. // +kubebuilder:validation:Optional Categories []CategoriesParameters `json:"categories,omitempty" tf:"categories,omitempty"` + // (Block List) List of rules to apply to the ruleset. (see below for nested schema) // List of rule-based overrides. // +kubebuilder:validation:Optional Rules []OverridesRulesParameters `json:"rules,omitempty" tf:"rules,omitempty"` + // (String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff. // Sensitivity level to override for all ruleset rules. Available values: `default`, `medium`, `low`, `eoff`. // +kubebuilder:validation:Optional SensitivityLevel *string `json:"sensitivityLevel,omitempty" tf:"sensitivity_level,omitempty"` + // level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". // Defines if the current ruleset-level override enables or disables the ruleset. Available values: `enabled`, `disabled`. Defaults to `""`. // +kubebuilder:validation:Optional Status *string `json:"status,omitempty" tf:"status,omitempty"` } +type OverridesRulesInitParameters struct { + + // (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + // Action to perform in the rule-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // (String) The ID of this resource. + // Rule ID to apply the override to. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // based rulesets. + // Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets. + ScoreThreshold *float64 `json:"scoreThreshold,omitempty" tf:"score_threshold,omitempty"` + + // (String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff. + // Sensitivity level for a ruleset rule override. + SensitivityLevel *string `json:"sensitivityLevel,omitempty" tf:"sensitivity_level,omitempty"` + + // level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + // Defines if the current rule-level override enables or disables the rule. Available values: `enabled`, `disabled`. Defaults to `""`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` +} + type OverridesRulesObservation struct { + // (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + // Action to perform in the rule-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // (Boolean) Whether the rule is active. // Defines if the current rule-level override enables or disables the rule. Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The ID of this resource. + // Rule ID to apply the override to. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // based rulesets. + // Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets. + ScoreThreshold *float64 `json:"scoreThreshold,omitempty" tf:"score_threshold,omitempty"` + + // (String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff. + // Sensitivity level for a ruleset rule override. + SensitivityLevel *string `json:"sensitivityLevel,omitempty" tf:"sensitivity_level,omitempty"` + + // level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + // Defines if the current rule-level override enables or disables the rule. Available values: `enabled`, `disabled`. Defaults to `""`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` } type OverridesRulesParameters struct { + // (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. // Action to perform in the rule-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. // +kubebuilder:validation:Optional Action *string `json:"action,omitempty" tf:"action,omitempty"` + // (String) The ID of this resource. // Rule ID to apply the override to. // +kubebuilder:validation:Optional ID *string `json:"id,omitempty" tf:"id,omitempty"` + // based rulesets. // Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets. // +kubebuilder:validation:Optional ScoreThreshold *float64 `json:"scoreThreshold,omitempty" tf:"score_threshold,omitempty"` + // (String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff. // Sensitivity level for a ruleset rule override. // +kubebuilder:validation:Optional SensitivityLevel *string `json:"sensitivityLevel,omitempty" tf:"sensitivity_level,omitempty"` + // level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". // Defines if the current rule-level override enables or disables the rule. Available values: `enabled`, `disabled`. Defaults to `""`. // +kubebuilder:validation:Optional Status *string `json:"status,omitempty" tf:"status,omitempty"` } +type PathInitParameters struct { + + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + // Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (Number) Status code edge TTL value. + // Static string value of the updated URI path or query string component. + Value *string `json:"value,omitempty" tf:"value,omitempty"` +} + type PathObservation struct { + + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + // Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (Number) Status code edge TTL value. + // Static string value of the updated URI path or query string component. + Value *string `json:"value,omitempty" tf:"value,omitempty"` } type PathParameters struct { + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. // Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. // +kubebuilder:validation:Optional Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + // (Number) Status code edge TTL value. // Static string value of the updated URI path or query string component. // +kubebuilder:validation:Optional Value *string `json:"value,omitempty" tf:"value,omitempty"` } +type QueryInitParameters struct { + + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + // Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (Number) Status code edge TTL value. + // Static string value of the updated URI path or query string component. + Value *string `json:"value,omitempty" tf:"value,omitempty"` +} + type QueryObservation struct { + + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + // Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (Number) Status code edge TTL value. + // Static string value of the updated URI path or query string component. + Value *string `json:"value,omitempty" tf:"value,omitempty"` } type QueryParameters struct { + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. // Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. // +kubebuilder:validation:Optional Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` - // Static string value of the updated URI path or query string component. - // +kubebuilder:validation:Optional - Value *string `json:"value,omitempty" tf:"value,omitempty"` + // (Number) Status code edge TTL value. + // Static string value of the updated URI path or query string component. + // +kubebuilder:validation:Optional + Value *string `json:"value,omitempty" tf:"value,omitempty"` +} + +type QueryStringInitParameters struct { + + // (List of String) List of query string parameters to exclude from the custom key. Conflicts with "include". + // List of query string parameters to exclude from the custom key. Conflicts with "include". + Exclude []*string `json:"exclude,omitempty" tf:"exclude,omitempty"` + + // (List of String) List of cookies to include in the custom key. + // List of query string parameters to include in the custom key. Conflicts with "exclude". + Include []*string `json:"include,omitempty" tf:"include,omitempty"` +} + +type QueryStringObservation struct { + + // (List of String) List of query string parameters to exclude from the custom key. Conflicts with "include". + // List of query string parameters to exclude from the custom key. Conflicts with "include". + Exclude []*string `json:"exclude,omitempty" tf:"exclude,omitempty"` + + // (List of String) List of cookies to include in the custom key. + // List of query string parameters to include in the custom key. Conflicts with "exclude". + Include []*string `json:"include,omitempty" tf:"include,omitempty"` +} + +type QueryStringParameters struct { + + // (List of String) List of query string parameters to exclude from the custom key. Conflicts with "include". + // List of query string parameters to exclude from the custom key. Conflicts with "include". + // +kubebuilder:validation:Optional + Exclude []*string `json:"exclude,omitempty" tf:"exclude,omitempty"` + + // (List of String) List of cookies to include in the custom key. + // List of query string parameters to include in the custom key. Conflicts with "exclude". + // +kubebuilder:validation:Optional + Include []*string `json:"include,omitempty" tf:"include,omitempty"` +} + +type RatelimitInitParameters struct { + + // (Set of String) List of parameters that define how Cloudflare tracks the request rate for this rule. + // List of parameters that define how Cloudflare tracks the request rate for this rule. + // +listType=set + Characteristics []*string `json:"characteristics,omitempty" tf:"characteristics,omitempty"` + + // (String) Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + // Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + CountingExpression *string `json:"countingExpression,omitempty" tf:"counting_expression,omitempty"` + + // (Number) Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. + // Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. + MitigationTimeout *float64 `json:"mitigationTimeout,omitempty" tf:"mitigation_timeout,omitempty"` + + // (Number) The period of time to consider (in seconds) when evaluating the request rate. + // The period of time to consider (in seconds) when evaluating the request rate. + Period *float64 `json:"period,omitempty" tf:"period,omitempty"` + + // (Number) The number of requests over the period of time that will trigger the Rate Limiting rule. + // The number of requests over the period of time that will trigger the Rate Limiting rule. + RequestsPerPeriod *float64 `json:"requestsPerPeriod,omitempty" tf:"requests_per_period,omitempty"` + + // (Boolean) Whether to include requests to origin within the Rate Limiting count. + // Whether to include requests to origin within the Rate Limiting count. + RequestsToOrigin *bool `json:"requestsToOrigin,omitempty" tf:"requests_to_origin,omitempty"` } -type QueryStringObservation struct { -} +type RatelimitObservation struct { -type QueryStringParameters struct { + // (Set of String) List of parameters that define how Cloudflare tracks the request rate for this rule. + // List of parameters that define how Cloudflare tracks the request rate for this rule. + // +listType=set + Characteristics []*string `json:"characteristics,omitempty" tf:"characteristics,omitempty"` - // List of query string parameters to exclude from the custom key. Conflicts with "include". - // +kubebuilder:validation:Optional - Exclude []*string `json:"exclude,omitempty" tf:"exclude,omitempty"` + // (String) Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + // Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + CountingExpression *string `json:"countingExpression,omitempty" tf:"counting_expression,omitempty"` - // List of query string parameters to include in the custom key. Conflicts with "exclude". - // +kubebuilder:validation:Optional - Include []*string `json:"include,omitempty" tf:"include,omitempty"` -} + // (Number) Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. + // Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. + MitigationTimeout *float64 `json:"mitigationTimeout,omitempty" tf:"mitigation_timeout,omitempty"` -type RatelimitObservation struct { + // (Number) The period of time to consider (in seconds) when evaluating the request rate. + // The period of time to consider (in seconds) when evaluating the request rate. + Period *float64 `json:"period,omitempty" tf:"period,omitempty"` + + // (Number) The number of requests over the period of time that will trigger the Rate Limiting rule. + // The number of requests over the period of time that will trigger the Rate Limiting rule. + RequestsPerPeriod *float64 `json:"requestsPerPeriod,omitempty" tf:"requests_per_period,omitempty"` + + // (Boolean) Whether to include requests to origin within the Rate Limiting count. + // Whether to include requests to origin within the Rate Limiting count. + RequestsToOrigin *bool `json:"requestsToOrigin,omitempty" tf:"requests_to_origin,omitempty"` } type RatelimitParameters struct { + // (Set of String) List of parameters that define how Cloudflare tracks the request rate for this rule. // List of parameters that define how Cloudflare tracks the request rate for this rule. // +kubebuilder:validation:Optional + // +listType=set Characteristics []*string `json:"characteristics,omitempty" tf:"characteristics,omitempty"` + // (String) Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. // Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. // +kubebuilder:validation:Optional CountingExpression *string `json:"countingExpression,omitempty" tf:"counting_expression,omitempty"` + // (Number) Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. // Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. // +kubebuilder:validation:Optional MitigationTimeout *float64 `json:"mitigationTimeout,omitempty" tf:"mitigation_timeout,omitempty"` + // (Number) The period of time to consider (in seconds) when evaluating the request rate. // The period of time to consider (in seconds) when evaluating the request rate. // +kubebuilder:validation:Optional Period *float64 `json:"period,omitempty" tf:"period,omitempty"` + // (Number) The number of requests over the period of time that will trigger the Rate Limiting rule. // The number of requests over the period of time that will trigger the Rate Limiting rule. // +kubebuilder:validation:Optional RequestsPerPeriod *float64 `json:"requestsPerPeriod,omitempty" tf:"requests_per_period,omitempty"` + // (Boolean) Whether to include requests to origin within the Rate Limiting count. // Whether to include requests to origin within the Rate Limiting count. // +kubebuilder:validation:Optional RequestsToOrigin *bool `json:"requestsToOrigin,omitempty" tf:"requests_to_origin,omitempty"` } +type ResponseInitParameters struct { + + // (String) Content of the custom error response. + // Body content to include in the response. + Content *string `json:"content,omitempty" tf:"content,omitempty"` + + // Type of the custom error response. + // HTTP content type to send in the response. + ContentType *string `json:"contentType,omitempty" tf:"content_type,omitempty"` + + // (Number) HTTP status code of the custom error response. + // HTTP status code to send in the response. + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` +} + type ResponseObservation struct { + + // (String) Content of the custom error response. + // Body content to include in the response. + Content *string `json:"content,omitempty" tf:"content,omitempty"` + + // Type of the custom error response. + // HTTP content type to send in the response. + ContentType *string `json:"contentType,omitempty" tf:"content_type,omitempty"` + + // (Number) HTTP status code of the custom error response. + // HTTP status code to send in the response. + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` } type ResponseParameters struct { + // (String) Content of the custom error response. // Body content to include in the response. // +kubebuilder:validation:Optional Content *string `json:"content,omitempty" tf:"content,omitempty"` + // Type of the custom error response. // HTTP content type to send in the response. // +kubebuilder:validation:Optional ContentType *string `json:"contentType,omitempty" tf:"content_type,omitempty"` + // (Number) HTTP status code of the custom error response. // HTTP status code to send in the response. // +kubebuilder:validation:Optional StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` } +type RulesInitParameters struct { + + // (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + // Action to perform in the ruleset rule. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // (Block List, Max: 1) List of parameters that configure the behavior of the ruleset rule action. (see below for nested schema) + // List of parameters that configure the behavior of the ruleset rule action. + ActionParameters []ActionParametersInitParameters `json:"actionParameters,omitempty" tf:"action_parameters,omitempty"` + + // (String) Brief summary of the ruleset and its intended use. + // Brief summary of the ruleset rule and its intended use. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Boolean) Whether the rule is active. + // Whether the rule is active. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (Block List, Max: 1) List of parameters that configure exposed credential checks. (see below for nested schema) + // List of parameters that configure exposed credential checks. + ExposedCredentialCheck []ExposedCredentialCheckInitParameters `json:"exposedCredentialCheck,omitempty" tf:"exposed_credential_check,omitempty"` + + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + // Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (Block List, Max: 1) List parameters to configure how the rule generates logs. (see below for nested schema) + // List parameters to configure how the rule generates logs. + Logging []LoggingInitParameters `json:"logging,omitempty" tf:"logging,omitempty"` + + // (Block List, Max: 1) List of parameters that configure HTTP rate limiting behaviour. (see below for nested schema) + // List of parameters that configure HTTP rate limiting behaviour. + Ratelimit []RatelimitInitParameters `json:"ratelimit,omitempty" tf:"ratelimit,omitempty"` +} + type RulesObservation struct { + // (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + // Action to perform in the ruleset rule. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // (Block List, Max: 1) List of parameters that configure the behavior of the ruleset rule action. (see below for nested schema) // List of parameters that configure the behavior of the ruleset rule action. - // +kubebuilder:validation:Optional ActionParameters []ActionParametersObservation `json:"actionParameters,omitempty" tf:"action_parameters,omitempty"` + // (String) Brief summary of the ruleset and its intended use. + // Brief summary of the ruleset rule and its intended use. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Boolean) Whether the rule is active. + // Whether the rule is active. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (Block List, Max: 1) List of parameters that configure exposed credential checks. (see below for nested schema) + // List of parameters that configure exposed credential checks. + ExposedCredentialCheck []ExposedCredentialCheckObservation `json:"exposedCredentialCheck,omitempty" tf:"exposed_credential_check,omitempty"` + + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + // Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (String) The ID of this resource. // Unique rule identifier. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (Block List, Max: 1) List parameters to configure how the rule generates logs. (see below for nested schema) // List parameters to configure how the rule generates logs. - // +kubebuilder:validation:Optional Logging []LoggingObservation `json:"logging,omitempty" tf:"logging,omitempty"` + // (Block List, Max: 1) List of parameters that configure HTTP rate limiting behaviour. (see below for nested schema) + // List of parameters that configure HTTP rate limiting behaviour. + Ratelimit []RatelimitObservation `json:"ratelimit,omitempty" tf:"ratelimit,omitempty"` + + // (String) Rule reference. // Rule reference. Ref *string `json:"ref,omitempty" tf:"ref,omitempty"` + // (String) Version of the ruleset to deploy. // Version of the ruleset to deploy. Version *string `json:"version,omitempty" tf:"version,omitempty"` } type RulesParameters struct { + // (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. // Action to perform in the ruleset rule. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. // +kubebuilder:validation:Optional Action *string `json:"action,omitempty" tf:"action,omitempty"` + // (Block List, Max: 1) List of parameters that configure the behavior of the ruleset rule action. (see below for nested schema) // List of parameters that configure the behavior of the ruleset rule action. // +kubebuilder:validation:Optional ActionParameters []ActionParametersParameters `json:"actionParameters,omitempty" tf:"action_parameters,omitempty"` + // (String) Brief summary of the ruleset and its intended use. // Brief summary of the ruleset rule and its intended use. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (Boolean) Whether the rule is active. // Whether the rule is active. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // (Block List, Max: 1) List of parameters that configure exposed credential checks. (see below for nested schema) // List of parameters that configure exposed credential checks. // +kubebuilder:validation:Optional ExposedCredentialCheck []ExposedCredentialCheckParameters `json:"exposedCredentialCheck,omitempty" tf:"exposed_credential_check,omitempty"` + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. // Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Expression *string `json:"expression" tf:"expression,omitempty"` + // (Block List, Max: 1) List parameters to configure how the rule generates logs. (see below for nested schema) // List parameters to configure how the rule generates logs. // +kubebuilder:validation:Optional Logging []LoggingParameters `json:"logging,omitempty" tf:"logging,omitempty"` + // (Block List, Max: 1) List of parameters that configure HTTP rate limiting behaviour. (see below for nested schema) // List of parameters that configure HTTP rate limiting behaviour. // +kubebuilder:validation:Optional Ratelimit []RatelimitParameters `json:"ratelimit,omitempty" tf:"ratelimit,omitempty"` } +type RulesetInitParameters struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) Brief summary of the ruleset and its intended use. + // Brief summary of the ruleset and its intended use. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) Type of Ruleset to create. Available values: custom, managed, root, schema, zone. + // Type of Ruleset to create. Available values: `custom`, `managed`, `root`, `schema`, `zone`. + Kind *string `json:"kind,omitempty" tf:"kind,omitempty"` + + // (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + // Name of the ruleset. **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings. + // Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_late_transform_managed`, `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, `http_response_firewall_managed`, `http_response_headers_transform`, `http_response_headers_transform_managed`, `magic_transit`, `http_ratelimit`, `http_request_sbfm`, `http_config_settings`. + Phase *string `json:"phase,omitempty" tf:"phase,omitempty"` + + // (Block List) List of rules to apply to the ruleset. (see below for nested schema) + // List of rules to apply to the ruleset. + Rules []RulesInitParameters `json:"rules,omitempty" tf:"rules,omitempty"` + + // (String) Name of entitlement that is shareable between entities. + // Name of entitlement that is shareable between entities. + ShareableEntitlementName *string `json:"shareableEntitlementName,omitempty" tf:"shareable_entitlement_name,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type RulesetObservation struct { + + // (String) The account identifier to target for the resource. Conflicts with zone_id. + // The account identifier to target for the resource. Conflicts with `zone_id`. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) Brief summary of the ruleset and its intended use. + // Brief summary of the ruleset and its intended use. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (String) Type of Ruleset to create. Available values: custom, managed, root, schema, zone. + // Type of Ruleset to create. Available values: `custom`, `managed`, `root`, `schema`, `zone`. + Kind *string `json:"kind,omitempty" tf:"kind,omitempty"` + + // (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + // Name of the ruleset. **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings. + // Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_late_transform_managed`, `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, `http_response_firewall_managed`, `http_response_headers_transform`, `http_response_headers_transform_managed`, `magic_transit`, `http_ratelimit`, `http_request_sbfm`, `http_config_settings`. + Phase *string `json:"phase,omitempty" tf:"phase,omitempty"` + + // (Block List) List of rules to apply to the ruleset. (see below for nested schema) // List of rules to apply to the ruleset. - // +kubebuilder:validation:Optional Rules []RulesObservation `json:"rules,omitempty" tf:"rules,omitempty"` + + // (String) Name of entitlement that is shareable between entities. + // Name of entitlement that is shareable between entities. + ShareableEntitlementName *string `json:"shareableEntitlementName,omitempty" tf:"shareable_entitlement_name,omitempty"` + + // (String) The zone identifier to target for the resource. Conflicts with account_id. + // The zone identifier to target for the resource. Conflicts with `account_id`. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type RulesetParameters struct { + // (String) The account identifier to target for the resource. Conflicts with zone_id. // The account identifier to target for the resource. Conflicts with `zone_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -710,30 +1971,37 @@ type RulesetParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) Brief summary of the ruleset and its intended use. // Brief summary of the ruleset and its intended use. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (String) Type of Ruleset to create. Available values: custom, managed, root, schema, zone. // Type of Ruleset to create. Available values: `custom`, `managed`, `root`, `schema`, `zone`. - // +kubebuilder:validation:Required - Kind *string `json:"kind" tf:"kind,omitempty"` + // +kubebuilder:validation:Optional + Kind *string `json:"kind,omitempty" tf:"kind,omitempty"` + // (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. // Name of the ruleset. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings. // Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_late_transform_managed`, `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, `http_response_firewall_managed`, `http_response_headers_transform`, `http_response_headers_transform_managed`, `magic_transit`, `http_ratelimit`, `http_request_sbfm`, `http_config_settings`. - // +kubebuilder:validation:Required - Phase *string `json:"phase" tf:"phase,omitempty"` + // +kubebuilder:validation:Optional + Phase *string `json:"phase,omitempty" tf:"phase,omitempty"` + // (Block List) List of rules to apply to the ruleset. (see below for nested schema) // List of rules to apply to the ruleset. // +kubebuilder:validation:Optional Rules []RulesParameters `json:"rules,omitempty" tf:"rules,omitempty"` + // (String) Name of entitlement that is shareable between entities. // Name of entitlement that is shareable between entities. // +kubebuilder:validation:Optional ShareableEntitlementName *string `json:"shareableEntitlementName,omitempty" tf:"shareable_entitlement_name,omitempty"` + // (String) The zone identifier to target for the resource. Conflicts with account_id. // The zone identifier to target for the resource. Conflicts with `account_id`. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -748,102 +2016,256 @@ type RulesetParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type ServeStaleInitParameters struct { + + // (Boolean) Disable stale while updating. + // Disable stale while updating. + DisableStaleWhileUpdating *bool `json:"disableStaleWhileUpdating,omitempty" tf:"disable_stale_while_updating,omitempty"` +} + type ServeStaleObservation struct { + + // (Boolean) Disable stale while updating. + // Disable stale while updating. + DisableStaleWhileUpdating *bool `json:"disableStaleWhileUpdating,omitempty" tf:"disable_stale_while_updating,omitempty"` } type ServeStaleParameters struct { + // (Boolean) Disable stale while updating. // Disable stale while updating. // +kubebuilder:validation:Optional DisableStaleWhileUpdating *bool `json:"disableStaleWhileUpdating,omitempty" tf:"disable_stale_while_updating,omitempty"` } +type SniInitParameters struct { + + // (Number) Status code edge TTL value. + // Value to define for SNI. + Value *string `json:"value,omitempty" tf:"value,omitempty"` +} + type SniObservation struct { + + // (Number) Status code edge TTL value. + // Value to define for SNI. + Value *string `json:"value,omitempty" tf:"value,omitempty"` } type SniParameters struct { + // (Number) Status code edge TTL value. // Value to define for SNI. // +kubebuilder:validation:Optional Value *string `json:"value,omitempty" tf:"value,omitempty"` } +type StatusCodeRangeInitParameters struct { + + // (Number) From status code. + // From status code. + From *float64 `json:"from,omitempty" tf:"from,omitempty"` + + // (Number) To status code. + // To status code. + To *float64 `json:"to,omitempty" tf:"to,omitempty"` +} + type StatusCodeRangeObservation struct { + + // (Number) From status code. + // From status code. + From *float64 `json:"from,omitempty" tf:"from,omitempty"` + + // (Number) To status code. + // To status code. + To *float64 `json:"to,omitempty" tf:"to,omitempty"` } type StatusCodeRangeParameters struct { + // (Number) From status code. // From status code. // +kubebuilder:validation:Optional From *float64 `json:"from,omitempty" tf:"from,omitempty"` + // (Number) To status code. // To status code. // +kubebuilder:validation:Optional To *float64 `json:"to,omitempty" tf:"to,omitempty"` } +type StatusCodeTTLInitParameters struct { + + // (Number) HTTP status code of the custom error response. + // Status code for which the edge TTL is applied. Conflicts with "status_code_range". + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + + // (Block List) Status code range for which the edge TTL is applied. Conflicts with "status_code". (see below for nested schema) + // Status code range for which the edge TTL is applied. Conflicts with "status_code". + StatusCodeRange []StatusCodeRangeInitParameters `json:"statusCodeRange,omitempty" tf:"status_code_range,omitempty"` + + // (Number) Status code edge TTL value. + // Status code edge TTL value. + Value *float64 `json:"value,omitempty" tf:"value,omitempty"` +} + type StatusCodeTTLObservation struct { + + // (Number) HTTP status code of the custom error response. + // Status code for which the edge TTL is applied. Conflicts with "status_code_range". + StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + + // (Block List) Status code range for which the edge TTL is applied. Conflicts with "status_code". (see below for nested schema) + // Status code range for which the edge TTL is applied. Conflicts with "status_code". + StatusCodeRange []StatusCodeRangeObservation `json:"statusCodeRange,omitempty" tf:"status_code_range,omitempty"` + + // (Number) Status code edge TTL value. + // Status code edge TTL value. + Value *float64 `json:"value,omitempty" tf:"value,omitempty"` } type StatusCodeTTLParameters struct { + // (Number) HTTP status code of the custom error response. // Status code for which the edge TTL is applied. Conflicts with "status_code_range". // +kubebuilder:validation:Optional StatusCode *float64 `json:"statusCode,omitempty" tf:"status_code,omitempty"` + // (Block List) Status code range for which the edge TTL is applied. Conflicts with "status_code". (see below for nested schema) // Status code range for which the edge TTL is applied. Conflicts with "status_code". // +kubebuilder:validation:Optional StatusCodeRange []StatusCodeRangeParameters `json:"statusCodeRange,omitempty" tf:"status_code_range,omitempty"` + // (Number) Status code edge TTL value. // Status code edge TTL value. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Value *float64 `json:"value" tf:"value,omitempty"` } +type TargetURLInitParameters struct { + + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + // Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. Conflicts with `"value"`. + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (Number) Status code edge TTL value. + // Static value to provide as the HTTP request header value. Conflicts with `"expression"`. + Value *string `json:"value,omitempty" tf:"value,omitempty"` +} + type TargetURLObservation struct { + + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + // Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. Conflicts with `"value"`. + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (Number) Status code edge TTL value. + // Static value to provide as the HTTP request header value. Conflicts with `"expression"`. + Value *string `json:"value,omitempty" tf:"value,omitempty"` } type TargetURLParameters struct { + // (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. // Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. Conflicts with `"value"`. // +kubebuilder:validation:Optional Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + // (Number) Status code edge TTL value. // Static value to provide as the HTTP request header value. Conflicts with `"expression"`. // +kubebuilder:validation:Optional Value *string `json:"value,omitempty" tf:"value,omitempty"` } +type URIInitParameters struct { + + // (Block List, Max: 1) List of properties to change request origin. (see below for nested schema) + Origin *bool `json:"origin,omitempty" tf:"origin,omitempty"` + + // (Block List, Max: 1) URI path configuration when performing a URL rewrite. (see below for nested schema) + // URI path configuration when performing a URL rewrite. + Path []PathInitParameters `json:"path,omitempty" tf:"path,omitempty"` + + // (Block List, Max: 1) Query string configuration when performing a URL rewrite. (see below for nested schema) + // Query string configuration when performing a URL rewrite. + Query []QueryInitParameters `json:"query,omitempty" tf:"query,omitempty"` +} + type URIObservation struct { + + // (Block List, Max: 1) List of properties to change request origin. (see below for nested schema) + Origin *bool `json:"origin,omitempty" tf:"origin,omitempty"` + + // (Block List, Max: 1) URI path configuration when performing a URL rewrite. (see below for nested schema) + // URI path configuration when performing a URL rewrite. + Path []PathObservation `json:"path,omitempty" tf:"path,omitempty"` + + // (Block List, Max: 1) Query string configuration when performing a URL rewrite. (see below for nested schema) + // Query string configuration when performing a URL rewrite. + Query []QueryObservation `json:"query,omitempty" tf:"query,omitempty"` } type URIParameters struct { + // (Block List, Max: 1) List of properties to change request origin. (see below for nested schema) // +kubebuilder:validation:Optional Origin *bool `json:"origin,omitempty" tf:"origin,omitempty"` + // (Block List, Max: 1) URI path configuration when performing a URL rewrite. (see below for nested schema) // URI path configuration when performing a URL rewrite. // +kubebuilder:validation:Optional Path []PathParameters `json:"path,omitempty" tf:"path,omitempty"` + // (Block List, Max: 1) Query string configuration when performing a URL rewrite. (see below for nested schema) // Query string configuration when performing a URL rewrite. // +kubebuilder:validation:Optional Query []QueryParameters `json:"query,omitempty" tf:"query,omitempty"` } +type UserInitParameters struct { + + // (Boolean) Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". + // Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". + DeviceType *bool `json:"deviceType,omitempty" tf:"device_type,omitempty"` + + // (Boolean) Add geo data to the custom key. + // Add geo data to the custom key. + Geo *bool `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Boolean) Add language data to the custom key. + // Add language data to the custom key. + Lang *bool `json:"lang,omitempty" tf:"lang,omitempty"` +} + type UserObservation struct { + + // (Boolean) Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". + // Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". + DeviceType *bool `json:"deviceType,omitempty" tf:"device_type,omitempty"` + + // (Boolean) Add geo data to the custom key. + // Add geo data to the custom key. + Geo *bool `json:"geo,omitempty" tf:"geo,omitempty"` + + // (Boolean) Add language data to the custom key. + // Add language data to the custom key. + Lang *bool `json:"lang,omitempty" tf:"lang,omitempty"` } type UserParameters struct { + // (Boolean) Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". // Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". // +kubebuilder:validation:Optional DeviceType *bool `json:"deviceType,omitempty" tf:"device_type,omitempty"` + // (Boolean) Add geo data to the custom key. // Add geo data to the custom key. // +kubebuilder:validation:Optional Geo *bool `json:"geo,omitempty" tf:"geo,omitempty"` + // (Boolean) Add language data to the custom key. // Add language data to the custom key. // +kubebuilder:validation:Optional Lang *bool `json:"lang,omitempty" tf:"lang,omitempty"` @@ -853,6 +2275,17 @@ type UserParameters struct { type RulesetSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RulesetParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RulesetInitParameters `json:"initProvider,omitempty"` } // RulesetStatus defines the observed state of Ruleset. @@ -862,19 +2295,23 @@ type RulesetStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Ruleset is the Schema for the Rulesets API. +// Ruleset is the Schema for the Rulesets API. The Cloudflare Ruleset Engine https://developers.cloudflare.com/firewall/cf-rulesets allows you to create and deploy rules and rulesets. The engine syntax, inspired by the Wireshark Display Filter language, is the same syntax used in custom Firewall Rules. Cloudflare uses the Ruleset Engine in different products, allowing you to configure several products using the same basic syntax. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Ruleset struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RulesetSpec `json:"spec"` - Status RulesetStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.kind) || (has(self.initProvider) && has(self.initProvider.kind))",message="spec.forProvider.kind is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.phase) || (has(self.initProvider) && has(self.initProvider.phase))",message="spec.forProvider.phase is a required parameter" + Spec RulesetSpec `json:"spec"` + Status RulesetStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/spectrum/v1alpha1/zz_generated_terraformed.go b/apis/spectrum/v1alpha1/zz_application_terraformed.go similarity index 60% rename from apis/spectrum/v1alpha1/zz_generated_terraformed.go rename to apis/spectrum/v1alpha1/zz_application_terraformed.go index 9d05615..e0634f8 100755 --- a/apis/spectrum/v1alpha1/zz_generated_terraformed.go +++ b/apis/spectrum/v1alpha1/zz_application_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this Application @@ -69,6 +74,46 @@ func (tr *Application) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Application +func (tr *Application) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Application +func (tr *Application) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + // LateInitialize this Application using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Application) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/spectrum/v1alpha1/zz_application_types.go b/apis/spectrum/v1alpha1/zz_application_types.go index 9dc41f7..36de6a3 100755 --- a/apis/spectrum/v1alpha1/zz_application_types.go +++ b/apis/spectrum/v1alpha1/zz_application_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,58 +17,189 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ApplicationInitParameters struct { + + // . Enables Argo Smart Routing. Defaults to false. + // Defaults to `false`. + ArgoSmartRouting *bool `json:"argoSmartRouting,omitempty" tf:"argo_smart_routing,omitempty"` + + // The name and type of DNS record for the Spectrum application. Fields documented below. + DNS []DNSInitParameters `json:"dns,omitempty" tf:"dns,omitempty"` + + // . Choose which types of IP addresses will be provisioned for this subdomain. Valid values are: all, ipv4, ipv6. Defaults to all. + EdgeIPConnectivity *string `json:"edgeIpConnectivity,omitempty" tf:"edge_ip_connectivity,omitempty"` + + // . A list of edge IPs (IPv4 and/or IPv6) to configure Spectrum application to. Requires Bring Your Own IP provisioned. + // +listType=set + EdgeIps []*string `json:"edgeIps,omitempty" tf:"edge_ips,omitempty"` + + // Enables the IP Firewall for this application. Defaults to true. + // Defaults to `true`. + IPFirewall *bool `json:"ipFirewall,omitempty" tf:"ip_firewall,omitempty"` + + // A destination DNS addresses to the origin. Fields documented below. + OriginDNS []OriginDNSInitParameters `json:"originDns,omitempty" tf:"origin_dns,omitempty"` + + // A list of destination addresses to the origin. e.g. tcp://192.0.2.1:22. + OriginDirect []*string `json:"originDirect,omitempty" tf:"origin_direct,omitempty"` + + // If using origin_dns and not origin_port_range, this is a required attribute. Origin port to proxy traffice to e.g. 22. + // Conflicts with `origin_port_range`. + OriginPort *float64 `json:"originPort,omitempty" tf:"origin_port,omitempty"` + + // If using origin_dns and not origin_port, this is a required attribute. Origin port range to proxy traffice to. When using a range, the protocol field must also specify a range, e.g. tcp/22-23. Fields documented below. + // Conflicts with `origin_port`. + OriginPortRange []OriginPortRangeInitParameters `json:"originPortRange,omitempty" tf:"origin_port_range,omitempty"` + + // The port configuration at Cloudflare’s edge. e.g. tcp/22. + Protocol *string `json:"protocol,omitempty" tf:"protocol,omitempty"` + + // Enables a proxy protocol to the origin. Valid values are: off, v1, v2, and simple. Defaults to off. + // Defaults to `off`. + ProxyProtocol *string `json:"proxyProtocol,omitempty" tf:"proxy_protocol,omitempty"` + + // TLS configuration option for Cloudflare to connect to your origin. Valid values are: off, flexible, full and strict. Defaults to off. + // Defaults to `off`. + TLS *string `json:"tls,omitempty" tf:"tls,omitempty"` + + // Sets application type. Valid values are: direct, http, https. Defaults to direct. + // Defaults to `direct`. + TrafficType *string `json:"trafficType,omitempty" tf:"traffic_type,omitempty"` + + // The DNS zone ID to add the application to + // The zone identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type ApplicationObservation struct { + + // . Enables Argo Smart Routing. Defaults to false. + // Defaults to `false`. + ArgoSmartRouting *bool `json:"argoSmartRouting,omitempty" tf:"argo_smart_routing,omitempty"` + + // The name and type of DNS record for the Spectrum application. Fields documented below. + DNS []DNSObservation `json:"dns,omitempty" tf:"dns,omitempty"` + + // . Choose which types of IP addresses will be provisioned for this subdomain. Valid values are: all, ipv4, ipv6. Defaults to all. + EdgeIPConnectivity *string `json:"edgeIpConnectivity,omitempty" tf:"edge_ip_connectivity,omitempty"` + + // . A list of edge IPs (IPv4 and/or IPv6) to configure Spectrum application to. Requires Bring Your Own IP provisioned. + // +listType=set + EdgeIps []*string `json:"edgeIps,omitempty" tf:"edge_ips,omitempty"` + + // Unique identifier in the API for the spectrum application. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // Enables the IP Firewall for this application. Defaults to true. + // Defaults to `true`. + IPFirewall *bool `json:"ipFirewall,omitempty" tf:"ip_firewall,omitempty"` + + // A destination DNS addresses to the origin. Fields documented below. + OriginDNS []OriginDNSObservation `json:"originDns,omitempty" tf:"origin_dns,omitempty"` + + // A list of destination addresses to the origin. e.g. tcp://192.0.2.1:22. + OriginDirect []*string `json:"originDirect,omitempty" tf:"origin_direct,omitempty"` + + // If using origin_dns and not origin_port_range, this is a required attribute. Origin port to proxy traffice to e.g. 22. + // Conflicts with `origin_port_range`. + OriginPort *float64 `json:"originPort,omitempty" tf:"origin_port,omitempty"` + + // If using origin_dns and not origin_port, this is a required attribute. Origin port range to proxy traffice to. When using a range, the protocol field must also specify a range, e.g. tcp/22-23. Fields documented below. + // Conflicts with `origin_port`. + OriginPortRange []OriginPortRangeObservation `json:"originPortRange,omitempty" tf:"origin_port_range,omitempty"` + + // The port configuration at Cloudflare’s edge. e.g. tcp/22. + Protocol *string `json:"protocol,omitempty" tf:"protocol,omitempty"` + + // Enables a proxy protocol to the origin. Valid values are: off, v1, v2, and simple. Defaults to off. + // Defaults to `off`. + ProxyProtocol *string `json:"proxyProtocol,omitempty" tf:"proxy_protocol,omitempty"` + + // TLS configuration option for Cloudflare to connect to your origin. Valid values are: off, flexible, full and strict. Defaults to off. + // Defaults to `off`. + TLS *string `json:"tls,omitempty" tf:"tls,omitempty"` + + // Sets application type. Valid values are: direct, http, https. Defaults to direct. + // Defaults to `direct`. + TrafficType *string `json:"trafficType,omitempty" tf:"traffic_type,omitempty"` + + // The DNS zone ID to add the application to + // The zone identifier to target for the resource. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type ApplicationParameters struct { + // . Enables Argo Smart Routing. Defaults to false. // Defaults to `false`. // +kubebuilder:validation:Optional ArgoSmartRouting *bool `json:"argoSmartRouting,omitempty" tf:"argo_smart_routing,omitempty"` - // +kubebuilder:validation:Required - DNS []DNSParameters `json:"dns" tf:"dns,omitempty"` + // The name and type of DNS record for the Spectrum application. Fields documented below. + // +kubebuilder:validation:Optional + DNS []DNSParameters `json:"dns,omitempty" tf:"dns,omitempty"` + // . Choose which types of IP addresses will be provisioned for this subdomain. Valid values are: all, ipv4, ipv6. Defaults to all. // +kubebuilder:validation:Optional EdgeIPConnectivity *string `json:"edgeIpConnectivity,omitempty" tf:"edge_ip_connectivity,omitempty"` + // . A list of edge IPs (IPv4 and/or IPv6) to configure Spectrum application to. Requires Bring Your Own IP provisioned. // +kubebuilder:validation:Optional + // +listType=set EdgeIps []*string `json:"edgeIps,omitempty" tf:"edge_ips,omitempty"` + // Enables the IP Firewall for this application. Defaults to true. // Defaults to `true`. // +kubebuilder:validation:Optional IPFirewall *bool `json:"ipFirewall,omitempty" tf:"ip_firewall,omitempty"` + // A destination DNS addresses to the origin. Fields documented below. // +kubebuilder:validation:Optional OriginDNS []OriginDNSParameters `json:"originDns,omitempty" tf:"origin_dns,omitempty"` + // A list of destination addresses to the origin. e.g. tcp://192.0.2.1:22. // +kubebuilder:validation:Optional OriginDirect []*string `json:"originDirect,omitempty" tf:"origin_direct,omitempty"` + // If using origin_dns and not origin_port_range, this is a required attribute. Origin port to proxy traffice to e.g. 22. // Conflicts with `origin_port_range`. // +kubebuilder:validation:Optional OriginPort *float64 `json:"originPort,omitempty" tf:"origin_port,omitempty"` + // If using origin_dns and not origin_port, this is a required attribute. Origin port range to proxy traffice to. When using a range, the protocol field must also specify a range, e.g. tcp/22-23. Fields documented below. // Conflicts with `origin_port`. // +kubebuilder:validation:Optional OriginPortRange []OriginPortRangeParameters `json:"originPortRange,omitempty" tf:"origin_port_range,omitempty"` - // +kubebuilder:validation:Required - Protocol *string `json:"protocol" tf:"protocol,omitempty"` + // The port configuration at Cloudflare’s edge. e.g. tcp/22. + // +kubebuilder:validation:Optional + Protocol *string `json:"protocol,omitempty" tf:"protocol,omitempty"` + // Enables a proxy protocol to the origin. Valid values are: off, v1, v2, and simple. Defaults to off. // Defaults to `off`. // +kubebuilder:validation:Optional ProxyProtocol *string `json:"proxyProtocol,omitempty" tf:"proxy_protocol,omitempty"` + // TLS configuration option for Cloudflare to connect to your origin. Valid values are: off, flexible, full and strict. Defaults to off. // Defaults to `off`. // +kubebuilder:validation:Optional TLS *string `json:"tls,omitempty" tf:"tls,omitempty"` + // Sets application type. Valid values are: direct, http, https. Defaults to direct. // Defaults to `direct`. // +kubebuilder:validation:Optional TrafficType *string `json:"trafficType,omitempty" tf:"traffic_type,omitempty"` + // The DNS zone ID to add the application to // The zone identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -79,36 +214,80 @@ type ApplicationParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type DNSInitParameters struct { + + // The name of the DNS record associated with the application.i.e. ssh.example.com. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The type of DNS record associated with the application. Valid values: CNAME. + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type DNSObservation struct { + + // The name of the DNS record associated with the application.i.e. ssh.example.com. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The type of DNS record associated with the application. Valid values: CNAME. + Type *string `json:"type,omitempty" tf:"type,omitempty"` } type DNSParameters struct { - // +kubebuilder:validation:Required + // The name of the DNS record associated with the application.i.e. ssh.example.com. + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` - // +kubebuilder:validation:Required + // The type of DNS record associated with the application. Valid values: CNAME. + // +kubebuilder:validation:Optional Type *string `json:"type" tf:"type,omitempty"` } +type OriginDNSInitParameters struct { + + // The name of the DNS record associated with the application.i.e. ssh.example.com. + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type OriginDNSObservation struct { + + // The name of the DNS record associated with the application.i.e. ssh.example.com. + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type OriginDNSParameters struct { - // +kubebuilder:validation:Required + // The name of the DNS record associated with the application.i.e. ssh.example.com. + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` } +type OriginPortRangeInitParameters struct { + + // Upper bound of the origin port range, e.g. 2000 + End *float64 `json:"end,omitempty" tf:"end,omitempty"` + + // Lower bound of the origin port range, e.g. 1000 + Start *float64 `json:"start,omitempty" tf:"start,omitempty"` +} + type OriginPortRangeObservation struct { + + // Upper bound of the origin port range, e.g. 2000 + End *float64 `json:"end,omitempty" tf:"end,omitempty"` + + // Lower bound of the origin port range, e.g. 1000 + Start *float64 `json:"start,omitempty" tf:"start,omitempty"` } type OriginPortRangeParameters struct { - // +kubebuilder:validation:Required + // Upper bound of the origin port range, e.g. 2000 + // +kubebuilder:validation:Optional End *float64 `json:"end" tf:"end,omitempty"` - // +kubebuilder:validation:Required + // Lower bound of the origin port range, e.g. 1000 + // +kubebuilder:validation:Optional Start *float64 `json:"start" tf:"start,omitempty"` } @@ -116,6 +295,17 @@ type OriginPortRangeParameters struct { type ApplicationSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ApplicationParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ApplicationInitParameters `json:"initProvider,omitempty"` } // ApplicationStatus defines the observed state of Application. @@ -125,19 +315,22 @@ type ApplicationStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Application is the Schema for the Applications API. +// Application is the Schema for the Applications API. Provides a Cloudflare Spectrum Application resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Application struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec ApplicationSpec `json:"spec"` - Status ApplicationStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.dns) || (has(self.initProvider) && has(self.initProvider.dns))",message="spec.forProvider.dns is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.protocol) || (has(self.initProvider) && has(self.initProvider.protocol))",message="spec.forProvider.protocol is a required parameter" + Spec ApplicationSpec `json:"spec"` + Status ApplicationStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/spectrum/v1alpha1/zz_generated.conversion_hubs.go b/apis/spectrum/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..be696b0 --- /dev/null +++ b/apis/spectrum/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,14 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Application) Hub() {} diff --git a/apis/spectrum/v1alpha1/zz_generated.deepcopy.go b/apis/spectrum/v1alpha1/zz_generated.deepcopy.go index d054bac..a97553d 100644 --- a/apis/spectrum/v1alpha1/zz_generated.deepcopy.go +++ b/apis/spectrum/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,119 @@ func (in *Application) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ApplicationInitParameters) DeepCopyInto(out *ApplicationInitParameters) { + *out = *in + if in.ArgoSmartRouting != nil { + in, out := &in.ArgoSmartRouting, &out.ArgoSmartRouting + *out = new(bool) + **out = **in + } + if in.DNS != nil { + in, out := &in.DNS, &out.DNS + *out = make([]DNSInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.EdgeIPConnectivity != nil { + in, out := &in.EdgeIPConnectivity, &out.EdgeIPConnectivity + *out = new(string) + **out = **in + } + if in.EdgeIps != nil { + in, out := &in.EdgeIps, &out.EdgeIps + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IPFirewall != nil { + in, out := &in.IPFirewall, &out.IPFirewall + *out = new(bool) + **out = **in + } + if in.OriginDNS != nil { + in, out := &in.OriginDNS, &out.OriginDNS + *out = make([]OriginDNSInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.OriginDirect != nil { + in, out := &in.OriginDirect, &out.OriginDirect + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.OriginPort != nil { + in, out := &in.OriginPort, &out.OriginPort + *out = new(float64) + **out = **in + } + if in.OriginPortRange != nil { + in, out := &in.OriginPortRange, &out.OriginPortRange + *out = make([]OriginPortRangeInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Protocol != nil { + in, out := &in.Protocol, &out.Protocol + *out = new(string) + **out = **in + } + if in.ProxyProtocol != nil { + in, out := &in.ProxyProtocol, &out.ProxyProtocol + *out = new(string) + **out = **in + } + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(string) + **out = **in + } + if in.TrafficType != nil { + in, out := &in.TrafficType, &out.TrafficType + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationInitParameters. +func (in *ApplicationInitParameters) DeepCopy() *ApplicationInitParameters { + if in == nil { + return nil + } + out := new(ApplicationInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ApplicationList) DeepCopyInto(out *ApplicationList) { *out = *in @@ -76,11 +188,99 @@ func (in *ApplicationList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ApplicationObservation) DeepCopyInto(out *ApplicationObservation) { *out = *in + if in.ArgoSmartRouting != nil { + in, out := &in.ArgoSmartRouting, &out.ArgoSmartRouting + *out = new(bool) + **out = **in + } + if in.DNS != nil { + in, out := &in.DNS, &out.DNS + *out = make([]DNSObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.EdgeIPConnectivity != nil { + in, out := &in.EdgeIPConnectivity, &out.EdgeIPConnectivity + *out = new(string) + **out = **in + } + if in.EdgeIps != nil { + in, out := &in.EdgeIps, &out.EdgeIps + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.IPFirewall != nil { + in, out := &in.IPFirewall, &out.IPFirewall + *out = new(bool) + **out = **in + } + if in.OriginDNS != nil { + in, out := &in.OriginDNS, &out.OriginDNS + *out = make([]OriginDNSObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.OriginDirect != nil { + in, out := &in.OriginDirect, &out.OriginDirect + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.OriginPort != nil { + in, out := &in.OriginPort, &out.OriginPort + *out = new(float64) + **out = **in + } + if in.OriginPortRange != nil { + in, out := &in.OriginPortRange, &out.OriginPortRange + *out = make([]OriginPortRangeObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Protocol != nil { + in, out := &in.Protocol, &out.Protocol + *out = new(string) + **out = **in + } + if in.ProxyProtocol != nil { + in, out := &in.ProxyProtocol, &out.ProxyProtocol + *out = new(string) + **out = **in + } + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(string) + **out = **in + } + if in.TrafficType != nil { + in, out := &in.TrafficType, &out.TrafficType + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationObservation. @@ -211,6 +411,7 @@ func (in *ApplicationSpec) DeepCopyInto(out *ApplicationSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationSpec. @@ -240,9 +441,44 @@ func (in *ApplicationStatus) DeepCopy() *ApplicationStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DNSInitParameters) DeepCopyInto(out *DNSInitParameters) { + *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSInitParameters. +func (in *DNSInitParameters) DeepCopy() *DNSInitParameters { + if in == nil { + return nil + } + out := new(DNSInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DNSObservation) DeepCopyInto(out *DNSObservation) { *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSObservation. @@ -280,9 +516,34 @@ func (in *DNSParameters) DeepCopy() *DNSParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OriginDNSInitParameters) DeepCopyInto(out *OriginDNSInitParameters) { + *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginDNSInitParameters. +func (in *OriginDNSInitParameters) DeepCopy() *OriginDNSInitParameters { + if in == nil { + return nil + } + out := new(OriginDNSInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OriginDNSObservation) DeepCopyInto(out *OriginDNSObservation) { *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginDNSObservation. @@ -315,9 +576,44 @@ func (in *OriginDNSParameters) DeepCopy() *OriginDNSParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OriginPortRangeInitParameters) DeepCopyInto(out *OriginPortRangeInitParameters) { + *out = *in + if in.End != nil { + in, out := &in.End, &out.End + *out = new(float64) + **out = **in + } + if in.Start != nil { + in, out := &in.Start, &out.Start + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginPortRangeInitParameters. +func (in *OriginPortRangeInitParameters) DeepCopy() *OriginPortRangeInitParameters { + if in == nil { + return nil + } + out := new(OriginPortRangeInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OriginPortRangeObservation) DeepCopyInto(out *OriginPortRangeObservation) { *out = *in + if in.End != nil { + in, out := &in.End, &out.End + *out = new(float64) + **out = **in + } + if in.Start != nil { + in, out := &in.Start, &out.Start + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginPortRangeObservation. diff --git a/apis/spectrum/v1alpha1/zz_generated.managed.go b/apis/spectrum/v1alpha1/zz_generated.managed.go index 3af64c6..1f8c5b5 100644 --- a/apis/spectrum/v1alpha1/zz_generated.managed.go +++ b/apis/spectrum/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Application) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Application. +func (mg *Application) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Application. func (mg *Application) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Application. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Application) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Application. func (mg *Application) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Application) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Application. +func (mg *Application) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Application. func (mg *Application) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Application. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Application) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Application. func (mg *Application) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/spectrum/v1alpha1/zz_generated.resolvers.go b/apis/spectrum/v1alpha1/zz_generated.resolvers.go index bfb76dc..58070a9 100644 --- a/apis/spectrum/v1alpha1/zz_generated.resolvers.go +++ b/apis/spectrum/v1alpha1/zz_generated.resolvers.go @@ -36,5 +36,21 @@ func (mg *Application) ResolveReferences(ctx context.Context, c client.Reader) e mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/spectrum/v1alpha1/zz_groupversion_info.go b/apis/spectrum/v1alpha1/zz_groupversion_info.go index 3ffd693..13b1d8e 100755 --- a/apis/spectrum/v1alpha1/zz_groupversion_info.go +++ b/apis/spectrum/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/teams/v1alpha1/zz_account_terraformed.go b/apis/teams/v1alpha1/zz_account_terraformed.go new file mode 100755 index 0000000..288d486 --- /dev/null +++ b/apis/teams/v1alpha1/zz_account_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Account +func (mg *Account) GetTerraformResourceType() string { + return "cloudflare_teams_account" +} + +// GetConnectionDetailsMapping for this Account +func (tr *Account) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Account +func (tr *Account) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Account +func (tr *Account) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Account +func (tr *Account) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Account +func (tr *Account) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Account +func (tr *Account) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Account +func (tr *Account) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Account +func (tr *Account) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Account using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Account) LateInitialize(attrs []byte) (bool, error) { + params := &AccountParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Account) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/teams/v1alpha1/zz_account_types.go b/apis/teams/v1alpha1/zz_account_types.go index 396009a..20257e9 100755 --- a/apis/teams/v1alpha1/zz_account_types.go +++ b/apis/teams/v1alpha1/zz_account_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,80 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type AccountInitParameters struct { + + // The account to which the teams location should be added. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // Indicator of enablement. + ActivityLogEnabled *bool `json:"activityLogEnabled,omitempty" tf:"activity_log_enabled,omitempty"` + + // Configuration block for antivirus traffic scanning. + Antivirus []AntivirusInitParameters `json:"antivirus,omitempty" tf:"antivirus,omitempty"` + + // Configuration for a custom block page. + BlockPage []BlockPageInitParameters `json:"blockPage,omitempty" tf:"block_page,omitempty"` + + // Configure compliance with Federal Information Processing Standards. + Fips []FipsInitParameters `json:"fips,omitempty" tf:"fips,omitempty"` + + Logging []LoggingInitParameters `json:"logging,omitempty" tf:"logging,omitempty"` + + // Configuration block for specifying which protocols are proxied. + Proxy []ProxyInitParameters `json:"proxy,omitempty" tf:"proxy,omitempty"` + + // Indicator that decryption of TLS traffic is enabled. + TLSDecryptEnabled *bool `json:"tlsDecryptEnabled,omitempty" tf:"tls_decrypt_enabled,omitempty"` + + // Safely browse websites in Browser Isolation through a URL. + URLBrowserIsolationEnabled *bool `json:"urlBrowserIsolationEnabled,omitempty" tf:"url_browser_isolation_enabled,omitempty"` +} + type AccountObservation struct { + + // The account to which the teams location should be added. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Indicator of enablement. + ActivityLogEnabled *bool `json:"activityLogEnabled,omitempty" tf:"activity_log_enabled,omitempty"` + + // Configuration block for antivirus traffic scanning. + Antivirus []AntivirusObservation `json:"antivirus,omitempty" tf:"antivirus,omitempty"` + + // Configuration for a custom block page. + BlockPage []BlockPageObservation `json:"blockPage,omitempty" tf:"block_page,omitempty"` + + // Configure compliance with Federal Information Processing Standards. + Fips []FipsObservation `json:"fips,omitempty" tf:"fips,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + Logging []LoggingObservation `json:"logging,omitempty" tf:"logging,omitempty"` + + // Configuration block for specifying which protocols are proxied. + Proxy []ProxyObservation `json:"proxy,omitempty" tf:"proxy,omitempty"` + + // Indicator that decryption of TLS traffic is enabled. + TLSDecryptEnabled *bool `json:"tlsDecryptEnabled,omitempty" tf:"tls_decrypt_enabled,omitempty"` + + // Safely browse websites in Browser Isolation through a URL. + URLBrowserIsolationEnabled *bool `json:"urlBrowserIsolationEnabled,omitempty" tf:"url_browser_isolation_enabled,omitempty"` } type AccountParameters struct { + // The account to which the teams location should be added. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,151 +104,317 @@ type AccountParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // Indicator of enablement. // +kubebuilder:validation:Optional ActivityLogEnabled *bool `json:"activityLogEnabled,omitempty" tf:"activity_log_enabled,omitempty"` + // Configuration block for antivirus traffic scanning. // +kubebuilder:validation:Optional Antivirus []AntivirusParameters `json:"antivirus,omitempty" tf:"antivirus,omitempty"` + // Configuration for a custom block page. // +kubebuilder:validation:Optional BlockPage []BlockPageParameters `json:"blockPage,omitempty" tf:"block_page,omitempty"` + // Configure compliance with Federal Information Processing Standards. // +kubebuilder:validation:Optional Fips []FipsParameters `json:"fips,omitempty" tf:"fips,omitempty"` // +kubebuilder:validation:Optional Logging []LoggingParameters `json:"logging,omitempty" tf:"logging,omitempty"` + // Configuration block for specifying which protocols are proxied. // +kubebuilder:validation:Optional Proxy []ProxyParameters `json:"proxy,omitempty" tf:"proxy,omitempty"` + // Indicator that decryption of TLS traffic is enabled. // +kubebuilder:validation:Optional TLSDecryptEnabled *bool `json:"tlsDecryptEnabled,omitempty" tf:"tls_decrypt_enabled,omitempty"` + // Safely browse websites in Browser Isolation through a URL. // +kubebuilder:validation:Optional URLBrowserIsolationEnabled *bool `json:"urlBrowserIsolationEnabled,omitempty" tf:"url_browser_isolation_enabled,omitempty"` } +type AntivirusInitParameters struct { + + // Scan on file download. + EnabledDownloadPhase *bool `json:"enabledDownloadPhase,omitempty" tf:"enabled_download_phase,omitempty"` + + // Scan on file upload. + EnabledUploadPhase *bool `json:"enabledUploadPhase,omitempty" tf:"enabled_upload_phase,omitempty"` + + // Block requests for files that cannot be scanned. + FailClosed *bool `json:"failClosed,omitempty" tf:"fail_closed,omitempty"` +} + type AntivirusObservation struct { + + // Scan on file download. + EnabledDownloadPhase *bool `json:"enabledDownloadPhase,omitempty" tf:"enabled_download_phase,omitempty"` + + // Scan on file upload. + EnabledUploadPhase *bool `json:"enabledUploadPhase,omitempty" tf:"enabled_upload_phase,omitempty"` + + // Block requests for files that cannot be scanned. + FailClosed *bool `json:"failClosed,omitempty" tf:"fail_closed,omitempty"` } type AntivirusParameters struct { - // +kubebuilder:validation:Required + // Scan on file download. + // +kubebuilder:validation:Optional EnabledDownloadPhase *bool `json:"enabledDownloadPhase" tf:"enabled_download_phase,omitempty"` - // +kubebuilder:validation:Required + // Scan on file upload. + // +kubebuilder:validation:Optional EnabledUploadPhase *bool `json:"enabledUploadPhase" tf:"enabled_upload_phase,omitempty"` - // +kubebuilder:validation:Required + // Block requests for files that cannot be scanned. + // +kubebuilder:validation:Optional FailClosed *bool `json:"failClosed" tf:"fail_closed,omitempty"` } +type BlockPageInitParameters struct { + + // Hex code of block page background color. + BackgroundColor *string `json:"backgroundColor,omitempty" tf:"background_color,omitempty"` + + // Indicator of enablement. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // Block page header text. + FooterText *string `json:"footerText,omitempty" tf:"footer_text,omitempty"` + + // Block page footer text. + HeaderText *string `json:"headerText,omitempty" tf:"header_text,omitempty"` + + // URL of block page logo. + LogoPath *string `json:"logoPath,omitempty" tf:"logo_path,omitempty"` + + // Name of block page configuration. + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type BlockPageObservation struct { + + // Hex code of block page background color. + BackgroundColor *string `json:"backgroundColor,omitempty" tf:"background_color,omitempty"` + + // Indicator of enablement. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // Block page header text. + FooterText *string `json:"footerText,omitempty" tf:"footer_text,omitempty"` + + // Block page footer text. + HeaderText *string `json:"headerText,omitempty" tf:"header_text,omitempty"` + + // URL of block page logo. + LogoPath *string `json:"logoPath,omitempty" tf:"logo_path,omitempty"` + + // Name of block page configuration. + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type BlockPageParameters struct { + // Hex code of block page background color. // +kubebuilder:validation:Optional BackgroundColor *string `json:"backgroundColor,omitempty" tf:"background_color,omitempty"` + // Indicator of enablement. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // Block page header text. // +kubebuilder:validation:Optional FooterText *string `json:"footerText,omitempty" tf:"footer_text,omitempty"` + // Block page footer text. // +kubebuilder:validation:Optional HeaderText *string `json:"headerText,omitempty" tf:"header_text,omitempty"` + // URL of block page logo. // +kubebuilder:validation:Optional LogoPath *string `json:"logoPath,omitempty" tf:"logo_path,omitempty"` + // Name of block page configuration. // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` } +type DNSInitParameters struct { + LogAll *bool `json:"logAll,omitempty" tf:"log_all,omitempty"` + + LogBlocks *bool `json:"logBlocks,omitempty" tf:"log_blocks,omitempty"` +} + type DNSObservation struct { + LogAll *bool `json:"logAll,omitempty" tf:"log_all,omitempty"` + + LogBlocks *bool `json:"logBlocks,omitempty" tf:"log_blocks,omitempty"` } type DNSParameters struct { - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional LogAll *bool `json:"logAll" tf:"log_all,omitempty"` - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional LogBlocks *bool `json:"logBlocks" tf:"log_blocks,omitempty"` } +type FipsInitParameters struct { + + // Only allow FIPS-compliant TLS configuration. + TLS *bool `json:"tls,omitempty" tf:"tls,omitempty"` +} + type FipsObservation struct { + + // Only allow FIPS-compliant TLS configuration. + TLS *bool `json:"tls,omitempty" tf:"tls,omitempty"` } type FipsParameters struct { + // Only allow FIPS-compliant TLS configuration. // +kubebuilder:validation:Optional TLS *bool `json:"tls,omitempty" tf:"tls,omitempty"` } +type HTTPInitParameters struct { + LogAll *bool `json:"logAll,omitempty" tf:"log_all,omitempty"` + + LogBlocks *bool `json:"logBlocks,omitempty" tf:"log_blocks,omitempty"` +} + type HTTPObservation struct { + LogAll *bool `json:"logAll,omitempty" tf:"log_all,omitempty"` + + LogBlocks *bool `json:"logBlocks,omitempty" tf:"log_blocks,omitempty"` } type HTTPParameters struct { - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional LogAll *bool `json:"logAll" tf:"log_all,omitempty"` - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional LogBlocks *bool `json:"logBlocks" tf:"log_blocks,omitempty"` } +type L4InitParameters struct { + LogAll *bool `json:"logAll,omitempty" tf:"log_all,omitempty"` + + LogBlocks *bool `json:"logBlocks,omitempty" tf:"log_blocks,omitempty"` +} + type L4Observation struct { + LogAll *bool `json:"logAll,omitempty" tf:"log_all,omitempty"` + + LogBlocks *bool `json:"logBlocks,omitempty" tf:"log_blocks,omitempty"` } type L4Parameters struct { - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional LogAll *bool `json:"logAll" tf:"log_all,omitempty"` - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional LogBlocks *bool `json:"logBlocks" tf:"log_blocks,omitempty"` } +type LoggingInitParameters struct { + + // Redact personally identifiable information from activity logging (PII fields are: source IP, + // user email, user ID, device ID, URL, referrer, user agent). + RedactPii *bool `json:"redactPii,omitempty" tf:"redact_pii,omitempty"` + + // Represents whether all requests are logged or only the blocked requests are + // logged in DNS, HTTP and L4 filters. + SettingsByRuleType []SettingsByRuleTypeInitParameters `json:"settingsByRuleType,omitempty" tf:"settings_by_rule_type,omitempty"` +} + type LoggingObservation struct { + + // Redact personally identifiable information from activity logging (PII fields are: source IP, + // user email, user ID, device ID, URL, referrer, user agent). + RedactPii *bool `json:"redactPii,omitempty" tf:"redact_pii,omitempty"` + + // Represents whether all requests are logged or only the blocked requests are + // logged in DNS, HTTP and L4 filters. + SettingsByRuleType []SettingsByRuleTypeObservation `json:"settingsByRuleType,omitempty" tf:"settings_by_rule_type,omitempty"` } type LoggingParameters struct { - // +kubebuilder:validation:Required + // Redact personally identifiable information from activity logging (PII fields are: source IP, + // user email, user ID, device ID, URL, referrer, user agent). + // +kubebuilder:validation:Optional RedactPii *bool `json:"redactPii" tf:"redact_pii,omitempty"` - // +kubebuilder:validation:Required + // Represents whether all requests are logged or only the blocked requests are + // logged in DNS, HTTP and L4 filters. + // +kubebuilder:validation:Optional SettingsByRuleType []SettingsByRuleTypeParameters `json:"settingsByRuleType" tf:"settings_by_rule_type,omitempty"` } +type ProxyInitParameters struct { + + // Whether gateway proxy is enabled on gateway devices for tcp traffic. + TCP *bool `json:"tcp,omitempty" tf:"tcp,omitempty"` + + // Whether gateway proxy is enabled on gateway devices for udp traffic. + UDP *bool `json:"udp,omitempty" tf:"udp,omitempty"` +} + type ProxyObservation struct { + + // Whether gateway proxy is enabled on gateway devices for tcp traffic. + TCP *bool `json:"tcp,omitempty" tf:"tcp,omitempty"` + + // Whether gateway proxy is enabled on gateway devices for udp traffic. + UDP *bool `json:"udp,omitempty" tf:"udp,omitempty"` } type ProxyParameters struct { - // +kubebuilder:validation:Required + // Whether gateway proxy is enabled on gateway devices for tcp traffic. + // +kubebuilder:validation:Optional TCP *bool `json:"tcp" tf:"tcp,omitempty"` - // +kubebuilder:validation:Required + // Whether gateway proxy is enabled on gateway devices for udp traffic. + // +kubebuilder:validation:Optional UDP *bool `json:"udp" tf:"udp,omitempty"` } +type SettingsByRuleTypeInitParameters struct { + DNS []DNSInitParameters `json:"dns,omitempty" tf:"dns,omitempty"` + + HTTP []HTTPInitParameters `json:"http,omitempty" tf:"http,omitempty"` + + L4 []L4InitParameters `json:"l4,omitempty" tf:"l4,omitempty"` +} + type SettingsByRuleTypeObservation struct { + DNS []DNSObservation `json:"dns,omitempty" tf:"dns,omitempty"` + + HTTP []HTTPObservation `json:"http,omitempty" tf:"http,omitempty"` + + L4 []L4Observation `json:"l4,omitempty" tf:"l4,omitempty"` } type SettingsByRuleTypeParameters struct { - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional DNS []DNSParameters `json:"dns" tf:"dns,omitempty"` - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional HTTP []HTTPParameters `json:"http" tf:"http,omitempty"` - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional L4 []L4Parameters `json:"l4" tf:"l4,omitempty"` } @@ -184,6 +422,17 @@ type SettingsByRuleTypeParameters struct { type AccountSpec struct { v1.ResourceSpec `json:",inline"` ForProvider AccountParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider AccountInitParameters `json:"initProvider,omitempty"` } // AccountStatus defines the observed state of Account. @@ -193,13 +442,14 @@ type AccountStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Account is the Schema for the Accounts API. +// Account is the Schema for the Accounts API. Provides a Cloudflare Teams Account resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Account struct { metav1.TypeMeta `json:",inline"` diff --git a/apis/teams/v1alpha1/zz_generated.conversion_hubs.go b/apis/teams/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..60f3e3c --- /dev/null +++ b/apis/teams/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,26 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Account) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *List) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Location) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *ProxyEndpoint) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Rule) Hub() {} diff --git a/apis/teams/v1alpha1/zz_generated.deepcopy.go b/apis/teams/v1alpha1/zz_generated.deepcopy.go index e41c60d..a1731df 100644 --- a/apis/teams/v1alpha1/zz_generated.deepcopy.go +++ b/apis/teams/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,86 @@ func (in *Account) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AccountInitParameters) DeepCopyInto(out *AccountInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.ActivityLogEnabled != nil { + in, out := &in.ActivityLogEnabled, &out.ActivityLogEnabled + *out = new(bool) + **out = **in + } + if in.Antivirus != nil { + in, out := &in.Antivirus, &out.Antivirus + *out = make([]AntivirusInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.BlockPage != nil { + in, out := &in.BlockPage, &out.BlockPage + *out = make([]BlockPageInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Fips != nil { + in, out := &in.Fips, &out.Fips + *out = make([]FipsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Logging != nil { + in, out := &in.Logging, &out.Logging + *out = make([]LoggingInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Proxy != nil { + in, out := &in.Proxy, &out.Proxy + *out = make([]ProxyInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TLSDecryptEnabled != nil { + in, out := &in.TLSDecryptEnabled, &out.TLSDecryptEnabled + *out = new(bool) + **out = **in + } + if in.URLBrowserIsolationEnabled != nil { + in, out := &in.URLBrowserIsolationEnabled, &out.URLBrowserIsolationEnabled + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountInitParameters. +func (in *AccountInitParameters) DeepCopy() *AccountInitParameters { + if in == nil { + return nil + } + out := new(AccountInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AccountList) DeepCopyInto(out *AccountList) { *out = *in @@ -76,11 +155,66 @@ func (in *AccountList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AccountObservation) DeepCopyInto(out *AccountObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.ActivityLogEnabled != nil { + in, out := &in.ActivityLogEnabled, &out.ActivityLogEnabled + *out = new(bool) + **out = **in + } + if in.Antivirus != nil { + in, out := &in.Antivirus, &out.Antivirus + *out = make([]AntivirusObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.BlockPage != nil { + in, out := &in.BlockPage, &out.BlockPage + *out = make([]BlockPageObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Fips != nil { + in, out := &in.Fips, &out.Fips + *out = make([]FipsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Logging != nil { + in, out := &in.Logging, &out.Logging + *out = make([]LoggingObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Proxy != nil { + in, out := &in.Proxy, &out.Proxy + *out = make([]ProxyObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TLSDecryptEnabled != nil { + in, out := &in.TLSDecryptEnabled, &out.TLSDecryptEnabled + *out = new(bool) + **out = **in + } + if in.URLBrowserIsolationEnabled != nil { + in, out := &in.URLBrowserIsolationEnabled, &out.URLBrowserIsolationEnabled + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountObservation. @@ -178,6 +312,7 @@ func (in *AccountSpec) DeepCopyInto(out *AccountSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountSpec. @@ -207,9 +342,54 @@ func (in *AccountStatus) DeepCopy() *AccountStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AntivirusInitParameters) DeepCopyInto(out *AntivirusInitParameters) { + *out = *in + if in.EnabledDownloadPhase != nil { + in, out := &in.EnabledDownloadPhase, &out.EnabledDownloadPhase + *out = new(bool) + **out = **in + } + if in.EnabledUploadPhase != nil { + in, out := &in.EnabledUploadPhase, &out.EnabledUploadPhase + *out = new(bool) + **out = **in + } + if in.FailClosed != nil { + in, out := &in.FailClosed, &out.FailClosed + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AntivirusInitParameters. +func (in *AntivirusInitParameters) DeepCopy() *AntivirusInitParameters { + if in == nil { + return nil + } + out := new(AntivirusInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AntivirusObservation) DeepCopyInto(out *AntivirusObservation) { *out = *in + if in.EnabledDownloadPhase != nil { + in, out := &in.EnabledDownloadPhase, &out.EnabledDownloadPhase + *out = new(bool) + **out = **in + } + if in.EnabledUploadPhase != nil { + in, out := &in.EnabledUploadPhase, &out.EnabledUploadPhase + *out = new(bool) + **out = **in + } + if in.FailClosed != nil { + in, out := &in.FailClosed, &out.FailClosed + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AntivirusObservation. @@ -253,22 +433,47 @@ func (in *AntivirusParameters) DeepCopy() *AntivirusParameters { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *BisoAdminControlsObservation) DeepCopyInto(out *BisoAdminControlsObservation) { +func (in *BisoAdminControlsInitParameters) DeepCopyInto(out *BisoAdminControlsInitParameters) { *out = *in + if in.DisableCopyPaste != nil { + in, out := &in.DisableCopyPaste, &out.DisableCopyPaste + *out = new(bool) + **out = **in + } + if in.DisableDownload != nil { + in, out := &in.DisableDownload, &out.DisableDownload + *out = new(bool) + **out = **in + } + if in.DisableKeyboard != nil { + in, out := &in.DisableKeyboard, &out.DisableKeyboard + *out = new(bool) + **out = **in + } + if in.DisablePrinting != nil { + in, out := &in.DisablePrinting, &out.DisablePrinting + *out = new(bool) + **out = **in + } + if in.DisableUpload != nil { + in, out := &in.DisableUpload, &out.DisableUpload + *out = new(bool) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BisoAdminControlsObservation. -func (in *BisoAdminControlsObservation) DeepCopy() *BisoAdminControlsObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BisoAdminControlsInitParameters. +func (in *BisoAdminControlsInitParameters) DeepCopy() *BisoAdminControlsInitParameters { if in == nil { return nil } - out := new(BisoAdminControlsObservation) + out := new(BisoAdminControlsInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *BisoAdminControlsParameters) DeepCopyInto(out *BisoAdminControlsParameters) { +func (in *BisoAdminControlsObservation) DeepCopyInto(out *BisoAdminControlsObservation) { *out = *in if in.DisableCopyPaste != nil { in, out := &in.DisableCopyPaste, &out.DisableCopyPaste @@ -297,33 +502,58 @@ func (in *BisoAdminControlsParameters) DeepCopyInto(out *BisoAdminControlsParame } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BisoAdminControlsParameters. -func (in *BisoAdminControlsParameters) DeepCopy() *BisoAdminControlsParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BisoAdminControlsObservation. +func (in *BisoAdminControlsObservation) DeepCopy() *BisoAdminControlsObservation { if in == nil { return nil } - out := new(BisoAdminControlsParameters) + out := new(BisoAdminControlsObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *BlockPageObservation) DeepCopyInto(out *BlockPageObservation) { +func (in *BisoAdminControlsParameters) DeepCopyInto(out *BisoAdminControlsParameters) { *out = *in + if in.DisableCopyPaste != nil { + in, out := &in.DisableCopyPaste, &out.DisableCopyPaste + *out = new(bool) + **out = **in + } + if in.DisableDownload != nil { + in, out := &in.DisableDownload, &out.DisableDownload + *out = new(bool) + **out = **in + } + if in.DisableKeyboard != nil { + in, out := &in.DisableKeyboard, &out.DisableKeyboard + *out = new(bool) + **out = **in + } + if in.DisablePrinting != nil { + in, out := &in.DisablePrinting, &out.DisablePrinting + *out = new(bool) + **out = **in + } + if in.DisableUpload != nil { + in, out := &in.DisableUpload, &out.DisableUpload + *out = new(bool) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BlockPageObservation. -func (in *BlockPageObservation) DeepCopy() *BlockPageObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BisoAdminControlsParameters. +func (in *BisoAdminControlsParameters) DeepCopy() *BisoAdminControlsParameters { if in == nil { return nil } - out := new(BlockPageObservation) + out := new(BisoAdminControlsParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *BlockPageParameters) DeepCopyInto(out *BlockPageParameters) { +func (in *BlockPageInitParameters) DeepCopyInto(out *BlockPageInitParameters) { *out = *in if in.BackgroundColor != nil { in, out := &in.BackgroundColor, &out.BackgroundColor @@ -357,34 +587,159 @@ func (in *BlockPageParameters) DeepCopyInto(out *BlockPageParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BlockPageParameters. -func (in *BlockPageParameters) DeepCopy() *BlockPageParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BlockPageInitParameters. +func (in *BlockPageInitParameters) DeepCopy() *BlockPageInitParameters { if in == nil { return nil } - out := new(BlockPageParameters) + out := new(BlockPageInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CheckSessionObservation) DeepCopyInto(out *CheckSessionObservation) { +func (in *BlockPageObservation) DeepCopyInto(out *BlockPageObservation) { *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CheckSessionObservation. -func (in *CheckSessionObservation) DeepCopy() *CheckSessionObservation { - if in == nil { - return nil + if in.BackgroundColor != nil { + in, out := &in.BackgroundColor, &out.BackgroundColor + *out = new(string) + **out = **in } - out := new(CheckSessionObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CheckSessionParameters) DeepCopyInto(out *CheckSessionParameters) { - *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.FooterText != nil { + in, out := &in.FooterText, &out.FooterText + *out = new(string) + **out = **in + } + if in.HeaderText != nil { + in, out := &in.HeaderText, &out.HeaderText + *out = new(string) + **out = **in + } + if in.LogoPath != nil { + in, out := &in.LogoPath, &out.LogoPath + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BlockPageObservation. +func (in *BlockPageObservation) DeepCopy() *BlockPageObservation { + if in == nil { + return nil + } + out := new(BlockPageObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BlockPageParameters) DeepCopyInto(out *BlockPageParameters) { + *out = *in + if in.BackgroundColor != nil { + in, out := &in.BackgroundColor, &out.BackgroundColor + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.FooterText != nil { + in, out := &in.FooterText, &out.FooterText + *out = new(string) + **out = **in + } + if in.HeaderText != nil { + in, out := &in.HeaderText, &out.HeaderText + *out = new(string) + **out = **in + } + if in.LogoPath != nil { + in, out := &in.LogoPath, &out.LogoPath + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BlockPageParameters. +func (in *BlockPageParameters) DeepCopy() *BlockPageParameters { + if in == nil { + return nil + } + out := new(BlockPageParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CheckSessionInitParameters) DeepCopyInto(out *CheckSessionInitParameters) { + *out = *in + if in.Duration != nil { + in, out := &in.Duration, &out.Duration + *out = new(string) + **out = **in + } + if in.Enforce != nil { + in, out := &in.Enforce, &out.Enforce + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CheckSessionInitParameters. +func (in *CheckSessionInitParameters) DeepCopy() *CheckSessionInitParameters { + if in == nil { + return nil + } + out := new(CheckSessionInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CheckSessionObservation) DeepCopyInto(out *CheckSessionObservation) { + *out = *in + if in.Duration != nil { + in, out := &in.Duration, &out.Duration + *out = new(string) + **out = **in + } + if in.Enforce != nil { + in, out := &in.Enforce, &out.Enforce + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CheckSessionObservation. +func (in *CheckSessionObservation) DeepCopy() *CheckSessionObservation { + if in == nil { + return nil + } + out := new(CheckSessionObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CheckSessionParameters) DeepCopyInto(out *CheckSessionParameters) { + *out = *in if in.Duration != nil { in, out := &in.Duration, &out.Duration *out = new(string) @@ -407,9 +762,44 @@ func (in *CheckSessionParameters) DeepCopy() *CheckSessionParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DNSInitParameters) DeepCopyInto(out *DNSInitParameters) { + *out = *in + if in.LogAll != nil { + in, out := &in.LogAll, &out.LogAll + *out = new(bool) + **out = **in + } + if in.LogBlocks != nil { + in, out := &in.LogBlocks, &out.LogBlocks + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSInitParameters. +func (in *DNSInitParameters) DeepCopy() *DNSInitParameters { + if in == nil { + return nil + } + out := new(DNSInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DNSObservation) DeepCopyInto(out *DNSObservation) { *out = *in + if in.LogAll != nil { + in, out := &in.LogAll, &out.LogAll + *out = new(bool) + **out = **in + } + if in.LogBlocks != nil { + in, out := &in.LogBlocks, &out.LogBlocks + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSObservation. @@ -447,9 +837,34 @@ func (in *DNSParameters) DeepCopy() *DNSParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FipsInitParameters) DeepCopyInto(out *FipsInitParameters) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FipsInitParameters. +func (in *FipsInitParameters) DeepCopy() *FipsInitParameters { + if in == nil { + return nil + } + out := new(FipsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FipsObservation) DeepCopyInto(out *FipsObservation) { *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FipsObservation. @@ -482,9 +897,44 @@ func (in *FipsParameters) DeepCopy() *FipsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPInitParameters) DeepCopyInto(out *HTTPInitParameters) { + *out = *in + if in.LogAll != nil { + in, out := &in.LogAll, &out.LogAll + *out = new(bool) + **out = **in + } + if in.LogBlocks != nil { + in, out := &in.LogBlocks, &out.LogBlocks + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPInitParameters. +func (in *HTTPInitParameters) DeepCopy() *HTTPInitParameters { + if in == nil { + return nil + } + out := new(HTTPInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HTTPObservation) DeepCopyInto(out *HTTPObservation) { *out = *in + if in.LogAll != nil { + in, out := &in.LogAll, &out.LogAll + *out = new(bool) + **out = **in + } + if in.LogBlocks != nil { + in, out := &in.LogBlocks, &out.LogBlocks + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPObservation. @@ -522,9 +972,44 @@ func (in *HTTPParameters) DeepCopy() *HTTPParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *L4InitParameters) DeepCopyInto(out *L4InitParameters) { + *out = *in + if in.LogAll != nil { + in, out := &in.LogAll, &out.LogAll + *out = new(bool) + **out = **in + } + if in.LogBlocks != nil { + in, out := &in.LogBlocks, &out.LogBlocks + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new L4InitParameters. +func (in *L4InitParameters) DeepCopy() *L4InitParameters { + if in == nil { + return nil + } + out := new(L4InitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *L4Observation) DeepCopyInto(out *L4Observation) { *out = *in + if in.LogAll != nil { + in, out := &in.LogAll, &out.LogAll + *out = new(bool) + **out = **in + } + if in.LogBlocks != nil { + in, out := &in.LogBlocks, &out.LogBlocks + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new L4Observation. @@ -537,9 +1022,44 @@ func (in *L4Observation) DeepCopy() *L4Observation { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *L4OverrideInitParameters) DeepCopyInto(out *L4OverrideInitParameters) { + *out = *in + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = new(string) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new L4OverrideInitParameters. +func (in *L4OverrideInitParameters) DeepCopy() *L4OverrideInitParameters { + if in == nil { + return nil + } + out := new(L4OverrideInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *L4OverrideObservation) DeepCopyInto(out *L4OverrideObservation) { *out = *in + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = new(string) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new L4OverrideObservation. @@ -629,6 +1149,62 @@ func (in *List) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ListInitParameters) DeepCopyInto(out *ListInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListInitParameters. +func (in *ListInitParameters) DeepCopy() *ListInitParameters { + if in == nil { + return nil + } + out := new(ListInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ListList) DeepCopyInto(out *ListList) { *out = *in @@ -664,11 +1240,42 @@ func (in *ListList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ListObservation) DeepCopyInto(out *ListObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListObservation. @@ -742,6 +1349,7 @@ func (in *ListSpec) DeepCopyInto(out *ListSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListSpec. @@ -798,6 +1406,53 @@ func (in *Location) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LocationInitParameters) DeepCopyInto(out *LocationInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.ClientDefault != nil { + in, out := &in.ClientDefault, &out.ClientDefault + *out = new(bool) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Networks != nil { + in, out := &in.Networks, &out.Networks + *out = make([]NetworksInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocationInitParameters. +func (in *LocationInitParameters) DeepCopy() *LocationInitParameters { + if in == nil { + return nil + } + out := new(LocationInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LocationList) DeepCopyInto(out *LocationList) { *out = *in @@ -833,11 +1488,21 @@ func (in *LocationList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LocationObservation) DeepCopyInto(out *LocationObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } if in.AnonymizedLogsEnabled != nil { in, out := &in.AnonymizedLogsEnabled, &out.AnonymizedLogsEnabled *out = new(bool) **out = **in } + if in.ClientDefault != nil { + in, out := &in.ClientDefault, &out.ClientDefault + *out = new(bool) + **out = **in + } if in.DohSubdomain != nil { in, out := &in.DohSubdomain, &out.DohSubdomain *out = new(string) @@ -858,6 +1523,11 @@ func (in *LocationObservation) DeepCopyInto(out *LocationObservation) { *out = new(string) **out = **in } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } if in.Networks != nil { in, out := &in.Networks, &out.Networks *out = make([]NetworksObservation, len(*in)) @@ -940,6 +1610,7 @@ func (in *LocationSpec) DeepCopyInto(out *LocationSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocationSpec. @@ -969,9 +1640,48 @@ func (in *LocationStatus) DeepCopy() *LocationStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoggingInitParameters) DeepCopyInto(out *LoggingInitParameters) { + *out = *in + if in.RedactPii != nil { + in, out := &in.RedactPii, &out.RedactPii + *out = new(bool) + **out = **in + } + if in.SettingsByRuleType != nil { + in, out := &in.SettingsByRuleType, &out.SettingsByRuleType + *out = make([]SettingsByRuleTypeInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoggingInitParameters. +func (in *LoggingInitParameters) DeepCopy() *LoggingInitParameters { + if in == nil { + return nil + } + out := new(LoggingInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LoggingObservation) DeepCopyInto(out *LoggingObservation) { *out = *in + if in.RedactPii != nil { + in, out := &in.RedactPii, &out.RedactPii + *out = new(bool) + **out = **in + } + if in.SettingsByRuleType != nil { + in, out := &in.SettingsByRuleType, &out.SettingsByRuleType + *out = make([]SettingsByRuleTypeObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoggingObservation. @@ -1011,6 +1721,26 @@ func (in *LoggingParameters) DeepCopy() *LoggingParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworksInitParameters) DeepCopyInto(out *NetworksInitParameters) { + *out = *in + if in.Network != nil { + in, out := &in.Network, &out.Network + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworksInitParameters. +func (in *NetworksInitParameters) DeepCopy() *NetworksInitParameters { + if in == nil { + return nil + } + out := new(NetworksInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NetworksObservation) DeepCopyInto(out *NetworksObservation) { *out = *in @@ -1019,6 +1749,11 @@ func (in *NetworksObservation) DeepCopyInto(out *NetworksObservation) { *out = new(string) **out = **in } + if in.Network != nil { + in, out := &in.Network, &out.Network + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworksObservation. @@ -1078,6 +1813,52 @@ func (in *ProxyEndpoint) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ProxyEndpointInitParameters) DeepCopyInto(out *ProxyEndpointInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Ips != nil { + in, out := &in.Ips, &out.Ips + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyEndpointInitParameters. +func (in *ProxyEndpointInitParameters) DeepCopy() *ProxyEndpointInitParameters { + if in == nil { + return nil + } + out := new(ProxyEndpointInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProxyEndpointList) DeepCopyInto(out *ProxyEndpointList) { *out = *in @@ -1113,11 +1894,32 @@ func (in *ProxyEndpointList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProxyEndpointObservation) DeepCopyInto(out *ProxyEndpointObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Ips != nil { + in, out := &in.Ips, &out.Ips + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } if in.Subdomain != nil { in, out := &in.Subdomain, &out.Subdomain *out = new(string) @@ -1186,6 +1988,7 @@ func (in *ProxyEndpointSpec) DeepCopyInto(out *ProxyEndpointSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyEndpointSpec. @@ -1215,9 +2018,44 @@ func (in *ProxyEndpointStatus) DeepCopy() *ProxyEndpointStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ProxyInitParameters) DeepCopyInto(out *ProxyInitParameters) { + *out = *in + if in.TCP != nil { + in, out := &in.TCP, &out.TCP + *out = new(bool) + **out = **in + } + if in.UDP != nil { + in, out := &in.UDP, &out.UDP + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyInitParameters. +func (in *ProxyInitParameters) DeepCopy() *ProxyInitParameters { + if in == nil { + return nil + } + out := new(ProxyInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProxyObservation) DeepCopyInto(out *ProxyObservation) { *out = *in + if in.TCP != nil { + in, out := &in.TCP, &out.TCP + *out = new(bool) + **out = **in + } + if in.UDP != nil { + in, out := &in.UDP, &out.UDP + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyObservation. @@ -1269,19 +2107,107 @@ func (in *Rule) DeepCopy() *Rule { if in == nil { return nil } - out := new(Rule) + out := new(Rule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Rule) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RuleInitParameters) DeepCopyInto(out *RuleInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Filters != nil { + in, out := &in.Filters, &out.Filters + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Identity != nil { + in, out := &in.Identity, &out.Identity + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Precedence != nil { + in, out := &in.Precedence, &out.Precedence + *out = new(float64) + **out = **in + } + if in.RuleSettings != nil { + in, out := &in.RuleSettings, &out.RuleSettings + *out = make([]RuleSettingsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Traffic != nil { + in, out := &in.Traffic, &out.Traffic + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleInitParameters. +func (in *RuleInitParameters) DeepCopy() *RuleInitParameters { + if in == nil { + return nil + } + out := new(RuleInitParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Rule) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleList) DeepCopyInto(out *RuleList) { *out = *in @@ -1317,11 +2243,74 @@ func (in *RuleList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleObservation) DeepCopyInto(out *RuleObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DevicePosture != nil { + in, out := &in.DevicePosture, &out.DevicePosture + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Filters != nil { + in, out := &in.Filters, &out.Filters + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Identity != nil { + in, out := &in.Identity, &out.Identity + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Precedence != nil { + in, out := &in.Precedence, &out.Precedence + *out = new(float64) + **out = **in + } + if in.RuleSettings != nil { + in, out := &in.RuleSettings, &out.RuleSettings + *out = make([]RuleSettingsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Traffic != nil { + in, out := &in.Traffic, &out.Traffic + *out = new(string) + **out = **in + } if in.Version != nil { in, out := &in.Version, &out.Version *out = new(float64) @@ -1427,9 +2416,160 @@ func (in *RuleParameters) DeepCopy() *RuleParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RuleSettingsInitParameters) DeepCopyInto(out *RuleSettingsInitParameters) { + *out = *in + if in.AddHeaders != nil { + in, out := &in.AddHeaders, &out.AddHeaders + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.BisoAdminControls != nil { + in, out := &in.BisoAdminControls, &out.BisoAdminControls + *out = make([]BisoAdminControlsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.BlockPageEnabled != nil { + in, out := &in.BlockPageEnabled, &out.BlockPageEnabled + *out = new(bool) + **out = **in + } + if in.BlockPageReason != nil { + in, out := &in.BlockPageReason, &out.BlockPageReason + *out = new(string) + **out = **in + } + if in.CheckSession != nil { + in, out := &in.CheckSession, &out.CheckSession + *out = make([]CheckSessionInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InsecureDisableDNSSECValidation != nil { + in, out := &in.InsecureDisableDNSSECValidation, &out.InsecureDisableDNSSECValidation + *out = new(bool) + **out = **in + } + if in.L4Override != nil { + in, out := &in.L4Override, &out.L4Override + *out = make([]L4OverrideInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.OverrideHost != nil { + in, out := &in.OverrideHost, &out.OverrideHost + *out = new(string) + **out = **in + } + if in.OverrideIps != nil { + in, out := &in.OverrideIps, &out.OverrideIps + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleSettingsInitParameters. +func (in *RuleSettingsInitParameters) DeepCopy() *RuleSettingsInitParameters { + if in == nil { + return nil + } + out := new(RuleSettingsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleSettingsObservation) DeepCopyInto(out *RuleSettingsObservation) { *out = *in + if in.AddHeaders != nil { + in, out := &in.AddHeaders, &out.AddHeaders + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.BisoAdminControls != nil { + in, out := &in.BisoAdminControls, &out.BisoAdminControls + *out = make([]BisoAdminControlsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.BlockPageEnabled != nil { + in, out := &in.BlockPageEnabled, &out.BlockPageEnabled + *out = new(bool) + **out = **in + } + if in.BlockPageReason != nil { + in, out := &in.BlockPageReason, &out.BlockPageReason + *out = new(string) + **out = **in + } + if in.CheckSession != nil { + in, out := &in.CheckSession, &out.CheckSession + *out = make([]CheckSessionObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InsecureDisableDNSSECValidation != nil { + in, out := &in.InsecureDisableDNSSECValidation, &out.InsecureDisableDNSSECValidation + *out = new(bool) + **out = **in + } + if in.L4Override != nil { + in, out := &in.L4Override, &out.L4Override + *out = make([]L4OverrideObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.OverrideHost != nil { + in, out := &in.OverrideHost, &out.OverrideHost + *out = new(string) + **out = **in + } + if in.OverrideIps != nil { + in, out := &in.OverrideIps, &out.OverrideIps + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleSettingsObservation. @@ -1453,7 +2593,8 @@ func (in *RuleSettingsParameters) DeepCopyInto(out *RuleSettingsParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -1529,6 +2670,7 @@ func (in *RuleSpec) DeepCopyInto(out *RuleSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleSpec. @@ -1558,9 +2700,66 @@ func (in *RuleStatus) DeepCopy() *RuleStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SettingsByRuleTypeInitParameters) DeepCopyInto(out *SettingsByRuleTypeInitParameters) { + *out = *in + if in.DNS != nil { + in, out := &in.DNS, &out.DNS + *out = make([]DNSInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.HTTP != nil { + in, out := &in.HTTP, &out.HTTP + *out = make([]HTTPInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.L4 != nil { + in, out := &in.L4, &out.L4 + *out = make([]L4InitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsByRuleTypeInitParameters. +func (in *SettingsByRuleTypeInitParameters) DeepCopy() *SettingsByRuleTypeInitParameters { + if in == nil { + return nil + } + out := new(SettingsByRuleTypeInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SettingsByRuleTypeObservation) DeepCopyInto(out *SettingsByRuleTypeObservation) { *out = *in + if in.DNS != nil { + in, out := &in.DNS, &out.DNS + *out = make([]DNSObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.HTTP != nil { + in, out := &in.HTTP, &out.HTTP + *out = make([]HTTPObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.L4 != nil { + in, out := &in.L4, &out.L4 + *out = make([]L4Observation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsByRuleTypeObservation. diff --git a/apis/teams/v1alpha1/zz_generated.managed.go b/apis/teams/v1alpha1/zz_generated.managed.go index eef5e08..fe00d1d 100644 --- a/apis/teams/v1alpha1/zz_generated.managed.go +++ b/apis/teams/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Account) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Account. +func (mg *Account) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Account. func (mg *Account) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Account. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Account) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Account. func (mg *Account) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Account) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Account. +func (mg *Account) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Account. func (mg *Account) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Account. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Account) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Account. func (mg *Account) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *List) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this List. +func (mg *List) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this List. func (mg *List) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this List. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *List) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this List. func (mg *List) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *List) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this List. +func (mg *List) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this List. func (mg *List) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this List. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *List) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this List. func (mg *List) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -149,19 +137,16 @@ func (mg *Location) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Location. +func (mg *Location) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Location. func (mg *Location) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Location. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Location) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Location. func (mg *Location) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -182,19 +167,16 @@ func (mg *Location) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Location. +func (mg *Location) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Location. func (mg *Location) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Location. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Location) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Location. func (mg *Location) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -215,19 +197,16 @@ func (mg *ProxyEndpoint) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this ProxyEndpoint. +func (mg *ProxyEndpoint) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this ProxyEndpoint. func (mg *ProxyEndpoint) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this ProxyEndpoint. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *ProxyEndpoint) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this ProxyEndpoint. func (mg *ProxyEndpoint) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -248,19 +227,16 @@ func (mg *ProxyEndpoint) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this ProxyEndpoint. +func (mg *ProxyEndpoint) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this ProxyEndpoint. func (mg *ProxyEndpoint) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this ProxyEndpoint. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *ProxyEndpoint) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this ProxyEndpoint. func (mg *ProxyEndpoint) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -281,19 +257,16 @@ func (mg *Rule) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Rule. +func (mg *Rule) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Rule. func (mg *Rule) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Rule. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Rule) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Rule. func (mg *Rule) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -314,19 +287,16 @@ func (mg *Rule) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Rule. +func (mg *Rule) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Rule. func (mg *Rule) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Rule. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Rule) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Rule. func (mg *Rule) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/teams/v1alpha1/zz_generated.resolvers.go b/apis/teams/v1alpha1/zz_generated.resolvers.go index 4c8b9d7..f109705 100644 --- a/apis/teams/v1alpha1/zz_generated.resolvers.go +++ b/apis/teams/v1alpha1/zz_generated.resolvers.go @@ -36,6 +36,22 @@ func (mg *Account) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -62,6 +78,22 @@ func (mg *List) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -88,6 +120,22 @@ func (mg *Location) ResolveReferences(ctx context.Context, c client.Reader) erro mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -114,6 +162,22 @@ func (mg *ProxyEndpoint) ResolveReferences(ctx context.Context, c client.Reader) mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -140,5 +204,21 @@ func (mg *Rule) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/teams/v1alpha1/zz_generated_terraformed.go b/apis/teams/v1alpha1/zz_generated_terraformed.go deleted file mode 100755 index cb77119..0000000 --- a/apis/teams/v1alpha1/zz_generated_terraformed.go +++ /dev/null @@ -1,384 +0,0 @@ -/* -Copyright 2022 Upbound Inc. -*/ - -// Code generated by upjet. DO NOT EDIT. - -package v1alpha1 - -import ( - "github.com/pkg/errors" - - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" -) - -// GetTerraformResourceType returns Terraform resource type for this Account -func (mg *Account) GetTerraformResourceType() string { - return "cloudflare_teams_account" -} - -// GetConnectionDetailsMapping for this Account -func (tr *Account) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Account -func (tr *Account) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Account -func (tr *Account) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Account -func (tr *Account) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Account -func (tr *Account) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Account -func (tr *Account) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Account using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Account) LateInitialize(attrs []byte) (bool, error) { - params := &AccountParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Account) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this List -func (mg *List) GetTerraformResourceType() string { - return "cloudflare_teams_list" -} - -// GetConnectionDetailsMapping for this List -func (tr *List) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this List -func (tr *List) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this List -func (tr *List) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this List -func (tr *List) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this List -func (tr *List) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this List -func (tr *List) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this List using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *List) LateInitialize(attrs []byte) (bool, error) { - params := &ListParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *List) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Location -func (mg *Location) GetTerraformResourceType() string { - return "cloudflare_teams_location" -} - -// GetConnectionDetailsMapping for this Location -func (tr *Location) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Location -func (tr *Location) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Location -func (tr *Location) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Location -func (tr *Location) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Location -func (tr *Location) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Location -func (tr *Location) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Location using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Location) LateInitialize(attrs []byte) (bool, error) { - params := &LocationParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Location) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this ProxyEndpoint -func (mg *ProxyEndpoint) GetTerraformResourceType() string { - return "cloudflare_teams_proxy_endpoint" -} - -// GetConnectionDetailsMapping for this ProxyEndpoint -func (tr *ProxyEndpoint) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this ProxyEndpoint -func (tr *ProxyEndpoint) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this ProxyEndpoint -func (tr *ProxyEndpoint) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this ProxyEndpoint -func (tr *ProxyEndpoint) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this ProxyEndpoint -func (tr *ProxyEndpoint) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this ProxyEndpoint -func (tr *ProxyEndpoint) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this ProxyEndpoint using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *ProxyEndpoint) LateInitialize(attrs []byte) (bool, error) { - params := &ProxyEndpointParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *ProxyEndpoint) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Rule -func (mg *Rule) GetTerraformResourceType() string { - return "cloudflare_teams_rule" -} - -// GetConnectionDetailsMapping for this Rule -func (tr *Rule) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Rule -func (tr *Rule) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Rule -func (tr *Rule) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Rule -func (tr *Rule) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Rule -func (tr *Rule) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Rule -func (tr *Rule) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Rule using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Rule) LateInitialize(attrs []byte) (bool, error) { - params := &RuleParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Rule) GetTerraformSchemaVersion() int { - return 0 -} diff --git a/apis/teams/v1alpha1/zz_groupversion_info.go b/apis/teams/v1alpha1/zz_groupversion_info.go index c2a2ed5..b332bba 100755 --- a/apis/teams/v1alpha1/zz_groupversion_info.go +++ b/apis/teams/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/teams/v1alpha1/zz_list_terraformed.go b/apis/teams/v1alpha1/zz_list_terraformed.go new file mode 100755 index 0000000..2d494c5 --- /dev/null +++ b/apis/teams/v1alpha1/zz_list_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this List +func (mg *List) GetTerraformResourceType() string { + return "cloudflare_teams_list" +} + +// GetConnectionDetailsMapping for this List +func (tr *List) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this List +func (tr *List) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this List +func (tr *List) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this List +func (tr *List) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this List +func (tr *List) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this List +func (tr *List) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this List +func (tr *List) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this List +func (tr *List) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this List using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *List) LateInitialize(attrs []byte) (bool, error) { + params := &ListParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *List) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/teams/v1alpha1/zz_list_types.go b/apis/teams/v1alpha1/zz_list_types.go index 7baf17c..4f2f259 100755 --- a/apis/teams/v1alpha1/zz_list_types.go +++ b/apis/teams/v1alpha1/zz_list_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,61 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ListInitParameters struct { + + // The account to which the teams list should be added. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // The description of the teams list. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // The items of the teams list. + // +listType=set + Items []*string `json:"items,omitempty" tf:"items,omitempty"` + + // Name of the teams list. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The teams list type. Valid values are IP, SERIAL, URL, DOMAIN, and EMAIL. + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type ListObservation struct { + + // The account to which the teams list should be added. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // The description of the teams list. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // ID of the teams list. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // The items of the teams list. + // +listType=set + Items []*string `json:"items,omitempty" tf:"items,omitempty"` + + // Name of the teams list. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The teams list type. Valid values are IP, SERIAL, URL, DOMAIN, and EMAIL. + Type *string `json:"type,omitempty" tf:"type,omitempty"` } type ListParameters struct { + // The account to which the teams list should be added. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,23 +85,39 @@ type ListParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // The description of the teams list. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // The items of the teams list. // +kubebuilder:validation:Optional + // +listType=set Items []*string `json:"items,omitempty" tf:"items,omitempty"` - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // Name of the teams list. + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` - // +kubebuilder:validation:Required - Type *string `json:"type" tf:"type,omitempty"` + // The teams list type. Valid values are IP, SERIAL, URL, DOMAIN, and EMAIL. + // +kubebuilder:validation:Optional + Type *string `json:"type,omitempty" tf:"type,omitempty"` } // ListSpec defines the desired state of List type ListSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ListParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ListInitParameters `json:"initProvider,omitempty"` } // ListStatus defines the observed state of List. @@ -58,19 +127,22 @@ type ListStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// List is the Schema for the Lists API. +// List is the Schema for the Lists API. Provides a Cloudflare Teams List resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type List struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec ListSpec `json:"spec"` - Status ListStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.type) || (has(self.initProvider) && has(self.initProvider.type))",message="spec.forProvider.type is a required parameter" + Spec ListSpec `json:"spec"` + Status ListStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/teams/v1alpha1/zz_location_terraformed.go b/apis/teams/v1alpha1/zz_location_terraformed.go new file mode 100755 index 0000000..d44a3cf --- /dev/null +++ b/apis/teams/v1alpha1/zz_location_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Location +func (mg *Location) GetTerraformResourceType() string { + return "cloudflare_teams_location" +} + +// GetConnectionDetailsMapping for this Location +func (tr *Location) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Location +func (tr *Location) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Location +func (tr *Location) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Location +func (tr *Location) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Location +func (tr *Location) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Location +func (tr *Location) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Location +func (tr *Location) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Location +func (tr *Location) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Location using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Location) LateInitialize(attrs []byte) (bool, error) { + params := &LocationParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Location) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/teams/v1alpha1/zz_location_types.go b/apis/teams/v1alpha1/zz_location_types.go index cbba761..9f951db 100755 --- a/apis/teams/v1alpha1/zz_location_types.go +++ b/apis/teams/v1alpha1/zz_location_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,18 +17,59 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type LocationInitParameters struct { + + // The account to which the teams location should be added. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // Indicator that this is the default location. + ClientDefault *bool `json:"clientDefault,omitempty" tf:"client_default,omitempty"` + + // Name of the teams location. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The networks CIDRs that comprise the location. + Networks []NetworksInitParameters `json:"networks,omitempty" tf:"networks,omitempty"` +} + type LocationObservation struct { + + // The account to which the teams location should be added. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Indicator that anonymized logs are enabled. AnonymizedLogsEnabled *bool `json:"anonymizedLogsEnabled,omitempty" tf:"anonymized_logs_enabled,omitempty"` + // Indicator that this is the default location. + ClientDefault *bool `json:"clientDefault,omitempty" tf:"client_default,omitempty"` + + // The FQDN that DoH clients should be pointed at. DohSubdomain *string `json:"dohSubdomain,omitempty" tf:"doh_subdomain,omitempty"` + // ID of the teams location. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // Client IP address IP *string `json:"ip,omitempty" tf:"ip,omitempty"` + // IP to direct all IPv4 DNS queries too. IPv4Destination *string `json:"ipv4Destination,omitempty" tf:"ipv4_destination,omitempty"` - // +kubebuilder:validation:Optional + // Name of the teams location. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The networks CIDRs that comprise the location. Networks []NetworksObservation `json:"networks,omitempty" tf:"networks,omitempty"` PolicyIds []*string `json:"policyIds,omitempty" tf:"policy_ids,omitempty"` @@ -32,6 +77,7 @@ type LocationObservation struct { type LocationParameters struct { + // The account to which the teams location should be added. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -45,23 +91,34 @@ type LocationParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // Indicator that this is the default location. // +kubebuilder:validation:Optional ClientDefault *bool `json:"clientDefault,omitempty" tf:"client_default,omitempty"` - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // Name of the teams location. + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // The networks CIDRs that comprise the location. // +kubebuilder:validation:Optional Networks []NetworksParameters `json:"networks,omitempty" tf:"networks,omitempty"` } +type NetworksInitParameters struct { + Network *string `json:"network,omitempty" tf:"network,omitempty"` +} + type NetworksObservation struct { + + // ID of the teams location. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + Network *string `json:"network,omitempty" tf:"network,omitempty"` } type NetworksParameters struct { - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Network *string `json:"network" tf:"network,omitempty"` } @@ -69,6 +126,17 @@ type NetworksParameters struct { type LocationSpec struct { v1.ResourceSpec `json:",inline"` ForProvider LocationParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider LocationInitParameters `json:"initProvider,omitempty"` } // LocationStatus defines the observed state of Location. @@ -78,19 +146,21 @@ type LocationStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Location is the Schema for the Locations API. +// Location is the Schema for the Locations API. Provides a Cloudflare Teams Location resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Location struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec LocationSpec `json:"spec"` - Status LocationStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec LocationSpec `json:"spec"` + Status LocationStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/teams/v1alpha1/zz_proxyendpoint_terraformed.go b/apis/teams/v1alpha1/zz_proxyendpoint_terraformed.go new file mode 100755 index 0000000..c06f560 --- /dev/null +++ b/apis/teams/v1alpha1/zz_proxyendpoint_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this ProxyEndpoint +func (mg *ProxyEndpoint) GetTerraformResourceType() string { + return "cloudflare_teams_proxy_endpoint" +} + +// GetConnectionDetailsMapping for this ProxyEndpoint +func (tr *ProxyEndpoint) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this ProxyEndpoint +func (tr *ProxyEndpoint) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this ProxyEndpoint +func (tr *ProxyEndpoint) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this ProxyEndpoint +func (tr *ProxyEndpoint) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this ProxyEndpoint +func (tr *ProxyEndpoint) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this ProxyEndpoint +func (tr *ProxyEndpoint) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this ProxyEndpoint +func (tr *ProxyEndpoint) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this ProxyEndpoint +func (tr *ProxyEndpoint) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this ProxyEndpoint using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *ProxyEndpoint) LateInitialize(attrs []byte) (bool, error) { + params := &ProxyEndpointParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *ProxyEndpoint) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/teams/v1alpha1/zz_proxyendpoint_types.go b/apis/teams/v1alpha1/zz_proxyendpoint_types.go index b23331b..4808bcb 100755 --- a/apis/teams/v1alpha1/zz_proxyendpoint_types.go +++ b/apis/teams/v1alpha1/zz_proxyendpoint_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,14 +17,52 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ProxyEndpointInitParameters struct { + + // The account to which the teams proxy endpoint should be added. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // The networks CIDRs that will be allowed to initiate proxy connections. + // +listType=set + Ips []*string `json:"ips,omitempty" tf:"ips,omitempty"` + + // Name of the teams proxy endpoint. + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type ProxyEndpointObservation struct { + + // The account to which the teams proxy endpoint should be added. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // ID of the teams proxy endpoint. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // The networks CIDRs that will be allowed to initiate proxy connections. + // +listType=set + Ips []*string `json:"ips,omitempty" tf:"ips,omitempty"` + + // Name of the teams proxy endpoint. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The FQDN that proxy clients should be pointed at. Subdomain *string `json:"subdomain,omitempty" tf:"subdomain,omitempty"` } type ProxyEndpointParameters struct { + // The account to which the teams proxy endpoint should be added. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -34,17 +76,31 @@ type ProxyEndpointParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` - // +kubebuilder:validation:Required - Ips []*string `json:"ips" tf:"ips,omitempty"` + // The networks CIDRs that will be allowed to initiate proxy connections. + // +kubebuilder:validation:Optional + // +listType=set + Ips []*string `json:"ips,omitempty" tf:"ips,omitempty"` - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // Name of the teams proxy endpoint. + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` } // ProxyEndpointSpec defines the desired state of ProxyEndpoint type ProxyEndpointSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ProxyEndpointParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ProxyEndpointInitParameters `json:"initProvider,omitempty"` } // ProxyEndpointStatus defines the observed state of ProxyEndpoint. @@ -54,19 +110,22 @@ type ProxyEndpointStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// ProxyEndpoint is the Schema for the ProxyEndpoints API. +// ProxyEndpoint is the Schema for the ProxyEndpoints API. Provides a Cloudflare Teams Proxy Endpoint resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type ProxyEndpoint struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec ProxyEndpointSpec `json:"spec"` - Status ProxyEndpointStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.ips) || (has(self.initProvider) && has(self.initProvider.ips))",message="spec.forProvider.ips is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec ProxyEndpointSpec `json:"spec"` + Status ProxyEndpointStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/teams/v1alpha1/zz_rule_terraformed.go b/apis/teams/v1alpha1/zz_rule_terraformed.go new file mode 100755 index 0000000..04cd9c4 --- /dev/null +++ b/apis/teams/v1alpha1/zz_rule_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Rule +func (mg *Rule) GetTerraformResourceType() string { + return "cloudflare_teams_rule" +} + +// GetConnectionDetailsMapping for this Rule +func (tr *Rule) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Rule +func (tr *Rule) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Rule +func (tr *Rule) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Rule +func (tr *Rule) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Rule +func (tr *Rule) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Rule +func (tr *Rule) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Rule +func (tr *Rule) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Rule +func (tr *Rule) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Rule using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Rule) LateInitialize(attrs []byte) (bool, error) { + params := &RuleParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Rule) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/teams/v1alpha1/zz_rule_types.go b/apis/teams/v1alpha1/zz_rule_types.go index 6f53e9c..32720e7 100755 --- a/apis/teams/v1alpha1/zz_rule_types.go +++ b/apis/teams/v1alpha1/zz_rule_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,59 +17,213 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type BisoAdminControlsInitParameters struct { + + // (Boolean) Disable copy-paste. + DisableCopyPaste *bool `json:"disableCopyPaste,omitempty" tf:"disable_copy_paste,omitempty"` + + // (Boolean) Disable download. + DisableDownload *bool `json:"disableDownload,omitempty" tf:"disable_download,omitempty"` + + // (Boolean) Disable keyboard usage. + DisableKeyboard *bool `json:"disableKeyboard,omitempty" tf:"disable_keyboard,omitempty"` + + // (Boolean) Disable printing. + DisablePrinting *bool `json:"disablePrinting,omitempty" tf:"disable_printing,omitempty"` + + // (Boolean) Disable upload. + DisableUpload *bool `json:"disableUpload,omitempty" tf:"disable_upload,omitempty"` +} + type BisoAdminControlsObservation struct { + + // (Boolean) Disable copy-paste. + DisableCopyPaste *bool `json:"disableCopyPaste,omitempty" tf:"disable_copy_paste,omitempty"` + + // (Boolean) Disable download. + DisableDownload *bool `json:"disableDownload,omitempty" tf:"disable_download,omitempty"` + + // (Boolean) Disable keyboard usage. + DisableKeyboard *bool `json:"disableKeyboard,omitempty" tf:"disable_keyboard,omitempty"` + + // (Boolean) Disable printing. + DisablePrinting *bool `json:"disablePrinting,omitempty" tf:"disable_printing,omitempty"` + + // (Boolean) Disable upload. + DisableUpload *bool `json:"disableUpload,omitempty" tf:"disable_upload,omitempty"` } type BisoAdminControlsParameters struct { + // (Boolean) Disable copy-paste. // +kubebuilder:validation:Optional DisableCopyPaste *bool `json:"disableCopyPaste,omitempty" tf:"disable_copy_paste,omitempty"` + // (Boolean) Disable download. // +kubebuilder:validation:Optional DisableDownload *bool `json:"disableDownload,omitempty" tf:"disable_download,omitempty"` + // (Boolean) Disable keyboard usage. // +kubebuilder:validation:Optional DisableKeyboard *bool `json:"disableKeyboard,omitempty" tf:"disable_keyboard,omitempty"` + // (Boolean) Disable printing. // +kubebuilder:validation:Optional DisablePrinting *bool `json:"disablePrinting,omitempty" tf:"disable_printing,omitempty"` + // (Boolean) Disable upload. // +kubebuilder:validation:Optional DisableUpload *bool `json:"disableUpload,omitempty" tf:"disable_upload,omitempty"` } +type CheckSessionInitParameters struct { + + // Configure how fresh the session needs to be to be considered valid. + Duration *string `json:"duration,omitempty" tf:"duration,omitempty"` + + // Enable session enforcement for this rule. + Enforce *bool `json:"enforce,omitempty" tf:"enforce,omitempty"` +} + type CheckSessionObservation struct { + + // Configure how fresh the session needs to be to be considered valid. + Duration *string `json:"duration,omitempty" tf:"duration,omitempty"` + + // Enable session enforcement for this rule. + Enforce *bool `json:"enforce,omitempty" tf:"enforce,omitempty"` } type CheckSessionParameters struct { - // +kubebuilder:validation:Required + // Configure how fresh the session needs to be to be considered valid. + // +kubebuilder:validation:Optional Duration *string `json:"duration" tf:"duration,omitempty"` - // +kubebuilder:validation:Required + // Enable session enforcement for this rule. + // +kubebuilder:validation:Optional Enforce *bool `json:"enforce" tf:"enforce,omitempty"` } +type L4OverrideInitParameters struct { + + // Override IP to forward traffic to. + IP *string `json:"ip,omitempty" tf:"ip,omitempty"` + + // Override Port to forward traffic to. + Port *float64 `json:"port,omitempty" tf:"port,omitempty"` +} + type L4OverrideObservation struct { + + // Override IP to forward traffic to. + IP *string `json:"ip,omitempty" tf:"ip,omitempty"` + + // Override Port to forward traffic to. + Port *float64 `json:"port,omitempty" tf:"port,omitempty"` } type L4OverrideParameters struct { - // +kubebuilder:validation:Required + // Override IP to forward traffic to. + // +kubebuilder:validation:Optional IP *string `json:"ip" tf:"ip,omitempty"` - // +kubebuilder:validation:Required + // Override Port to forward traffic to. + // +kubebuilder:validation:Optional Port *float64 `json:"port" tf:"port,omitempty"` } +type RuleInitParameters struct { + + // The account to which the teams rule should be added. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // The action executed by matched teams rule. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // The description of the teams rule. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // The wirefilter expression to be used for device_posture check matching. + DevicePosture *string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // Indicator of rule enablement. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // The protocol or layer to evaluate the traffic and identity expressions. + Filters []*string `json:"filters,omitempty" tf:"filters,omitempty"` + + // The wirefilter expression to be used for identity matching. + Identity *string `json:"identity,omitempty" tf:"identity,omitempty"` + + // The name of the teams rule. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The evaluation precedence of the teams rule. + Precedence *float64 `json:"precedence,omitempty" tf:"precedence,omitempty"` + + // Additional rule settings (refer to the nested schema). + RuleSettings []RuleSettingsInitParameters `json:"ruleSettings,omitempty" tf:"rule_settings,omitempty"` + + // The wirefilter expression to be used for traffic matching. + Traffic *string `json:"traffic,omitempty" tf:"traffic,omitempty"` +} + type RuleObservation struct { + + // The account to which the teams rule should be added. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // The action executed by matched teams rule. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // The description of the teams rule. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // The wirefilter expression to be used for device_posture check matching. + DevicePosture *string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + + // Indicator of rule enablement. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // The protocol or layer to evaluate the traffic and identity expressions. + Filters []*string `json:"filters,omitempty" tf:"filters,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` + // The wirefilter expression to be used for identity matching. + Identity *string `json:"identity,omitempty" tf:"identity,omitempty"` + + // The name of the teams rule. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The evaluation precedence of the teams rule. + Precedence *float64 `json:"precedence,omitempty" tf:"precedence,omitempty"` + + // Additional rule settings (refer to the nested schema). + RuleSettings []RuleSettingsObservation `json:"ruleSettings,omitempty" tf:"rule_settings,omitempty"` + + // The wirefilter expression to be used for traffic matching. + Traffic *string `json:"traffic,omitempty" tf:"traffic,omitempty"` + Version *float64 `json:"version,omitempty" tf:"version,omitempty"` } type RuleParameters struct { + // The account to which the teams rule should be added. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -79,66 +237,145 @@ type RuleParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` - // +kubebuilder:validation:Required - Action *string `json:"action" tf:"action,omitempty"` + // The action executed by matched teams rule. + // +kubebuilder:validation:Optional + Action *string `json:"action,omitempty" tf:"action,omitempty"` - // +kubebuilder:validation:Required - Description *string `json:"description" tf:"description,omitempty"` + // The description of the teams rule. + // +kubebuilder:validation:Optional + Description *string `json:"description,omitempty" tf:"description,omitempty"` + // The wirefilter expression to be used for device_posture check matching. // +kubebuilder:validation:Optional DevicePosture *string `json:"devicePosture,omitempty" tf:"device_posture,omitempty"` + // Indicator of rule enablement. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // The protocol or layer to evaluate the traffic and identity expressions. // +kubebuilder:validation:Optional Filters []*string `json:"filters,omitempty" tf:"filters,omitempty"` + // The wirefilter expression to be used for identity matching. // +kubebuilder:validation:Optional Identity *string `json:"identity,omitempty" tf:"identity,omitempty"` - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // The name of the teams rule. + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` - // +kubebuilder:validation:Required - Precedence *float64 `json:"precedence" tf:"precedence,omitempty"` + // The evaluation precedence of the teams rule. + // +kubebuilder:validation:Optional + Precedence *float64 `json:"precedence,omitempty" tf:"precedence,omitempty"` + // Additional rule settings (refer to the nested schema). // +kubebuilder:validation:Optional RuleSettings []RuleSettingsParameters `json:"ruleSettings,omitempty" tf:"rule_settings,omitempty"` + // The wirefilter expression to be used for traffic matching. // +kubebuilder:validation:Optional Traffic *string `json:"traffic,omitempty" tf:"traffic,omitempty"` } +type RuleSettingsInitParameters struct { + + // Add custom headers to allowed requests in the form of key-value pairs. + // +mapType=granular + AddHeaders map[string]*string `json:"addHeaders,omitempty" tf:"add_headers,omitempty"` + + // Configure how browser isolation behaves (refer to the nested schema). + BisoAdminControls []BisoAdminControlsInitParameters `json:"bisoAdminControls,omitempty" tf:"biso_admin_controls,omitempty"` + + // Indicator of block page enablement. + BlockPageEnabled *bool `json:"blockPageEnabled,omitempty" tf:"block_page_enabled,omitempty"` + + // The displayed reason for a user being blocked. + BlockPageReason *string `json:"blockPageReason,omitempty" tf:"block_page_reason,omitempty"` + + // Configure how session check behaves (refer to the nested schema). + CheckSession []CheckSessionInitParameters `json:"checkSession,omitempty" tf:"check_session,omitempty"` + + // Disable DNSSEC validation (must be Allow rule) + InsecureDisableDNSSECValidation *bool `json:"insecureDisableDnssecValidation,omitempty" tf:"insecure_disable_dnssec_validation,omitempty"` + + // Settings to forward layer 4 traffic (refer to the nested schema). + L4Override []L4OverrideInitParameters `json:"l4override,omitempty" tf:"l4override,omitempty"` + + // The host to override matching DNS queries with. + OverrideHost *string `json:"overrideHost,omitempty" tf:"override_host,omitempty"` + + // The IPs to override matching DNS queries with. + OverrideIps []*string `json:"overrideIps,omitempty" tf:"override_ips,omitempty"` +} + type RuleSettingsObservation struct { + + // Add custom headers to allowed requests in the form of key-value pairs. + // +mapType=granular + AddHeaders map[string]*string `json:"addHeaders,omitempty" tf:"add_headers,omitempty"` + + // Configure how browser isolation behaves (refer to the nested schema). + BisoAdminControls []BisoAdminControlsObservation `json:"bisoAdminControls,omitempty" tf:"biso_admin_controls,omitempty"` + + // Indicator of block page enablement. + BlockPageEnabled *bool `json:"blockPageEnabled,omitempty" tf:"block_page_enabled,omitempty"` + + // The displayed reason for a user being blocked. + BlockPageReason *string `json:"blockPageReason,omitempty" tf:"block_page_reason,omitempty"` + + // Configure how session check behaves (refer to the nested schema). + CheckSession []CheckSessionObservation `json:"checkSession,omitempty" tf:"check_session,omitempty"` + + // Disable DNSSEC validation (must be Allow rule) + InsecureDisableDNSSECValidation *bool `json:"insecureDisableDnssecValidation,omitempty" tf:"insecure_disable_dnssec_validation,omitempty"` + + // Settings to forward layer 4 traffic (refer to the nested schema). + L4Override []L4OverrideObservation `json:"l4override,omitempty" tf:"l4override,omitempty"` + + // The host to override matching DNS queries with. + OverrideHost *string `json:"overrideHost,omitempty" tf:"override_host,omitempty"` + + // The IPs to override matching DNS queries with. + OverrideIps []*string `json:"overrideIps,omitempty" tf:"override_ips,omitempty"` } type RuleSettingsParameters struct { + // Add custom headers to allowed requests in the form of key-value pairs. // +kubebuilder:validation:Optional + // +mapType=granular AddHeaders map[string]*string `json:"addHeaders,omitempty" tf:"add_headers,omitempty"` + // Configure how browser isolation behaves (refer to the nested schema). // +kubebuilder:validation:Optional BisoAdminControls []BisoAdminControlsParameters `json:"bisoAdminControls,omitempty" tf:"biso_admin_controls,omitempty"` + // Indicator of block page enablement. // +kubebuilder:validation:Optional BlockPageEnabled *bool `json:"blockPageEnabled,omitempty" tf:"block_page_enabled,omitempty"` + // The displayed reason for a user being blocked. // +kubebuilder:validation:Optional BlockPageReason *string `json:"blockPageReason,omitempty" tf:"block_page_reason,omitempty"` + // Configure how session check behaves (refer to the nested schema). // +kubebuilder:validation:Optional CheckSession []CheckSessionParameters `json:"checkSession,omitempty" tf:"check_session,omitempty"` + // Disable DNSSEC validation (must be Allow rule) // +kubebuilder:validation:Optional InsecureDisableDNSSECValidation *bool `json:"insecureDisableDnssecValidation,omitempty" tf:"insecure_disable_dnssec_validation,omitempty"` + // Settings to forward layer 4 traffic (refer to the nested schema). // +kubebuilder:validation:Optional L4Override []L4OverrideParameters `json:"l4override,omitempty" tf:"l4override,omitempty"` + // The host to override matching DNS queries with. // +kubebuilder:validation:Optional OverrideHost *string `json:"overrideHost,omitempty" tf:"override_host,omitempty"` + // The IPs to override matching DNS queries with. // +kubebuilder:validation:Optional OverrideIps []*string `json:"overrideIps,omitempty" tf:"override_ips,omitempty"` } @@ -147,6 +384,17 @@ type RuleSettingsParameters struct { type RuleSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RuleParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RuleInitParameters `json:"initProvider,omitempty"` } // RuleStatus defines the observed state of Rule. @@ -156,19 +404,24 @@ type RuleStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Rule is the Schema for the Rules API. +// Rule is the Schema for the Rules API. Provides a Cloudflare Teams rule resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Rule struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RuleSpec `json:"spec"` - Status RuleStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.action) || (has(self.initProvider) && has(self.initProvider.action))",message="spec.forProvider.action is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.description) || (has(self.initProvider) && has(self.initProvider.description))",message="spec.forProvider.description is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.precedence) || (has(self.initProvider) && has(self.initProvider.precedence))",message="spec.forProvider.precedence is a required parameter" + Spec RuleSpec `json:"spec"` + Status RuleStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/v1alpha1/zz_generated.deepcopy.go b/apis/v1alpha1/zz_generated.deepcopy.go index 9d284ba..86f2d29 100644 --- a/apis/v1alpha1/zz_generated.deepcopy.go +++ b/apis/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. diff --git a/apis/v1beta1/zz_generated.deepcopy.go b/apis/v1beta1/zz_generated.deepcopy.go index ae71405..09df2c1 100644 --- a/apis/v1beta1/zz_generated.deepcopy.go +++ b/apis/v1beta1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. diff --git a/apis/waf/v1alpha1/zz_generated.conversion_hubs.go b/apis/waf/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..e8b759a --- /dev/null +++ b/apis/waf/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,23 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Group) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Override) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *WAFPackage) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Rule) Hub() {} diff --git a/apis/waf/v1alpha1/zz_generated.deepcopy.go b/apis/waf/v1alpha1/zz_generated.deepcopy.go index 9dae8fa..6facbcd 100644 --- a/apis/waf/v1alpha1/zz_generated.deepcopy.go +++ b/apis/waf/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,51 @@ func (in *Group) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupInitParameters) DeepCopyInto(out *GroupInitParameters) { + *out = *in + if in.GroupID != nil { + in, out := &in.GroupID, &out.GroupID + *out = new(string) + **out = **in + } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.PackageID != nil { + in, out := &in.PackageID, &out.PackageID + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupInitParameters. +func (in *GroupInitParameters) DeepCopy() *GroupInitParameters { + if in == nil { + return nil + } + out := new(GroupInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GroupList) DeepCopyInto(out *GroupList) { *out = *in @@ -76,11 +120,31 @@ func (in *GroupList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GroupObservation) DeepCopyInto(out *GroupObservation) { *out = *in + if in.GroupID != nil { + in, out := &in.GroupID, &out.GroupID + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.PackageID != nil { + in, out := &in.PackageID, &out.PackageID + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupObservation. @@ -143,6 +207,7 @@ func (in *GroupSpec) DeepCopyInto(out *GroupSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSpec. @@ -199,6 +264,110 @@ func (in *Override) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OverrideInitParameters) DeepCopyInto(out *OverrideInitParameters) { + *out = *in + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Groups != nil { + in, out := &in.Groups, &out.Groups + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.Paused != nil { + in, out := &in.Paused, &out.Paused + *out = new(bool) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.RewriteAction != nil { + in, out := &in.RewriteAction, &out.RewriteAction + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.Urls != nil { + in, out := &in.Urls, &out.Urls + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverrideInitParameters. +func (in *OverrideInitParameters) DeepCopy() *OverrideInitParameters { + if in == nil { + return nil + } + out := new(OverrideInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OverrideList) DeepCopyInto(out *OverrideList) { *out = *in @@ -234,6 +403,27 @@ func (in *OverrideList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OverrideObservation) DeepCopyInto(out *OverrideObservation) { *out = *in + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Groups != nil { + in, out := &in.Groups, &out.Groups + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) @@ -244,6 +434,64 @@ func (in *OverrideObservation) DeepCopyInto(out *OverrideObservation) { *out = new(string) **out = **in } + if in.Paused != nil { + in, out := &in.Paused, &out.Paused + *out = new(bool) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(float64) + **out = **in + } + if in.RewriteAction != nil { + in, out := &in.RewriteAction, &out.RewriteAction + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.Urls != nil { + in, out := &in.Urls, &out.Urls + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverrideObservation. @@ -272,7 +520,8 @@ func (in *OverrideParameters) DeepCopyInto(out *OverrideParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -297,7 +546,8 @@ func (in *OverrideParameters) DeepCopyInto(out *OverrideParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -312,7 +562,8 @@ func (in *OverrideParameters) DeepCopyInto(out *OverrideParameters) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(string) **out = **in } @@ -362,6 +613,7 @@ func (in *OverrideSpec) DeepCopyInto(out *OverrideSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OverrideSpec. @@ -418,6 +670,51 @@ func (in *Rule) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RuleInitParameters) DeepCopyInto(out *RuleInitParameters) { + *out = *in + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.PackageID != nil { + in, out := &in.PackageID, &out.PackageID + *out = new(string) + **out = **in + } + if in.RuleID != nil { + in, out := &in.RuleID, &out.RuleID + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleInitParameters. +func (in *RuleInitParameters) DeepCopy() *RuleInitParameters { + if in == nil { + return nil + } + out := new(RuleInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleList) DeepCopyInto(out *RuleList) { *out = *in @@ -463,6 +760,26 @@ func (in *RuleObservation) DeepCopyInto(out *RuleObservation) { *out = new(string) **out = **in } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.PackageID != nil { + in, out := &in.PackageID, &out.PackageID + *out = new(string) + **out = **in + } + if in.RuleID != nil { + in, out := &in.RuleID, &out.RuleID + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleObservation. @@ -525,6 +842,7 @@ func (in *RuleSpec) DeepCopyInto(out *RuleSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleSpec. @@ -581,6 +899,51 @@ func (in *WAFPackage) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WAFPackageInitParameters) DeepCopyInto(out *WAFPackageInitParameters) { + *out = *in + if in.ActionMode != nil { + in, out := &in.ActionMode, &out.ActionMode + *out = new(string) + **out = **in + } + if in.PackageID != nil { + in, out := &in.PackageID, &out.PackageID + *out = new(string) + **out = **in + } + if in.Sensitivity != nil { + in, out := &in.Sensitivity, &out.Sensitivity + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WAFPackageInitParameters. +func (in *WAFPackageInitParameters) DeepCopy() *WAFPackageInitParameters { + if in == nil { + return nil + } + out := new(WAFPackageInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *WAFPackageList) DeepCopyInto(out *WAFPackageList) { *out = *in @@ -616,11 +979,31 @@ func (in *WAFPackageList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *WAFPackageObservation) DeepCopyInto(out *WAFPackageObservation) { *out = *in + if in.ActionMode != nil { + in, out := &in.ActionMode, &out.ActionMode + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.PackageID != nil { + in, out := &in.PackageID, &out.PackageID + *out = new(string) + **out = **in + } + if in.Sensitivity != nil { + in, out := &in.Sensitivity, &out.Sensitivity + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WAFPackageObservation. @@ -683,6 +1066,7 @@ func (in *WAFPackageSpec) DeepCopyInto(out *WAFPackageSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WAFPackageSpec. diff --git a/apis/waf/v1alpha1/zz_generated.managed.go b/apis/waf/v1alpha1/zz_generated.managed.go index 0593eb2..ac39378 100644 --- a/apis/waf/v1alpha1/zz_generated.managed.go +++ b/apis/waf/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Group) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Group. +func (mg *Group) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Group. func (mg *Group) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Group. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Group) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Group. func (mg *Group) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Group) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Group. +func (mg *Group) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Group. func (mg *Group) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Group. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Group) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Group. func (mg *Group) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *Override) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Override. +func (mg *Override) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Override. func (mg *Override) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Override. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Override) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Override. func (mg *Override) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *Override) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Override. +func (mg *Override) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Override. func (mg *Override) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Override. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Override) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Override. func (mg *Override) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -149,19 +137,16 @@ func (mg *Rule) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Rule. +func (mg *Rule) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Rule. func (mg *Rule) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Rule. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Rule) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Rule. func (mg *Rule) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -182,19 +167,16 @@ func (mg *Rule) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Rule. +func (mg *Rule) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Rule. func (mg *Rule) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Rule. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Rule) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Rule. func (mg *Rule) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -215,19 +197,16 @@ func (mg *WAFPackage) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this WAFPackage. +func (mg *WAFPackage) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this WAFPackage. func (mg *WAFPackage) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this WAFPackage. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *WAFPackage) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this WAFPackage. func (mg *WAFPackage) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -248,19 +227,16 @@ func (mg *WAFPackage) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this WAFPackage. +func (mg *WAFPackage) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this WAFPackage. func (mg *WAFPackage) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this WAFPackage. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *WAFPackage) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this WAFPackage. func (mg *WAFPackage) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/waf/v1alpha1/zz_generated.resolvers.go b/apis/waf/v1alpha1/zz_generated.resolvers.go index f72c2e0..a9c10bd 100644 --- a/apis/waf/v1alpha1/zz_generated.resolvers.go +++ b/apis/waf/v1alpha1/zz_generated.resolvers.go @@ -36,6 +36,22 @@ func (mg *Group) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -62,6 +78,22 @@ func (mg *Override) ResolveReferences(ctx context.Context, c client.Reader) erro mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -88,6 +120,22 @@ func (mg *Rule) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -114,5 +162,21 @@ func (mg *WAFPackage) ResolveReferences(ctx context.Context, c client.Reader) er mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/waf/v1alpha1/zz_generated_terraformed.go b/apis/waf/v1alpha1/zz_generated_terraformed.go deleted file mode 100755 index 7bcb645..0000000 --- a/apis/waf/v1alpha1/zz_generated_terraformed.go +++ /dev/null @@ -1,310 +0,0 @@ -/* -Copyright 2022 Upbound Inc. -*/ - -// Code generated by upjet. DO NOT EDIT. - -package v1alpha1 - -import ( - "github.com/pkg/errors" - - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" -) - -// GetTerraformResourceType returns Terraform resource type for this Group -func (mg *Group) GetTerraformResourceType() string { - return "cloudflare_waf_group" -} - -// GetConnectionDetailsMapping for this Group -func (tr *Group) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Group -func (tr *Group) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Group -func (tr *Group) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Group -func (tr *Group) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Group -func (tr *Group) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Group -func (tr *Group) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Group using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Group) LateInitialize(attrs []byte) (bool, error) { - params := &GroupParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Group) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Override -func (mg *Override) GetTerraformResourceType() string { - return "cloudflare_waf_override" -} - -// GetConnectionDetailsMapping for this Override -func (tr *Override) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Override -func (tr *Override) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Override -func (tr *Override) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Override -func (tr *Override) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Override -func (tr *Override) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Override -func (tr *Override) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Override using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Override) LateInitialize(attrs []byte) (bool, error) { - params := &OverrideParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Override) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this WAFPackage -func (mg *WAFPackage) GetTerraformResourceType() string { - return "cloudflare_waf_package" -} - -// GetConnectionDetailsMapping for this WAFPackage -func (tr *WAFPackage) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this WAFPackage -func (tr *WAFPackage) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this WAFPackage -func (tr *WAFPackage) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this WAFPackage -func (tr *WAFPackage) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this WAFPackage -func (tr *WAFPackage) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this WAFPackage -func (tr *WAFPackage) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this WAFPackage using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *WAFPackage) LateInitialize(attrs []byte) (bool, error) { - params := &WAFPackageParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *WAFPackage) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Rule -func (mg *Rule) GetTerraformResourceType() string { - return "cloudflare_waf_rule" -} - -// GetConnectionDetailsMapping for this Rule -func (tr *Rule) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Rule -func (tr *Rule) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Rule -func (tr *Rule) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Rule -func (tr *Rule) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Rule -func (tr *Rule) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Rule -func (tr *Rule) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Rule using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Rule) LateInitialize(attrs []byte) (bool, error) { - params := &RuleParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Rule) GetTerraformSchemaVersion() int { - return 0 -} diff --git a/apis/waf/v1alpha1/zz_group_terraformed.go b/apis/waf/v1alpha1/zz_group_terraformed.go new file mode 100755 index 0000000..4db13e2 --- /dev/null +++ b/apis/waf/v1alpha1/zz_group_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Group +func (mg *Group) GetTerraformResourceType() string { + return "cloudflare_waf_group" +} + +// GetConnectionDetailsMapping for this Group +func (tr *Group) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Group +func (tr *Group) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Group +func (tr *Group) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Group +func (tr *Group) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Group +func (tr *Group) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Group +func (tr *Group) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Group +func (tr *Group) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Group +func (tr *Group) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Group using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Group) LateInitialize(attrs []byte) (bool, error) { + params := &GroupParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Group) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/waf/v1alpha1/zz_group_types.go b/apis/waf/v1alpha1/zz_group_types.go index 08b3aac..42a5aa1 100755 --- a/apis/waf/v1alpha1/zz_group_types.go +++ b/apis/waf/v1alpha1/zz_group_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,23 +17,71 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type GroupInitParameters struct { + + // The WAF Rule Group ID. + // **Modifying this attribute will force creation of a new resource.** + GroupID *string `json:"groupId,omitempty" tf:"group_id,omitempty"` + + // The mode of the group, can be one of ["on", "off"]. + // Defaults to `on`. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // The ID of the WAF Rule Package that contains the group. + PackageID *string `json:"packageId,omitempty" tf:"package_id,omitempty"` + + // The DNS zone ID to apply to. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type GroupObservation struct { + + // The WAF Rule Group ID. + // **Modifying this attribute will force creation of a new resource.** + GroupID *string `json:"groupId,omitempty" tf:"group_id,omitempty"` + + // The WAF Rule Group ID, the same as group_id. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // The mode of the group, can be one of ["on", "off"]. + // Defaults to `on`. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // The ID of the WAF Rule Package that contains the group. + PackageID *string `json:"packageId,omitempty" tf:"package_id,omitempty"` + + // The DNS zone ID to apply to. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type GroupParameters struct { + // The WAF Rule Group ID. // **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - GroupID *string `json:"groupId" tf:"group_id,omitempty"` + // +kubebuilder:validation:Optional + GroupID *string `json:"groupId,omitempty" tf:"group_id,omitempty"` + // The mode of the group, can be one of ["on", "off"]. // Defaults to `on`. // +kubebuilder:validation:Optional Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + // The ID of the WAF Rule Package that contains the group. // +kubebuilder:validation:Optional PackageID *string `json:"packageId,omitempty" tf:"package_id,omitempty"` + // The DNS zone ID to apply to. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -48,6 +100,17 @@ type GroupParameters struct { type GroupSpec struct { v1.ResourceSpec `json:",inline"` ForProvider GroupParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider GroupInitParameters `json:"initProvider,omitempty"` } // GroupStatus defines the observed state of Group. @@ -57,19 +120,21 @@ type GroupStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Group is the Schema for the Groups API. +// Group is the Schema for the Groups API. Provides a Cloudflare WAF rule group resource for a particular zone. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Group struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec GroupSpec `json:"spec"` - Status GroupStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.groupId) || (has(self.initProvider) && has(self.initProvider.groupId))",message="spec.forProvider.groupId is a required parameter" + Spec GroupSpec `json:"spec"` + Status GroupStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/waf/v1alpha1/zz_groupversion_info.go b/apis/waf/v1alpha1/zz_groupversion_info.go index 82ff574..42d69bb 100755 --- a/apis/waf/v1alpha1/zz_groupversion_info.go +++ b/apis/waf/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/waf/v1alpha1/zz_override_terraformed.go b/apis/waf/v1alpha1/zz_override_terraformed.go new file mode 100755 index 0000000..cbe6763 --- /dev/null +++ b/apis/waf/v1alpha1/zz_override_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Override +func (mg *Override) GetTerraformResourceType() string { + return "cloudflare_waf_override" +} + +// GetConnectionDetailsMapping for this Override +func (tr *Override) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Override +func (tr *Override) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Override +func (tr *Override) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Override +func (tr *Override) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Override +func (tr *Override) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Override +func (tr *Override) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Override +func (tr *Override) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Override +func (tr *Override) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Override using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Override) LateInitialize(attrs []byte) (bool, error) { + params := &OverrideParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Override) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/waf/v1alpha1/zz_override_types.go b/apis/waf/v1alpha1/zz_override_types.go index b970e88..91c958d 100755 --- a/apis/waf/v1alpha1/zz_override_types.go +++ b/apis/waf/v1alpha1/zz_override_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,35 +17,115 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type OverrideInitParameters struct { + + // Description of what the WAF override does. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // Similar to rules; which WAF groups you want to alter. + // +mapType=granular + Groups map[string]*string `json:"groups,omitempty" tf:"groups,omitempty"` + + // Whether this package is currently paused. + Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + + // Relative priority of this configuration when multiple configurations match a single URL. + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // When a WAF rule matches, substitute its configured action for a different action specified by this definition. + // +mapType=granular + RewriteAction map[string]*string `json:"rewriteAction,omitempty" tf:"rewrite_action,omitempty"` + + // A list of WAF rule ID to rule action you intend to apply. + // +mapType=granular + Rules map[string]*string `json:"rules,omitempty" tf:"rules,omitempty"` + + // An array of URLs to apply the WAF override to. + Urls []*string `json:"urls,omitempty" tf:"urls,omitempty"` + + // The DNS zone to which the WAF override condition should be added. + // The zone identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type OverrideObservation struct { + + // Description of what the WAF override does. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // Similar to rules; which WAF groups you want to alter. + // +mapType=granular + Groups map[string]*string `json:"groups,omitempty" tf:"groups,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` OverrideID *string `json:"overrideId,omitempty" tf:"override_id,omitempty"` + + // Whether this package is currently paused. + Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + + // Relative priority of this configuration when multiple configurations match a single URL. + Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + + // When a WAF rule matches, substitute its configured action for a different action specified by this definition. + // +mapType=granular + RewriteAction map[string]*string `json:"rewriteAction,omitempty" tf:"rewrite_action,omitempty"` + + // A list of WAF rule ID to rule action you intend to apply. + // +mapType=granular + Rules map[string]*string `json:"rules,omitempty" tf:"rules,omitempty"` + + // An array of URLs to apply the WAF override to. + Urls []*string `json:"urls,omitempty" tf:"urls,omitempty"` + + // The DNS zone to which the WAF override condition should be added. + // The zone identifier to target for the resource. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type OverrideParameters struct { + // Description of what the WAF override does. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // Similar to rules; which WAF groups you want to alter. // +kubebuilder:validation:Optional + // +mapType=granular Groups map[string]*string `json:"groups,omitempty" tf:"groups,omitempty"` + // Whether this package is currently paused. // +kubebuilder:validation:Optional Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + // Relative priority of this configuration when multiple configurations match a single URL. // +kubebuilder:validation:Optional Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"` + // When a WAF rule matches, substitute its configured action for a different action specified by this definition. // +kubebuilder:validation:Optional + // +mapType=granular RewriteAction map[string]*string `json:"rewriteAction,omitempty" tf:"rewrite_action,omitempty"` + // A list of WAF rule ID to rule action you intend to apply. // +kubebuilder:validation:Optional + // +mapType=granular Rules map[string]*string `json:"rules,omitempty" tf:"rules,omitempty"` - // +kubebuilder:validation:Required - Urls []*string `json:"urls" tf:"urls,omitempty"` + // An array of URLs to apply the WAF override to. + // +kubebuilder:validation:Optional + Urls []*string `json:"urls,omitempty" tf:"urls,omitempty"` + // The DNS zone to which the WAF override condition should be added. // The zone identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -60,6 +144,17 @@ type OverrideParameters struct { type OverrideSpec struct { v1.ResourceSpec `json:",inline"` ForProvider OverrideParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider OverrideInitParameters `json:"initProvider,omitempty"` } // OverrideStatus defines the observed state of Override. @@ -69,19 +164,21 @@ type OverrideStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Override is the Schema for the Overrides API. +// Override is the Schema for the Overrides API. Provides a Cloudflare WAF Override resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Override struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec OverrideSpec `json:"spec"` - Status OverrideStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.urls) || (has(self.initProvider) && has(self.initProvider.urls))",message="spec.forProvider.urls is a required parameter" + Spec OverrideSpec `json:"spec"` + Status OverrideStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/waf/v1alpha1/zz_rule_terraformed.go b/apis/waf/v1alpha1/zz_rule_terraformed.go new file mode 100755 index 0000000..52e2ca7 --- /dev/null +++ b/apis/waf/v1alpha1/zz_rule_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Rule +func (mg *Rule) GetTerraformResourceType() string { + return "cloudflare_waf_rule" +} + +// GetConnectionDetailsMapping for this Rule +func (tr *Rule) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Rule +func (tr *Rule) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Rule +func (tr *Rule) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Rule +func (tr *Rule) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Rule +func (tr *Rule) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Rule +func (tr *Rule) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Rule +func (tr *Rule) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Rule +func (tr *Rule) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Rule using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Rule) LateInitialize(attrs []byte) (bool, error) { + params := &RuleParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Rule) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/waf/v1alpha1/zz_rule_types.go b/apis/waf/v1alpha1/zz_rule_types.go index 8ec9cb4..09b6fde 100755 --- a/apis/waf/v1alpha1/zz_rule_types.go +++ b/apis/waf/v1alpha1/zz_rule_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,23 +17,68 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type RuleInitParameters struct { + + // The mode of the rule, can be one of ["block", "challenge", "default", "disable", "simulate"] or ["on", "off"] depending on the WAF Rule type. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // The ID of the WAF Rule Package that contains the rule. + PackageID *string `json:"packageId,omitempty" tf:"package_id,omitempty"` + + // The WAF Rule ID. + RuleID *string `json:"ruleId,omitempty" tf:"rule_id,omitempty"` + + // The DNS zone ID to apply to. + // The zone identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type RuleObservation struct { + + // The ID of the WAF Rule Group that contains the rule. GroupID *string `json:"groupId,omitempty" tf:"group_id,omitempty"` + // The WAF Rule ID, the same as rule_id. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // The mode of the rule, can be one of ["block", "challenge", "default", "disable", "simulate"] or ["on", "off"] depending on the WAF Rule type. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // The ID of the WAF Rule Package that contains the rule. + PackageID *string `json:"packageId,omitempty" tf:"package_id,omitempty"` + + // The WAF Rule ID. + RuleID *string `json:"ruleId,omitempty" tf:"rule_id,omitempty"` + + // The DNS zone ID to apply to. + // The zone identifier to target for the resource. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type RuleParameters struct { - // +kubebuilder:validation:Required - Mode *string `json:"mode" tf:"mode,omitempty"` + // The mode of the rule, can be one of ["block", "challenge", "default", "disable", "simulate"] or ["on", "off"] depending on the WAF Rule type. + // +kubebuilder:validation:Optional + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + // The ID of the WAF Rule Package that contains the rule. // +kubebuilder:validation:Optional PackageID *string `json:"packageId,omitempty" tf:"package_id,omitempty"` - // +kubebuilder:validation:Required - RuleID *string `json:"ruleId" tf:"rule_id,omitempty"` + // The WAF Rule ID. + // +kubebuilder:validation:Optional + RuleID *string `json:"ruleId,omitempty" tf:"rule_id,omitempty"` + // The DNS zone ID to apply to. // The zone identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -48,6 +97,17 @@ type RuleParameters struct { type RuleSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RuleParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RuleInitParameters `json:"initProvider,omitempty"` } // RuleStatus defines the observed state of Rule. @@ -57,19 +117,22 @@ type RuleStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Rule is the Schema for the Rules API. +// Rule is the Schema for the Rules API. Provides a Cloudflare WAF rule resource for a particular zone. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Rule struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RuleSpec `json:"spec"` - Status RuleStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.mode) || (has(self.initProvider) && has(self.initProvider.mode))",message="spec.forProvider.mode is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.ruleId) || (has(self.initProvider) && has(self.initProvider.ruleId))",message="spec.forProvider.ruleId is a required parameter" + Spec RuleSpec `json:"spec"` + Status RuleStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/waf/v1alpha1/zz_wafpackage_terraformed.go b/apis/waf/v1alpha1/zz_wafpackage_terraformed.go new file mode 100755 index 0000000..1627d42 --- /dev/null +++ b/apis/waf/v1alpha1/zz_wafpackage_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this WAFPackage +func (mg *WAFPackage) GetTerraformResourceType() string { + return "cloudflare_waf_package" +} + +// GetConnectionDetailsMapping for this WAFPackage +func (tr *WAFPackage) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this WAFPackage +func (tr *WAFPackage) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this WAFPackage +func (tr *WAFPackage) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this WAFPackage +func (tr *WAFPackage) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this WAFPackage +func (tr *WAFPackage) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this WAFPackage +func (tr *WAFPackage) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this WAFPackage +func (tr *WAFPackage) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this WAFPackage +func (tr *WAFPackage) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this WAFPackage using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *WAFPackage) LateInitialize(attrs []byte) (bool, error) { + params := &WAFPackageParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *WAFPackage) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/waf/v1alpha1/zz_wafpackage_types.go b/apis/waf/v1alpha1/zz_wafpackage_types.go index c0af22b..e9dc786 100755 --- a/apis/waf/v1alpha1/zz_wafpackage_types.go +++ b/apis/waf/v1alpha1/zz_wafpackage_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,24 +17,74 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type WAFPackageInitParameters struct { + + // The action mode of the package, can be one of ["block", "challenge", "simulate"]. + // Defaults to `challenge`. + ActionMode *string `json:"actionMode,omitempty" tf:"action_mode,omitempty"` + + // The WAF Package ID. + // **Modifying this attribute will force creation of a new resource.** + PackageID *string `json:"packageId,omitempty" tf:"package_id,omitempty"` + + // The sensitivity of the package, can be one of ["high", "medium", "low", "off"]. + // Defaults to `high`. + Sensitivity *string `json:"sensitivity,omitempty" tf:"sensitivity,omitempty"` + + // The DNS zone ID to apply to. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type WAFPackageObservation struct { + + // The action mode of the package, can be one of ["block", "challenge", "simulate"]. + // Defaults to `challenge`. + ActionMode *string `json:"actionMode,omitempty" tf:"action_mode,omitempty"` + + // The WAF Package ID, the same as package_id. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // The WAF Package ID. + // **Modifying this attribute will force creation of a new resource.** + PackageID *string `json:"packageId,omitempty" tf:"package_id,omitempty"` + + // The sensitivity of the package, can be one of ["high", "medium", "low", "off"]. + // Defaults to `high`. + Sensitivity *string `json:"sensitivity,omitempty" tf:"sensitivity,omitempty"` + + // The DNS zone ID to apply to. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type WAFPackageParameters struct { + // The action mode of the package, can be one of ["block", "challenge", "simulate"]. // Defaults to `challenge`. // +kubebuilder:validation:Optional ActionMode *string `json:"actionMode,omitempty" tf:"action_mode,omitempty"` + // The WAF Package ID. // **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - PackageID *string `json:"packageId" tf:"package_id,omitempty"` + // +kubebuilder:validation:Optional + PackageID *string `json:"packageId,omitempty" tf:"package_id,omitempty"` + // The sensitivity of the package, can be one of ["high", "medium", "low", "off"]. // Defaults to `high`. // +kubebuilder:validation:Optional Sensitivity *string `json:"sensitivity,omitempty" tf:"sensitivity,omitempty"` + // The DNS zone ID to apply to. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -49,6 +103,17 @@ type WAFPackageParameters struct { type WAFPackageSpec struct { v1.ResourceSpec `json:",inline"` ForProvider WAFPackageParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider WAFPackageInitParameters `json:"initProvider,omitempty"` } // WAFPackageStatus defines the observed state of WAFPackage. @@ -58,19 +123,21 @@ type WAFPackageStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// WAFPackage is the Schema for the WAFPackages API. +// WAFPackage is the Schema for the WAFPackages API. Provides a Cloudflare WAF rule package resource for a particular zone. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type WAFPackage struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec WAFPackageSpec `json:"spec"` - Status WAFPackageStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.packageId) || (has(self.initProvider) && has(self.initProvider.packageId))",message="spec.forProvider.packageId is a required parameter" + Spec WAFPackageSpec `json:"spec"` + Status WAFPackageStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/waitingroom/v1alpha1/zz_event_terraformed.go b/apis/waitingroom/v1alpha1/zz_event_terraformed.go new file mode 100755 index 0000000..f836588 --- /dev/null +++ b/apis/waitingroom/v1alpha1/zz_event_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Event +func (mg *Event) GetTerraformResourceType() string { + return "cloudflare_waiting_room_event" +} + +// GetConnectionDetailsMapping for this Event +func (tr *Event) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Event +func (tr *Event) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Event +func (tr *Event) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Event +func (tr *Event) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Event +func (tr *Event) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Event +func (tr *Event) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Event +func (tr *Event) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Event +func (tr *Event) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Event using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Event) LateInitialize(attrs []byte) (bool, error) { + params := &EventParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Event) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/waitingroom/v1alpha1/zz_event_types.go b/apis/waitingroom/v1alpha1/zz_event_types.go index 4845f3c..ce0153e 100755 --- a/apis/waitingroom/v1alpha1/zz_event_types.go +++ b/apis/waitingroom/v1alpha1/zz_event_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,71 +17,229 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type EventInitParameters struct { + + // (String) This is a templated html file that will be rendered at the edge. + // This is a templated html file that will be rendered at the edge. + CustomPageHTML *string `json:"customPageHtml,omitempty" tf:"custom_page_html,omitempty"` + + // (String) A description to let users add more details about the event. + // A description to let users add more details about the event. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Boolean) Disables automatic renewal of session cookies. + // Disables automatic renewal of session cookies. + DisableSessionRenewal *bool `json:"disableSessionRenewal,omitempty" tf:"disable_session_renewal,omitempty"` + + // (String) ISO 8601 timestamp that marks the end of the event. Modifying this attribute will force creation of a new resource. + // ISO 8601 timestamp that marks the end of the event. **Modifying this attribute will force creation of a new resource.** + EventEndTime *string `json:"eventEndTime,omitempty" tf:"event_end_time,omitempty"` + + // (String) ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before event_end_time. Modifying this attribute will force creation of a new resource. + // ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before `event_end_time`. **Modifying this attribute will force creation of a new resource.** + EventStartTime *string `json:"eventStartTime,omitempty" tf:"event_start_time,omitempty"` + + // (String) A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. Modifying this attribute will force creation of a new resource. + // A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Number) The number of new users that will be let into the route every minute. + // The number of new users that will be let into the route every minute. + NewUsersPerMinute *float64 `json:"newUsersPerMinute,omitempty" tf:"new_users_per_minute,omitempty"` + + // (String) ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before event_start_time. + // ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before `event_start_time`. + PrequeueStartTime *string `json:"prequeueStartTime,omitempty" tf:"prequeue_start_time,omitempty"` + + // (String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. + // The queueing method used by the waiting room. Available values: `fifo`, `random`, `passthrough`, `reject`. + QueueingMethod *string `json:"queueingMethod,omitempty" tf:"queueing_method,omitempty"` + + // (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. + // Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. + SessionDuration *float64 `json:"sessionDuration,omitempty" tf:"session_duration,omitempty"` + + // (Boolean) Users in the prequeue will be shuffled randomly at the event_start_time. Requires that prequeue_start_time is not null. Defaults to false. + // Users in the prequeue will be shuffled randomly at the `event_start_time`. Requires that `prequeue_start_time` is not null. Defaults to `false`. + ShuffleAtEventStart *bool `json:"shuffleAtEventStart,omitempty" tf:"shuffle_at_event_start,omitempty"` + + // (Boolean) If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. + // If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. + Suspended *bool `json:"suspended,omitempty" tf:"suspended,omitempty"` + + // (Number) The total number of active user sessions on the route at a point in time. + // The total number of active user sessions on the route at a point in time. + TotalActiveUsers *float64 `json:"totalActiveUsers,omitempty" tf:"total_active_users,omitempty"` + + // (String) The Waiting Room ID the event should apply to. Modifying this attribute will force creation of a new resource. + // The Waiting Room ID the event should apply to. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=Room + WaitingRoomID *string `json:"waitingRoomId,omitempty" tf:"waiting_room_id,omitempty"` + + // Reference to a Room to populate waitingRoomId. + // +kubebuilder:validation:Optional + WaitingRoomIDRef *v1.Reference `json:"waitingRoomIdRef,omitempty" tf:"-"` + + // Selector for a Room to populate waitingRoomId. + // +kubebuilder:validation:Optional + WaitingRoomIDSelector *v1.Selector `json:"waitingRoomIdSelector,omitempty" tf:"-"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type EventObservation struct { + // (String) Creation time. // Creation time. CreatedOn *string `json:"createdOn,omitempty" tf:"created_on,omitempty"` + // (String) This is a templated html file that will be rendered at the edge. + // This is a templated html file that will be rendered at the edge. + CustomPageHTML *string `json:"customPageHtml,omitempty" tf:"custom_page_html,omitempty"` + + // (String) A description to let users add more details about the event. + // A description to let users add more details about the event. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Boolean) Disables automatic renewal of session cookies. + // Disables automatic renewal of session cookies. + DisableSessionRenewal *bool `json:"disableSessionRenewal,omitempty" tf:"disable_session_renewal,omitempty"` + + // (String) ISO 8601 timestamp that marks the end of the event. Modifying this attribute will force creation of a new resource. + // ISO 8601 timestamp that marks the end of the event. **Modifying this attribute will force creation of a new resource.** + EventEndTime *string `json:"eventEndTime,omitempty" tf:"event_end_time,omitempty"` + + // (String) ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before event_end_time. Modifying this attribute will force creation of a new resource. + // ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before `event_end_time`. **Modifying this attribute will force creation of a new resource.** + EventStartTime *string `json:"eventStartTime,omitempty" tf:"event_start_time,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (String) Last modified time. // Last modified time. ModifiedOn *string `json:"modifiedOn,omitempty" tf:"modified_on,omitempty"` + + // (String) A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. Modifying this attribute will force creation of a new resource. + // A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Number) The number of new users that will be let into the route every minute. + // The number of new users that will be let into the route every minute. + NewUsersPerMinute *float64 `json:"newUsersPerMinute,omitempty" tf:"new_users_per_minute,omitempty"` + + // (String) ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before event_start_time. + // ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before `event_start_time`. + PrequeueStartTime *string `json:"prequeueStartTime,omitempty" tf:"prequeue_start_time,omitempty"` + + // (String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. + // The queueing method used by the waiting room. Available values: `fifo`, `random`, `passthrough`, `reject`. + QueueingMethod *string `json:"queueingMethod,omitempty" tf:"queueing_method,omitempty"` + + // (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. + // Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. + SessionDuration *float64 `json:"sessionDuration,omitempty" tf:"session_duration,omitempty"` + + // (Boolean) Users in the prequeue will be shuffled randomly at the event_start_time. Requires that prequeue_start_time is not null. Defaults to false. + // Users in the prequeue will be shuffled randomly at the `event_start_time`. Requires that `prequeue_start_time` is not null. Defaults to `false`. + ShuffleAtEventStart *bool `json:"shuffleAtEventStart,omitempty" tf:"shuffle_at_event_start,omitempty"` + + // (Boolean) If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. + // If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. + Suspended *bool `json:"suspended,omitempty" tf:"suspended,omitempty"` + + // (Number) The total number of active user sessions on the route at a point in time. + // The total number of active user sessions on the route at a point in time. + TotalActiveUsers *float64 `json:"totalActiveUsers,omitempty" tf:"total_active_users,omitempty"` + + // (String) The Waiting Room ID the event should apply to. Modifying this attribute will force creation of a new resource. + // The Waiting Room ID the event should apply to. **Modifying this attribute will force creation of a new resource.** + WaitingRoomID *string `json:"waitingRoomId,omitempty" tf:"waiting_room_id,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type EventParameters struct { + // (String) This is a templated html file that will be rendered at the edge. // This is a templated html file that will be rendered at the edge. // +kubebuilder:validation:Optional CustomPageHTML *string `json:"customPageHtml,omitempty" tf:"custom_page_html,omitempty"` + // (String) A description to let users add more details about the event. // A description to let users add more details about the event. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (Boolean) Disables automatic renewal of session cookies. // Disables automatic renewal of session cookies. // +kubebuilder:validation:Optional DisableSessionRenewal *bool `json:"disableSessionRenewal,omitempty" tf:"disable_session_renewal,omitempty"` + // (String) ISO 8601 timestamp that marks the end of the event. Modifying this attribute will force creation of a new resource. // ISO 8601 timestamp that marks the end of the event. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - EventEndTime *string `json:"eventEndTime" tf:"event_end_time,omitempty"` + // +kubebuilder:validation:Optional + EventEndTime *string `json:"eventEndTime,omitempty" tf:"event_end_time,omitempty"` + // (String) ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before event_end_time. Modifying this attribute will force creation of a new resource. // ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before `event_end_time`. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - EventStartTime *string `json:"eventStartTime" tf:"event_start_time,omitempty"` + // +kubebuilder:validation:Optional + EventStartTime *string `json:"eventStartTime,omitempty" tf:"event_start_time,omitempty"` + // (String) A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. Modifying this attribute will force creation of a new resource. // A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (Number) The number of new users that will be let into the route every minute. // The number of new users that will be let into the route every minute. // +kubebuilder:validation:Optional NewUsersPerMinute *float64 `json:"newUsersPerMinute,omitempty" tf:"new_users_per_minute,omitempty"` + // (String) ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before event_start_time. // ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before `event_start_time`. // +kubebuilder:validation:Optional PrequeueStartTime *string `json:"prequeueStartTime,omitempty" tf:"prequeue_start_time,omitempty"` + // (String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. // The queueing method used by the waiting room. Available values: `fifo`, `random`, `passthrough`, `reject`. // +kubebuilder:validation:Optional QueueingMethod *string `json:"queueingMethod,omitempty" tf:"queueing_method,omitempty"` + // (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. // Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. // +kubebuilder:validation:Optional SessionDuration *float64 `json:"sessionDuration,omitempty" tf:"session_duration,omitempty"` + // (Boolean) Users in the prequeue will be shuffled randomly at the event_start_time. Requires that prequeue_start_time is not null. Defaults to false. // Users in the prequeue will be shuffled randomly at the `event_start_time`. Requires that `prequeue_start_time` is not null. Defaults to `false`. // +kubebuilder:validation:Optional ShuffleAtEventStart *bool `json:"shuffleAtEventStart,omitempty" tf:"shuffle_at_event_start,omitempty"` + // (Boolean) If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. // If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. // +kubebuilder:validation:Optional Suspended *bool `json:"suspended,omitempty" tf:"suspended,omitempty"` + // (Number) The total number of active user sessions on the route at a point in time. // The total number of active user sessions on the route at a point in time. // +kubebuilder:validation:Optional TotalActiveUsers *float64 `json:"totalActiveUsers,omitempty" tf:"total_active_users,omitempty"` + // (String) The Waiting Room ID the event should apply to. Modifying this attribute will force creation of a new resource. // The Waiting Room ID the event should apply to. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=Room // +kubebuilder:validation:Optional @@ -91,6 +253,7 @@ type EventParameters struct { // +kubebuilder:validation:Optional WaitingRoomIDSelector *v1.Selector `json:"waitingRoomIdSelector,omitempty" tf:"-"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -109,6 +272,17 @@ type EventParameters struct { type EventSpec struct { v1.ResourceSpec `json:",inline"` ForProvider EventParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider EventInitParameters `json:"initProvider,omitempty"` } // EventStatus defines the observed state of Event. @@ -118,19 +292,23 @@ type EventStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Event is the Schema for the Events API. +// Event is the Schema for the Events API. Provides a Cloudflare Waiting Room Event resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Event struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec EventSpec `json:"spec"` - Status EventStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.eventEndTime) || (has(self.initProvider) && has(self.initProvider.eventEndTime))",message="spec.forProvider.eventEndTime is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.eventStartTime) || (has(self.initProvider) && has(self.initProvider.eventStartTime))",message="spec.forProvider.eventStartTime is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec EventSpec `json:"spec"` + Status EventStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/waitingroom/v1alpha1/zz_generated.conversion_hubs.go b/apis/waitingroom/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..9f10467 --- /dev/null +++ b/apis/waitingroom/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,20 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Room) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Event) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Rules) Hub() {} diff --git a/apis/waitingroom/v1alpha1/zz_generated.deepcopy.go b/apis/waitingroom/v1alpha1/zz_generated.deepcopy.go index 1d17c5e..a648f72 100644 --- a/apis/waitingroom/v1alpha1/zz_generated.deepcopy.go +++ b/apis/waitingroom/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,116 @@ func (in *Event) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EventInitParameters) DeepCopyInto(out *EventInitParameters) { + *out = *in + if in.CustomPageHTML != nil { + in, out := &in.CustomPageHTML, &out.CustomPageHTML + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DisableSessionRenewal != nil { + in, out := &in.DisableSessionRenewal, &out.DisableSessionRenewal + *out = new(bool) + **out = **in + } + if in.EventEndTime != nil { + in, out := &in.EventEndTime, &out.EventEndTime + *out = new(string) + **out = **in + } + if in.EventStartTime != nil { + in, out := &in.EventStartTime, &out.EventStartTime + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.NewUsersPerMinute != nil { + in, out := &in.NewUsersPerMinute, &out.NewUsersPerMinute + *out = new(float64) + **out = **in + } + if in.PrequeueStartTime != nil { + in, out := &in.PrequeueStartTime, &out.PrequeueStartTime + *out = new(string) + **out = **in + } + if in.QueueingMethod != nil { + in, out := &in.QueueingMethod, &out.QueueingMethod + *out = new(string) + **out = **in + } + if in.SessionDuration != nil { + in, out := &in.SessionDuration, &out.SessionDuration + *out = new(float64) + **out = **in + } + if in.ShuffleAtEventStart != nil { + in, out := &in.ShuffleAtEventStart, &out.ShuffleAtEventStart + *out = new(bool) + **out = **in + } + if in.Suspended != nil { + in, out := &in.Suspended, &out.Suspended + *out = new(bool) + **out = **in + } + if in.TotalActiveUsers != nil { + in, out := &in.TotalActiveUsers, &out.TotalActiveUsers + *out = new(float64) + **out = **in + } + if in.WaitingRoomID != nil { + in, out := &in.WaitingRoomID, &out.WaitingRoomID + *out = new(string) + **out = **in + } + if in.WaitingRoomIDRef != nil { + in, out := &in.WaitingRoomIDRef, &out.WaitingRoomIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.WaitingRoomIDSelector != nil { + in, out := &in.WaitingRoomIDSelector, &out.WaitingRoomIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventInitParameters. +func (in *EventInitParameters) DeepCopy() *EventInitParameters { + if in == nil { + return nil + } + out := new(EventInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *EventList) DeepCopyInto(out *EventList) { *out = *in @@ -81,6 +190,31 @@ func (in *EventObservation) DeepCopyInto(out *EventObservation) { *out = new(string) **out = **in } + if in.CustomPageHTML != nil { + in, out := &in.CustomPageHTML, &out.CustomPageHTML + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DisableSessionRenewal != nil { + in, out := &in.DisableSessionRenewal, &out.DisableSessionRenewal + *out = new(bool) + **out = **in + } + if in.EventEndTime != nil { + in, out := &in.EventEndTime, &out.EventEndTime + *out = new(string) + **out = **in + } + if in.EventStartTime != nil { + in, out := &in.EventStartTime, &out.EventStartTime + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) @@ -91,6 +225,56 @@ func (in *EventObservation) DeepCopyInto(out *EventObservation) { *out = new(string) **out = **in } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.NewUsersPerMinute != nil { + in, out := &in.NewUsersPerMinute, &out.NewUsersPerMinute + *out = new(float64) + **out = **in + } + if in.PrequeueStartTime != nil { + in, out := &in.PrequeueStartTime, &out.PrequeueStartTime + *out = new(string) + **out = **in + } + if in.QueueingMethod != nil { + in, out := &in.QueueingMethod, &out.QueueingMethod + *out = new(string) + **out = **in + } + if in.SessionDuration != nil { + in, out := &in.SessionDuration, &out.SessionDuration + *out = new(float64) + **out = **in + } + if in.ShuffleAtEventStart != nil { + in, out := &in.ShuffleAtEventStart, &out.ShuffleAtEventStart + *out = new(bool) + **out = **in + } + if in.Suspended != nil { + in, out := &in.Suspended, &out.Suspended + *out = new(bool) + **out = **in + } + if in.TotalActiveUsers != nil { + in, out := &in.TotalActiveUsers, &out.TotalActiveUsers + *out = new(float64) + **out = **in + } + if in.WaitingRoomID != nil { + in, out := &in.WaitingRoomID, &out.WaitingRoomID + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventObservation. @@ -218,6 +402,7 @@ func (in *EventSpec) DeepCopyInto(out *EventSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventSpec. @@ -274,6 +459,106 @@ func (in *Room) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RoomInitParameters) DeepCopyInto(out *RoomInitParameters) { + *out = *in + if in.CustomPageHTML != nil { + in, out := &in.CustomPageHTML, &out.CustomPageHTML + *out = new(string) + **out = **in + } + if in.DefaultTemplateLanguage != nil { + in, out := &in.DefaultTemplateLanguage, &out.DefaultTemplateLanguage + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DisableSessionRenewal != nil { + in, out := &in.DisableSessionRenewal, &out.DisableSessionRenewal + *out = new(bool) + **out = **in + } + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = new(string) + **out = **in + } + if in.JSONResponseEnabled != nil { + in, out := &in.JSONResponseEnabled, &out.JSONResponseEnabled + *out = new(bool) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.NewUsersPerMinute != nil { + in, out := &in.NewUsersPerMinute, &out.NewUsersPerMinute + *out = new(float64) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + if in.QueueAll != nil { + in, out := &in.QueueAll, &out.QueueAll + *out = new(bool) + **out = **in + } + if in.QueueingMethod != nil { + in, out := &in.QueueingMethod, &out.QueueingMethod + *out = new(string) + **out = **in + } + if in.SessionDuration != nil { + in, out := &in.SessionDuration, &out.SessionDuration + *out = new(float64) + **out = **in + } + if in.Suspended != nil { + in, out := &in.Suspended, &out.Suspended + *out = new(bool) + **out = **in + } + if in.TotalActiveUsers != nil { + in, out := &in.TotalActiveUsers, &out.TotalActiveUsers + *out = new(float64) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoomInitParameters. +func (in *RoomInitParameters) DeepCopy() *RoomInitParameters { + if in == nil { + return nil + } + out := new(RoomInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RoomList) DeepCopyInto(out *RoomList) { *out = *in @@ -309,11 +594,86 @@ func (in *RoomList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RoomObservation) DeepCopyInto(out *RoomObservation) { *out = *in + if in.CustomPageHTML != nil { + in, out := &in.CustomPageHTML, &out.CustomPageHTML + *out = new(string) + **out = **in + } + if in.DefaultTemplateLanguage != nil { + in, out := &in.DefaultTemplateLanguage, &out.DefaultTemplateLanguage + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DisableSessionRenewal != nil { + in, out := &in.DisableSessionRenewal, &out.DisableSessionRenewal + *out = new(bool) + **out = **in + } + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.JSONResponseEnabled != nil { + in, out := &in.JSONResponseEnabled, &out.JSONResponseEnabled + *out = new(bool) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.NewUsersPerMinute != nil { + in, out := &in.NewUsersPerMinute, &out.NewUsersPerMinute + *out = new(float64) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + if in.QueueAll != nil { + in, out := &in.QueueAll, &out.QueueAll + *out = new(bool) + **out = **in + } + if in.QueueingMethod != nil { + in, out := &in.QueueingMethod, &out.QueueingMethod + *out = new(string) + **out = **in + } + if in.SessionDuration != nil { + in, out := &in.SessionDuration, &out.SessionDuration + *out = new(float64) + **out = **in + } + if in.Suspended != nil { + in, out := &in.Suspended, &out.Suspended + *out = new(bool) + **out = **in + } + if in.TotalActiveUsers != nil { + in, out := &in.TotalActiveUsers, &out.TotalActiveUsers + *out = new(float64) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoomObservation. @@ -431,6 +791,7 @@ func (in *RoomSpec) DeepCopyInto(out *RoomSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoomSpec. @@ -487,6 +848,58 @@ func (in *Rules) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RulesInitParameters) DeepCopyInto(out *RulesInitParameters) { + *out = *in + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]RulesRulesInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.WaitingRoomID != nil { + in, out := &in.WaitingRoomID, &out.WaitingRoomID + *out = new(string) + **out = **in + } + if in.WaitingRoomIDRef != nil { + in, out := &in.WaitingRoomIDRef, &out.WaitingRoomIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.WaitingRoomIDSelector != nil { + in, out := &in.WaitingRoomIDSelector, &out.WaitingRoomIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesInitParameters. +func (in *RulesInitParameters) DeepCopy() *RulesInitParameters { + if in == nil { + return nil + } + out := new(RulesInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RulesList) DeepCopyInto(out *RulesList) { *out = *in @@ -534,6 +947,16 @@ func (in *RulesObservation) DeepCopyInto(out *RulesObservation) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.WaitingRoomID != nil { + in, out := &in.WaitingRoomID, &out.WaitingRoomID + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesObservation. @@ -598,14 +1021,69 @@ func (in *RulesParameters) DeepCopy() *RulesParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RulesRulesInitParameters) DeepCopyInto(out *RulesRulesInitParameters) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesRulesInitParameters. +func (in *RulesRulesInitParameters) DeepCopy() *RulesRulesInitParameters { + if in == nil { + return nil + } + out := new(RulesRulesInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RulesRulesObservation) DeepCopyInto(out *RulesRulesObservation) { *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Expression != nil { + in, out := &in.Expression, &out.Expression + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } if in.Version != nil { in, out := &in.Version, &out.Version *out = new(string) @@ -663,6 +1141,7 @@ func (in *RulesSpec) DeepCopyInto(out *RulesSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesSpec. diff --git a/apis/waitingroom/v1alpha1/zz_generated.managed.go b/apis/waitingroom/v1alpha1/zz_generated.managed.go index a8f81a4..bc675c1 100644 --- a/apis/waitingroom/v1alpha1/zz_generated.managed.go +++ b/apis/waitingroom/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Event) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Event. +func (mg *Event) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Event. func (mg *Event) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Event. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Event) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Event. func (mg *Event) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Event) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Event. +func (mg *Event) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Event. func (mg *Event) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Event. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Event) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Event. func (mg *Event) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *Room) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Room. +func (mg *Room) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Room. func (mg *Room) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Room. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Room) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Room. func (mg *Room) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *Room) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Room. +func (mg *Room) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Room. func (mg *Room) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Room. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Room) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Room. func (mg *Room) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -149,19 +137,16 @@ func (mg *Rules) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Rules. +func (mg *Rules) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Rules. func (mg *Rules) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Rules. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Rules) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Rules. func (mg *Rules) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -182,19 +167,16 @@ func (mg *Rules) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Rules. +func (mg *Rules) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Rules. func (mg *Rules) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Rules. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Rules) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Rules. func (mg *Rules) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/waitingroom/v1alpha1/zz_generated.resolvers.go b/apis/waitingroom/v1alpha1/zz_generated.resolvers.go index a6b750e..fe3f3b1 100644 --- a/apis/waitingroom/v1alpha1/zz_generated.resolvers.go +++ b/apis/waitingroom/v1alpha1/zz_generated.resolvers.go @@ -52,6 +52,38 @@ func (mg *Event) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.WaitingRoomID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.WaitingRoomIDRef, + Selector: mg.Spec.InitProvider.WaitingRoomIDSelector, + To: reference.To{ + List: &RoomList{}, + Managed: &Room{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.WaitingRoomID") + } + mg.Spec.InitProvider.WaitingRoomID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.WaitingRoomIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -78,6 +110,22 @@ func (mg *Room) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -120,5 +168,37 @@ func (mg *Rules) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.WaitingRoomID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.WaitingRoomIDRef, + Selector: mg.Spec.InitProvider.WaitingRoomIDSelector, + To: reference.To{ + List: &RoomList{}, + Managed: &Room{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.WaitingRoomID") + } + mg.Spec.InitProvider.WaitingRoomID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.WaitingRoomIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/waitingroom/v1alpha1/zz_generated_terraformed.go b/apis/waitingroom/v1alpha1/zz_generated_terraformed.go deleted file mode 100755 index c971667..0000000 --- a/apis/waitingroom/v1alpha1/zz_generated_terraformed.go +++ /dev/null @@ -1,236 +0,0 @@ -/* -Copyright 2022 Upbound Inc. -*/ - -// Code generated by upjet. DO NOT EDIT. - -package v1alpha1 - -import ( - "github.com/pkg/errors" - - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" -) - -// GetTerraformResourceType returns Terraform resource type for this Room -func (mg *Room) GetTerraformResourceType() string { - return "cloudflare_waiting_room" -} - -// GetConnectionDetailsMapping for this Room -func (tr *Room) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Room -func (tr *Room) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Room -func (tr *Room) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Room -func (tr *Room) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Room -func (tr *Room) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Room -func (tr *Room) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Room using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Room) LateInitialize(attrs []byte) (bool, error) { - params := &RoomParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Room) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Event -func (mg *Event) GetTerraformResourceType() string { - return "cloudflare_waiting_room_event" -} - -// GetConnectionDetailsMapping for this Event -func (tr *Event) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Event -func (tr *Event) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Event -func (tr *Event) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Event -func (tr *Event) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Event -func (tr *Event) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Event -func (tr *Event) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Event using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Event) LateInitialize(attrs []byte) (bool, error) { - params := &EventParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Event) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Rules -func (mg *Rules) GetTerraformResourceType() string { - return "cloudflare_waiting_room_rules" -} - -// GetConnectionDetailsMapping for this Rules -func (tr *Rules) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Rules -func (tr *Rules) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Rules -func (tr *Rules) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Rules -func (tr *Rules) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Rules -func (tr *Rules) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Rules -func (tr *Rules) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Rules using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Rules) LateInitialize(attrs []byte) (bool, error) { - params := &RulesParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Rules) GetTerraformSchemaVersion() int { - return 0 -} diff --git a/apis/waitingroom/v1alpha1/zz_groupversion_info.go b/apis/waitingroom/v1alpha1/zz_groupversion_info.go index 7fef6cf..e4b6dbf 100755 --- a/apis/waitingroom/v1alpha1/zz_groupversion_info.go +++ b/apis/waitingroom/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/waitingroom/v1alpha1/zz_room_terraformed.go b/apis/waitingroom/v1alpha1/zz_room_terraformed.go new file mode 100755 index 0000000..cbdcc6c --- /dev/null +++ b/apis/waitingroom/v1alpha1/zz_room_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Room +func (mg *Room) GetTerraformResourceType() string { + return "cloudflare_waiting_room" +} + +// GetConnectionDetailsMapping for this Room +func (tr *Room) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Room +func (tr *Room) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Room +func (tr *Room) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Room +func (tr *Room) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Room +func (tr *Room) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Room +func (tr *Room) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Room +func (tr *Room) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Room +func (tr *Room) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Room using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Room) LateInitialize(attrs []byte) (bool, error) { + params := &RoomParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Room) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/waitingroom/v1alpha1/zz_room_types.go b/apis/waitingroom/v1alpha1/zz_room_types.go index 7c37c9b..e91b884 100755 --- a/apis/waitingroom/v1alpha1/zz_room_types.go +++ b/apis/waitingroom/v1alpha1/zz_room_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,68 +17,217 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type RoomInitParameters struct { + + // (String) This is a templated html file that will be rendered at the edge. + // This is a templated html file that will be rendered at the edge. + CustomPageHTML *string `json:"customPageHtml,omitempty" tf:"custom_page_html,omitempty"` + + // DE, es-ES, en-US, fr-FR, id-ID, it-IT, ja-JP, ko-KR, nl-NL, pl-PL, pt-BR, tr-TR, zh-CN, zh-TW. Defaults to en-US. + // The language to use for the default waiting room page. Available values: `de-DE`, `es-ES`, `en-US`, `fr-FR`, `id-ID`, `it-IT`, `ja-JP`, `ko-KR`, `nl-NL`, `pl-PL`, `pt-BR`, `tr-TR`, `zh-CN`, `zh-TW`. Defaults to `en-US`. + DefaultTemplateLanguage *string `json:"defaultTemplateLanguage,omitempty" tf:"default_template_language,omitempty"` + + // (String) A description to add more details about the waiting room. + // A description to add more details about the waiting room. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Boolean) Disables automatic renewal of session cookies. + // Disables automatic renewal of session cookies. + DisableSessionRenewal *bool `json:"disableSessionRenewal,omitempty" tf:"disable_session_renewal,omitempty"` + + // (String) Host name for which the waiting room will be applied (no wildcards). + // Host name for which the waiting room will be applied (no wildcards). + Host *string `json:"host,omitempty" tf:"host,omitempty"` + + // (Boolean) If true, requests to the waiting room with the header Accept: application/json will receive a JSON response object. + // If true, requests to the waiting room with the header `Accept: application/json` will receive a JSON response object. + JSONResponseEnabled *bool `json:"jsonResponseEnabled,omitempty" tf:"json_response_enabled,omitempty"` + + // (String) A unique name to identify the waiting room. Modifying this attribute will force creation of a new resource. + // A unique name to identify the waiting room. **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Number) The number of new users that will be let into the route every minute. + // The number of new users that will be let into the route every minute. + NewUsersPerMinute *float64 `json:"newUsersPerMinute,omitempty" tf:"new_users_per_minute,omitempty"` + + // (String) The path within the host to enable the waiting room on. Defaults to /. + // The path within the host to enable the waiting room on. Defaults to `/`. + Path *string `json:"path,omitempty" tf:"path,omitempty"` + + // (Boolean) If queue_all is true, then all traffic will be sent to the waiting room. + // If queue_all is true, then all traffic will be sent to the waiting room. + QueueAll *bool `json:"queueAll,omitempty" tf:"queue_all,omitempty"` + + // (String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. Defaults to fifo. + // The queueing method used by the waiting room. Available values: `fifo`, `random`, `passthrough`, `reject`. Defaults to `fifo`. + QueueingMethod *string `json:"queueingMethod,omitempty" tf:"queueing_method,omitempty"` + + // (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to 5. + // Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to `5`. + SessionDuration *float64 `json:"sessionDuration,omitempty" tf:"session_duration,omitempty"` + + // (Boolean) Suspends the waiting room. + // Suspends the waiting room. + Suspended *bool `json:"suspended,omitempty" tf:"suspended,omitempty"` + + // (Number) The total number of active user sessions on the route at a point in time. + // The total number of active user sessions on the route at a point in time. + TotalActiveUsers *float64 `json:"totalActiveUsers,omitempty" tf:"total_active_users,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type RoomObservation struct { + + // (String) This is a templated html file that will be rendered at the edge. + // This is a templated html file that will be rendered at the edge. + CustomPageHTML *string `json:"customPageHtml,omitempty" tf:"custom_page_html,omitempty"` + + // DE, es-ES, en-US, fr-FR, id-ID, it-IT, ja-JP, ko-KR, nl-NL, pl-PL, pt-BR, tr-TR, zh-CN, zh-TW. Defaults to en-US. + // The language to use for the default waiting room page. Available values: `de-DE`, `es-ES`, `en-US`, `fr-FR`, `id-ID`, `it-IT`, `ja-JP`, `ko-KR`, `nl-NL`, `pl-PL`, `pt-BR`, `tr-TR`, `zh-CN`, `zh-TW`. Defaults to `en-US`. + DefaultTemplateLanguage *string `json:"defaultTemplateLanguage,omitempty" tf:"default_template_language,omitempty"` + + // (String) A description to add more details about the waiting room. + // A description to add more details about the waiting room. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (Boolean) Disables automatic renewal of session cookies. + // Disables automatic renewal of session cookies. + DisableSessionRenewal *bool `json:"disableSessionRenewal,omitempty" tf:"disable_session_renewal,omitempty"` + + // (String) Host name for which the waiting room will be applied (no wildcards). + // Host name for which the waiting room will be applied (no wildcards). + Host *string `json:"host,omitempty" tf:"host,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Boolean) If true, requests to the waiting room with the header Accept: application/json will receive a JSON response object. + // If true, requests to the waiting room with the header `Accept: application/json` will receive a JSON response object. + JSONResponseEnabled *bool `json:"jsonResponseEnabled,omitempty" tf:"json_response_enabled,omitempty"` + + // (String) A unique name to identify the waiting room. Modifying this attribute will force creation of a new resource. + // A unique name to identify the waiting room. **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Number) The number of new users that will be let into the route every minute. + // The number of new users that will be let into the route every minute. + NewUsersPerMinute *float64 `json:"newUsersPerMinute,omitempty" tf:"new_users_per_minute,omitempty"` + + // (String) The path within the host to enable the waiting room on. Defaults to /. + // The path within the host to enable the waiting room on. Defaults to `/`. + Path *string `json:"path,omitempty" tf:"path,omitempty"` + + // (Boolean) If queue_all is true, then all traffic will be sent to the waiting room. + // If queue_all is true, then all traffic will be sent to the waiting room. + QueueAll *bool `json:"queueAll,omitempty" tf:"queue_all,omitempty"` + + // (String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. Defaults to fifo. + // The queueing method used by the waiting room. Available values: `fifo`, `random`, `passthrough`, `reject`. Defaults to `fifo`. + QueueingMethod *string `json:"queueingMethod,omitempty" tf:"queueing_method,omitempty"` + + // (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to 5. + // Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to `5`. + SessionDuration *float64 `json:"sessionDuration,omitempty" tf:"session_duration,omitempty"` + + // (Boolean) Suspends the waiting room. + // Suspends the waiting room. + Suspended *bool `json:"suspended,omitempty" tf:"suspended,omitempty"` + + // (Number) The total number of active user sessions on the route at a point in time. + // The total number of active user sessions on the route at a point in time. + TotalActiveUsers *float64 `json:"totalActiveUsers,omitempty" tf:"total_active_users,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type RoomParameters struct { + // (String) This is a templated html file that will be rendered at the edge. // This is a templated html file that will be rendered at the edge. // +kubebuilder:validation:Optional CustomPageHTML *string `json:"customPageHtml,omitempty" tf:"custom_page_html,omitempty"` + // DE, es-ES, en-US, fr-FR, id-ID, it-IT, ja-JP, ko-KR, nl-NL, pl-PL, pt-BR, tr-TR, zh-CN, zh-TW. Defaults to en-US. // The language to use for the default waiting room page. Available values: `de-DE`, `es-ES`, `en-US`, `fr-FR`, `id-ID`, `it-IT`, `ja-JP`, `ko-KR`, `nl-NL`, `pl-PL`, `pt-BR`, `tr-TR`, `zh-CN`, `zh-TW`. Defaults to `en-US`. // +kubebuilder:validation:Optional DefaultTemplateLanguage *string `json:"defaultTemplateLanguage,omitempty" tf:"default_template_language,omitempty"` + // (String) A description to add more details about the waiting room. // A description to add more details about the waiting room. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (Boolean) Disables automatic renewal of session cookies. // Disables automatic renewal of session cookies. // +kubebuilder:validation:Optional DisableSessionRenewal *bool `json:"disableSessionRenewal,omitempty" tf:"disable_session_renewal,omitempty"` + // (String) Host name for which the waiting room will be applied (no wildcards). // Host name for which the waiting room will be applied (no wildcards). - // +kubebuilder:validation:Required - Host *string `json:"host" tf:"host,omitempty"` + // +kubebuilder:validation:Optional + Host *string `json:"host,omitempty" tf:"host,omitempty"` + // (Boolean) If true, requests to the waiting room with the header Accept: application/json will receive a JSON response object. // If true, requests to the waiting room with the header `Accept: application/json` will receive a JSON response object. // +kubebuilder:validation:Optional JSONResponseEnabled *bool `json:"jsonResponseEnabled,omitempty" tf:"json_response_enabled,omitempty"` + // (String) A unique name to identify the waiting room. Modifying this attribute will force creation of a new resource. // A unique name to identify the waiting room. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (Number) The number of new users that will be let into the route every minute. // The number of new users that will be let into the route every minute. - // +kubebuilder:validation:Required - NewUsersPerMinute *float64 `json:"newUsersPerMinute" tf:"new_users_per_minute,omitempty"` + // +kubebuilder:validation:Optional + NewUsersPerMinute *float64 `json:"newUsersPerMinute,omitempty" tf:"new_users_per_minute,omitempty"` + // (String) The path within the host to enable the waiting room on. Defaults to /. // The path within the host to enable the waiting room on. Defaults to `/`. // +kubebuilder:validation:Optional Path *string `json:"path,omitempty" tf:"path,omitempty"` + // (Boolean) If queue_all is true, then all traffic will be sent to the waiting room. // If queue_all is true, then all traffic will be sent to the waiting room. // +kubebuilder:validation:Optional QueueAll *bool `json:"queueAll,omitempty" tf:"queue_all,omitempty"` + // (String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. Defaults to fifo. // The queueing method used by the waiting room. Available values: `fifo`, `random`, `passthrough`, `reject`. Defaults to `fifo`. // +kubebuilder:validation:Optional QueueingMethod *string `json:"queueingMethod,omitempty" tf:"queueing_method,omitempty"` + // (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to 5. // Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to `5`. // +kubebuilder:validation:Optional SessionDuration *float64 `json:"sessionDuration,omitempty" tf:"session_duration,omitempty"` + // (Boolean) Suspends the waiting room. // Suspends the waiting room. // +kubebuilder:validation:Optional Suspended *bool `json:"suspended,omitempty" tf:"suspended,omitempty"` + // (Number) The total number of active user sessions on the route at a point in time. // The total number of active user sessions on the route at a point in time. - // +kubebuilder:validation:Required - TotalActiveUsers *float64 `json:"totalActiveUsers" tf:"total_active_users,omitempty"` + // +kubebuilder:validation:Optional + TotalActiveUsers *float64 `json:"totalActiveUsers,omitempty" tf:"total_active_users,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -93,6 +246,17 @@ type RoomParameters struct { type RoomSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RoomParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RoomInitParameters `json:"initProvider,omitempty"` } // RoomStatus defines the observed state of Room. @@ -102,19 +266,24 @@ type RoomStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Room is the Schema for the Rooms API. +// Room is the Schema for the Rooms API. Provides a Cloudflare Waiting Room resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Room struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RoomSpec `json:"spec"` - Status RoomStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.host) || (has(self.initProvider) && has(self.initProvider.host))",message="spec.forProvider.host is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.newUsersPerMinute) || (has(self.initProvider) && has(self.initProvider.newUsersPerMinute))",message="spec.forProvider.newUsersPerMinute is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.totalActiveUsers) || (has(self.initProvider) && has(self.initProvider.totalActiveUsers))",message="spec.forProvider.totalActiveUsers is a required parameter" + Spec RoomSpec `json:"spec"` + Status RoomStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/waitingroom/v1alpha1/zz_rules_terraformed.go b/apis/waitingroom/v1alpha1/zz_rules_terraformed.go new file mode 100755 index 0000000..fbbbd2a --- /dev/null +++ b/apis/waitingroom/v1alpha1/zz_rules_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Rules +func (mg *Rules) GetTerraformResourceType() string { + return "cloudflare_waiting_room_rules" +} + +// GetConnectionDetailsMapping for this Rules +func (tr *Rules) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Rules +func (tr *Rules) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Rules +func (tr *Rules) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Rules +func (tr *Rules) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Rules +func (tr *Rules) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Rules +func (tr *Rules) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Rules +func (tr *Rules) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Rules +func (tr *Rules) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Rules using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Rules) LateInitialize(attrs []byte) (bool, error) { + params := &RulesParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Rules) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/waitingroom/v1alpha1/zz_rules_types.go b/apis/waitingroom/v1alpha1/zz_rules_types.go index ed82464..0ca4ffd 100755 --- a/apis/waitingroom/v1alpha1/zz_rules_types.go +++ b/apis/waitingroom/v1alpha1/zz_rules_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,20 +17,65 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type RulesInitParameters struct { + + // (Block List) List of rules to apply to the ruleset. (see below for nested schema) + // List of rules to apply to the ruleset. + Rules []RulesRulesInitParameters `json:"rules,omitempty" tf:"rules,omitempty"` + + // (String) The Waiting Room ID the rules should apply to. Modifying this attribute will force creation of a new resource. + // The Waiting Room ID the rules should apply to. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=Room + WaitingRoomID *string `json:"waitingRoomId,omitempty" tf:"waiting_room_id,omitempty"` + + // Reference to a Room to populate waitingRoomId. + // +kubebuilder:validation:Optional + WaitingRoomIDRef *v1.Reference `json:"waitingRoomIdRef,omitempty" tf:"-"` + + // Selector for a Room to populate waitingRoomId. + // +kubebuilder:validation:Optional + WaitingRoomIDSelector *v1.Selector `json:"waitingRoomIdSelector,omitempty" tf:"-"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type RulesObservation struct { + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (Block List) List of rules to apply to the ruleset. (see below for nested schema) // List of rules to apply to the ruleset. - // +kubebuilder:validation:Optional Rules []RulesRulesObservation `json:"rules,omitempty" tf:"rules,omitempty"` + + // (String) The Waiting Room ID the rules should apply to. Modifying this attribute will force creation of a new resource. + // The Waiting Room ID the rules should apply to. **Modifying this attribute will force creation of a new resource.** + WaitingRoomID *string `json:"waitingRoomId,omitempty" tf:"waiting_room_id,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type RulesParameters struct { + // (Block List) List of rules to apply to the ruleset. (see below for nested schema) // List of rules to apply to the ruleset. // +kubebuilder:validation:Optional Rules []RulesRulesParameters `json:"rules,omitempty" tf:"rules,omitempty"` + // (String) The Waiting Room ID the rules should apply to. Modifying this attribute will force creation of a new resource. // The Waiting Room ID the rules should apply to. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=Room // +kubebuilder:validation:Optional @@ -40,6 +89,7 @@ type RulesParameters struct { // +kubebuilder:validation:Optional WaitingRoomIDSelector *v1.Selector `json:"waitingRoomIdSelector,omitempty" tf:"-"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -54,29 +104,70 @@ type RulesParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type RulesRulesInitParameters struct { + + // (String) Action to perform in the ruleset rule. Available values: bypass_waiting_room. + // Action to perform in the ruleset rule. Available values: `bypass_waiting_room`. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // (String) Brief summary of the waiting room rule and its intended use. + // Brief summary of the waiting room rule and its intended use. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Waiting Room Rules Docs. + // Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Waiting Room Rules Docs](https://developers.cloudflare.com/waiting-room/additional-options/waiting-room-rules/bypass-rules/). + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (String) Whether the rule is enabled or disabled. Available values: enabled, disabled. + // Whether the rule is enabled or disabled. Available values: `enabled`, `disabled`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` +} + type RulesRulesObservation struct { + // (String) Action to perform in the ruleset rule. Available values: bypass_waiting_room. + // Action to perform in the ruleset rule. Available values: `bypass_waiting_room`. + Action *string `json:"action,omitempty" tf:"action,omitempty"` + + // (String) Brief summary of the waiting room rule and its intended use. + // Brief summary of the waiting room rule and its intended use. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Waiting Room Rules Docs. + // Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Waiting Room Rules Docs](https://developers.cloudflare.com/waiting-room/additional-options/waiting-room-rules/bypass-rules/). + Expression *string `json:"expression,omitempty" tf:"expression,omitempty"` + + // (String) The ID of this resource. // Unique rule identifier. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (String) Whether the rule is enabled or disabled. Available values: enabled, disabled. + // Whether the rule is enabled or disabled. Available values: `enabled`, `disabled`. + Status *string `json:"status,omitempty" tf:"status,omitempty"` + + // (String) Version of the waiting room rule. // Version of the waiting room rule. Version *string `json:"version,omitempty" tf:"version,omitempty"` } type RulesRulesParameters struct { + // (String) Action to perform in the ruleset rule. Available values: bypass_waiting_room. // Action to perform in the ruleset rule. Available values: `bypass_waiting_room`. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Action *string `json:"action" tf:"action,omitempty"` + // (String) Brief summary of the waiting room rule and its intended use. // Brief summary of the waiting room rule and its intended use. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (String) Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Waiting Room Rules Docs. // Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Waiting Room Rules Docs](https://developers.cloudflare.com/waiting-room/additional-options/waiting-room-rules/bypass-rules/). - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Expression *string `json:"expression" tf:"expression,omitempty"` + // (String) Whether the rule is enabled or disabled. Available values: enabled, disabled. // Whether the rule is enabled or disabled. Available values: `enabled`, `disabled`. // +kubebuilder:validation:Optional Status *string `json:"status,omitempty" tf:"status,omitempty"` @@ -86,6 +177,17 @@ type RulesRulesParameters struct { type RulesSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RulesParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RulesInitParameters `json:"initProvider,omitempty"` } // RulesStatus defines the observed state of Rules. @@ -95,13 +197,14 @@ type RulesStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Rules is the Schema for the Ruless API. +// Rules is the Schema for the Ruless API. Provides a Cloudflare Waiting Room Rules resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Rules struct { metav1.TypeMeta `json:",inline"` diff --git a/apis/warp/v1alpha1/zz_devicepolicycertificates_terraformed.go b/apis/warp/v1alpha1/zz_devicepolicycertificates_terraformed.go new file mode 100755 index 0000000..48e8262 --- /dev/null +++ b/apis/warp/v1alpha1/zz_devicepolicycertificates_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this DevicePolicyCertificates +func (mg *DevicePolicyCertificates) GetTerraformResourceType() string { + return "cloudflare_device_policy_certificates" +} + +// GetConnectionDetailsMapping for this DevicePolicyCertificates +func (tr *DevicePolicyCertificates) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this DevicePolicyCertificates +func (tr *DevicePolicyCertificates) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this DevicePolicyCertificates +func (tr *DevicePolicyCertificates) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this DevicePolicyCertificates +func (tr *DevicePolicyCertificates) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this DevicePolicyCertificates +func (tr *DevicePolicyCertificates) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this DevicePolicyCertificates +func (tr *DevicePolicyCertificates) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this DevicePolicyCertificates +func (tr *DevicePolicyCertificates) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this DevicePolicyCertificates +func (tr *DevicePolicyCertificates) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this DevicePolicyCertificates using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *DevicePolicyCertificates) LateInitialize(attrs []byte) (bool, error) { + params := &DevicePolicyCertificatesParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *DevicePolicyCertificates) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/warp/v1alpha1/zz_devicepolicycertificates_types.go b/apis/warp/v1alpha1/zz_devicepolicycertificates_types.go index f80af1c..e2e61ec 100755 --- a/apis/warp/v1alpha1/zz_devicepolicycertificates_types.go +++ b/apis/warp/v1alpha1/zz_devicepolicycertificates_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,15 +17,45 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type DevicePolicyCertificatesInitParameters struct { + + // True if certificate generation is enabled. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // The zone ID where certificate generation is allowed. + // The zone identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type DevicePolicyCertificatesObservation struct { + + // True if certificate generation is enabled. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // ID of the device policy certificates setting. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // The zone ID where certificate generation is allowed. + // The zone identifier to target for the resource. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type DevicePolicyCertificatesParameters struct { - // +kubebuilder:validation:Required - Enabled *bool `json:"enabled" tf:"enabled,omitempty"` + // True if certificate generation is enabled. + // +kubebuilder:validation:Optional + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // The zone ID where certificate generation is allowed. // The zone identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -40,6 +74,17 @@ type DevicePolicyCertificatesParameters struct { type DevicePolicyCertificatesSpec struct { v1.ResourceSpec `json:",inline"` ForProvider DevicePolicyCertificatesParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider DevicePolicyCertificatesInitParameters `json:"initProvider,omitempty"` } // DevicePolicyCertificatesStatus defines the observed state of DevicePolicyCertificates. @@ -49,19 +94,21 @@ type DevicePolicyCertificatesStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// DevicePolicyCertificates is the Schema for the DevicePolicyCertificatess API. +// DevicePolicyCertificates is the Schema for the DevicePolicyCertificatess API. Provides a Cloudflare Device Policy Certificates resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type DevicePolicyCertificates struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec DevicePolicyCertificatesSpec `json:"spec"` - Status DevicePolicyCertificatesStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.enabled) || (has(self.initProvider) && has(self.initProvider.enabled))",message="spec.forProvider.enabled is a required parameter" + Spec DevicePolicyCertificatesSpec `json:"spec"` + Status DevicePolicyCertificatesStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/warp/v1alpha1/zz_devicepostureintegration_terraformed.go b/apis/warp/v1alpha1/zz_devicepostureintegration_terraformed.go new file mode 100755 index 0000000..5d3c879 --- /dev/null +++ b/apis/warp/v1alpha1/zz_devicepostureintegration_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this DevicePostureIntegration +func (mg *DevicePostureIntegration) GetTerraformResourceType() string { + return "cloudflare_device_posture_integration" +} + +// GetConnectionDetailsMapping for this DevicePostureIntegration +func (tr *DevicePostureIntegration) GetConnectionDetailsMapping() map[string]string { + return map[string]string{"config[*].client_key": "spec.forProvider.config[*].clientKeySecretRef", "config[*].client_secret": "spec.forProvider.config[*].clientSecretSecretRef"} +} + +// GetObservation of this DevicePostureIntegration +func (tr *DevicePostureIntegration) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this DevicePostureIntegration +func (tr *DevicePostureIntegration) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this DevicePostureIntegration +func (tr *DevicePostureIntegration) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this DevicePostureIntegration +func (tr *DevicePostureIntegration) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this DevicePostureIntegration +func (tr *DevicePostureIntegration) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this DevicePostureIntegration +func (tr *DevicePostureIntegration) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this DevicePostureIntegration +func (tr *DevicePostureIntegration) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this DevicePostureIntegration using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *DevicePostureIntegration) LateInitialize(attrs []byte) (bool, error) { + params := &DevicePostureIntegrationParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *DevicePostureIntegration) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/warp/v1alpha1/zz_devicepostureintegration_types.go b/apis/warp/v1alpha1/zz_devicepostureintegration_types.go index e9af2b2..fe4a3ff 100755 --- a/apis/warp/v1alpha1/zz_devicepostureintegration_types.go +++ b/apis/warp/v1alpha1/zz_devicepostureintegration_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,36 +17,122 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ConfigInitParameters struct { + + // The third-party API's URL. + APIURL *string `json:"apiUrl,omitempty" tf:"api_url,omitempty"` + + // The third-party authorization API URL. + AuthURL *string `json:"authUrl,omitempty" tf:"auth_url,omitempty"` + + // The client identifier for authenticating API calls. + ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` + + // The customer identifier for authenticating API calls. + CustomerID *string `json:"customerId,omitempty" tf:"customer_id,omitempty"` +} + type ConfigObservation struct { + + // The third-party API's URL. + APIURL *string `json:"apiUrl,omitempty" tf:"api_url,omitempty"` + + // The third-party authorization API URL. + AuthURL *string `json:"authUrl,omitempty" tf:"auth_url,omitempty"` + + // The client identifier for authenticating API calls. + ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` + + // The customer identifier for authenticating API calls. + CustomerID *string `json:"customerId,omitempty" tf:"customer_id,omitempty"` } type ConfigParameters struct { + // The third-party API's URL. // +kubebuilder:validation:Optional APIURL *string `json:"apiUrl,omitempty" tf:"api_url,omitempty"` + // The third-party authorization API URL. // +kubebuilder:validation:Optional AuthURL *string `json:"authUrl,omitempty" tf:"auth_url,omitempty"` + // The client identifier for authenticating API calls. // +kubebuilder:validation:Optional ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` + // The client key for authenticating API calls. // +kubebuilder:validation:Optional ClientKeySecretRef *v1.SecretKeySelector `json:"clientKeySecretRef,omitempty" tf:"-"` + // The client secret for authenticating API calls. // +kubebuilder:validation:Optional ClientSecretSecretRef *v1.SecretKeySelector `json:"clientSecretSecretRef,omitempty" tf:"-"` + // The customer identifier for authenticating API calls. // +kubebuilder:validation:Optional CustomerID *string `json:"customerId,omitempty" tf:"customer_id,omitempty"` } +type DevicePostureIntegrationInitParameters struct { + + // The account to which the device posture integration should be added. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // The device posture integration's connection authorization parameters. + Config []ConfigInitParameters `json:"config,omitempty" tf:"config,omitempty"` + + Identifier *string `json:"identifier,omitempty" tf:"identifier,omitempty"` + + // Indicates the frequency with which to poll the third-party API. + // Must be in the format "1h" or "30m". Valid units are h and m. + Interval *string `json:"interval,omitempty" tf:"interval,omitempty"` + + // Name of the device posture integration. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The device posture integration type. Valid values are workspace_one. + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type DevicePostureIntegrationObservation struct { + + // The account to which the device posture integration should be added. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // The device posture integration's connection authorization parameters. + Config []ConfigObservation `json:"config,omitempty" tf:"config,omitempty"` + + // ID of the device posture integration. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + Identifier *string `json:"identifier,omitempty" tf:"identifier,omitempty"` + + // Indicates the frequency with which to poll the third-party API. + // Must be in the format "1h" or "30m". Valid units are h and m. + Interval *string `json:"interval,omitempty" tf:"interval,omitempty"` + + // Name of the device posture integration. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The device posture integration type. Valid values are workspace_one. + Type *string `json:"type,omitempty" tf:"type,omitempty"` } type DevicePostureIntegrationParameters struct { + // The account to which the device posture integration should be added. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -56,26 +146,42 @@ type DevicePostureIntegrationParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // The device posture integration's connection authorization parameters. // +kubebuilder:validation:Optional Config []ConfigParameters `json:"config,omitempty" tf:"config,omitempty"` // +kubebuilder:validation:Optional Identifier *string `json:"identifier,omitempty" tf:"identifier,omitempty"` + // Indicates the frequency with which to poll the third-party API. + // Must be in the format "1h" or "30m". Valid units are h and m. // +kubebuilder:validation:Optional Interval *string `json:"interval,omitempty" tf:"interval,omitempty"` - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // Name of the device posture integration. + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` - // +kubebuilder:validation:Required - Type *string `json:"type" tf:"type,omitempty"` + // The device posture integration type. Valid values are workspace_one. + // +kubebuilder:validation:Optional + Type *string `json:"type,omitempty" tf:"type,omitempty"` } // DevicePostureIntegrationSpec defines the desired state of DevicePostureIntegration type DevicePostureIntegrationSpec struct { v1.ResourceSpec `json:",inline"` ForProvider DevicePostureIntegrationParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider DevicePostureIntegrationInitParameters `json:"initProvider,omitempty"` } // DevicePostureIntegrationStatus defines the observed state of DevicePostureIntegration. @@ -85,19 +191,22 @@ type DevicePostureIntegrationStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// DevicePostureIntegration is the Schema for the DevicePostureIntegrations API. +// DevicePostureIntegration is the Schema for the DevicePostureIntegrations API. Provides a Cloudflare Device Posture Integration resource. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type DevicePostureIntegration struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec DevicePostureIntegrationSpec `json:"spec"` - Status DevicePostureIntegrationStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.type) || (has(self.initProvider) && has(self.initProvider.type))",message="spec.forProvider.type is a required parameter" + Spec DevicePostureIntegrationSpec `json:"spec"` + Status DevicePostureIntegrationStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/warp/v1alpha1/zz_deviceposturerule_terraformed.go b/apis/warp/v1alpha1/zz_deviceposturerule_terraformed.go new file mode 100755 index 0000000..58c12d3 --- /dev/null +++ b/apis/warp/v1alpha1/zz_deviceposturerule_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this DevicePostureRule +func (mg *DevicePostureRule) GetTerraformResourceType() string { + return "cloudflare_device_posture_rule" +} + +// GetConnectionDetailsMapping for this DevicePostureRule +func (tr *DevicePostureRule) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this DevicePostureRule +func (tr *DevicePostureRule) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this DevicePostureRule +func (tr *DevicePostureRule) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this DevicePostureRule +func (tr *DevicePostureRule) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this DevicePostureRule +func (tr *DevicePostureRule) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this DevicePostureRule +func (tr *DevicePostureRule) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this DevicePostureRule +func (tr *DevicePostureRule) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this DevicePostureRule +func (tr *DevicePostureRule) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this DevicePostureRule using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *DevicePostureRule) LateInitialize(attrs []byte) (bool, error) { + params := &DevicePostureRuleParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *DevicePostureRule) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/warp/v1alpha1/zz_deviceposturerule_types.go b/apis/warp/v1alpha1/zz_deviceposturerule_types.go index 0fd0ffd..3c4bbd7 100755 --- a/apis/warp/v1alpha1/zz_deviceposturerule_types.go +++ b/apis/warp/v1alpha1/zz_deviceposturerule_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,87 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type DevicePostureRuleInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m. + // Expire posture results after the specified amount of time. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. + Expiration *string `json:"expiration,omitempty" tf:"expiration,omitempty"` + + // (Block List) (see below for nested schema) + Input []InputInitParameters `json:"input,omitempty" tf:"input,omitempty"` + + // (Block List) The conditions that the client must match to run the rule. (see below for nested schema) + // The conditions that the client must match to run the rule. + Match []MatchInitParameters `json:"match,omitempty" tf:"match,omitempty"` + + // (String) Name of the device posture rule. + // Name of the device posture rule. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m. + // Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. + Schedule *string `json:"schedule,omitempty" tf:"schedule,omitempty"` + + // (String) The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, workspace_one, unique_client_id. + // The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `workspace_one`, `unique_client_id`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type DevicePostureRuleObservation struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m. + // Expire posture results after the specified amount of time. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. + Expiration *string `json:"expiration,omitempty" tf:"expiration,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Block List) (see below for nested schema) + Input []InputObservation `json:"input,omitempty" tf:"input,omitempty"` + + // (Block List) The conditions that the client must match to run the rule. (see below for nested schema) + // The conditions that the client must match to run the rule. + Match []MatchObservation `json:"match,omitempty" tf:"match,omitempty"` + + // (String) Name of the device posture rule. + // Name of the device posture rule. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m. + // Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. + Schedule *string `json:"schedule,omitempty" tf:"schedule,omitempty"` + + // (String) The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, workspace_one, unique_client_id. + // The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `workspace_one`, `unique_client_id`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` } type DevicePostureRuleParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,104 +111,261 @@ type DevicePostureRuleParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (String) Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m. // Expire posture results after the specified amount of time. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. // +kubebuilder:validation:Optional Expiration *string `json:"expiration,omitempty" tf:"expiration,omitempty"` + // (Block List) (see below for nested schema) // +kubebuilder:validation:Optional Input []InputParameters `json:"input,omitempty" tf:"input,omitempty"` + // (Block List) The conditions that the client must match to run the rule. (see below for nested schema) // The conditions that the client must match to run the rule. // +kubebuilder:validation:Optional Match []MatchParameters `json:"match,omitempty" tf:"match,omitempty"` + // (String) Name of the device posture rule. // Name of the device posture rule. // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m. // Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. // +kubebuilder:validation:Optional Schedule *string `json:"schedule,omitempty" tf:"schedule,omitempty"` + // (String) The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, workspace_one, unique_client_id. // The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `workspace_one`, `unique_client_id`. - // +kubebuilder:validation:Required - Type *string `json:"type" tf:"type,omitempty"` + // +kubebuilder:validation:Optional + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + +type InputInitParameters struct { + + // (String) The workspace one device compliance status. + // The workspace one device compliance status. + ComplianceStatus *string `json:"complianceStatus,omitempty" tf:"compliance_status,omitempty"` + + // (String) The workspace one connection id. + // The workspace one connection id. + ConnectionID *string `json:"connectionId,omitempty" tf:"connection_id,omitempty"` + + // (String) The domain that the client must join. + // The domain that the client must join. + Domain *string `json:"domain,omitempty" tf:"domain,omitempty"` + + // (Boolean) True if the firewall must be enabled. + // True if the firewall must be enabled. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (Boolean) Checks if the file should exist. + // Checks if the file should exist. + Exists *bool `json:"exists,omitempty" tf:"exists,omitempty"` + + // (String) The ID of this resource. + // The Teams List id. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The version comparison operator. + // The version comparison operator. + Operator *string `json:"operator,omitempty" tf:"operator,omitempty"` + + // (String) The operating system excluding version information. + // The operating system excluding version information. + OsDistroName *string `json:"osDistroName,omitempty" tf:"os_distro_name,omitempty"` + + // (String) The operating system version excluding OS name information or release name. + // The operating system version excluding OS name information or release name. + OsDistroRevision *string `json:"osDistroRevision,omitempty" tf:"os_distro_revision,omitempty"` + + // (String) The path to the file. + // The path to the file. + Path *string `json:"path,omitempty" tf:"path,omitempty"` + + // (Boolean) True if all drives must be encrypted. + // True if all drives must be encrypted. + RequireAll *bool `json:"requireAll,omitempty" tf:"require_all,omitempty"` + + // (Boolean) Checks if the application should be running. + // Checks if the application should be running. + Running *bool `json:"running,omitempty" tf:"running,omitempty"` + + // (String) The sha256 hash of the file. + // The sha256 hash of the file. + Sha256 *string `json:"sha256,omitempty" tf:"sha256,omitempty"` + + // (String) The thumbprint of the file certificate. + // The thumbprint of the file certificate. + Thumbprint *string `json:"thumbprint,omitempty" tf:"thumbprint,omitempty"` + + // (String) The operating system semantic version. + // The operating system semantic version. + Version *string `json:"version,omitempty" tf:"version,omitempty"` } type InputObservation struct { + + // (String) The workspace one device compliance status. + // The workspace one device compliance status. + ComplianceStatus *string `json:"complianceStatus,omitempty" tf:"compliance_status,omitempty"` + + // (String) The workspace one connection id. + // The workspace one connection id. + ConnectionID *string `json:"connectionId,omitempty" tf:"connection_id,omitempty"` + + // (String) The domain that the client must join. + // The domain that the client must join. + Domain *string `json:"domain,omitempty" tf:"domain,omitempty"` + + // (Boolean) True if the firewall must be enabled. + // True if the firewall must be enabled. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (Boolean) Checks if the file should exist. + // Checks if the file should exist. + Exists *bool `json:"exists,omitempty" tf:"exists,omitempty"` + + // (String) The ID of this resource. + // The Teams List id. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The version comparison operator. + // The version comparison operator. + Operator *string `json:"operator,omitempty" tf:"operator,omitempty"` + + // (String) The operating system excluding version information. + // The operating system excluding version information. + OsDistroName *string `json:"osDistroName,omitempty" tf:"os_distro_name,omitempty"` + + // (String) The operating system version excluding OS name information or release name. + // The operating system version excluding OS name information or release name. + OsDistroRevision *string `json:"osDistroRevision,omitempty" tf:"os_distro_revision,omitempty"` + + // (String) The path to the file. + // The path to the file. + Path *string `json:"path,omitempty" tf:"path,omitempty"` + + // (Boolean) True if all drives must be encrypted. + // True if all drives must be encrypted. + RequireAll *bool `json:"requireAll,omitempty" tf:"require_all,omitempty"` + + // (Boolean) Checks if the application should be running. + // Checks if the application should be running. + Running *bool `json:"running,omitempty" tf:"running,omitempty"` + + // (String) The sha256 hash of the file. + // The sha256 hash of the file. + Sha256 *string `json:"sha256,omitempty" tf:"sha256,omitempty"` + + // (String) The thumbprint of the file certificate. + // The thumbprint of the file certificate. + Thumbprint *string `json:"thumbprint,omitempty" tf:"thumbprint,omitempty"` + + // (String) The operating system semantic version. + // The operating system semantic version. + Version *string `json:"version,omitempty" tf:"version,omitempty"` } type InputParameters struct { + // (String) The workspace one device compliance status. // The workspace one device compliance status. // +kubebuilder:validation:Optional ComplianceStatus *string `json:"complianceStatus,omitempty" tf:"compliance_status,omitempty"` + // (String) The workspace one connection id. // The workspace one connection id. // +kubebuilder:validation:Optional ConnectionID *string `json:"connectionId,omitempty" tf:"connection_id,omitempty"` + // (String) The domain that the client must join. // The domain that the client must join. // +kubebuilder:validation:Optional Domain *string `json:"domain,omitempty" tf:"domain,omitempty"` + // (Boolean) True if the firewall must be enabled. // True if the firewall must be enabled. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // (Boolean) Checks if the file should exist. // Checks if the file should exist. // +kubebuilder:validation:Optional Exists *bool `json:"exists,omitempty" tf:"exists,omitempty"` + // (String) The ID of this resource. // The Teams List id. // +kubebuilder:validation:Optional ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (String) The version comparison operator. // The version comparison operator. // +kubebuilder:validation:Optional Operator *string `json:"operator,omitempty" tf:"operator,omitempty"` + // (String) The operating system excluding version information. // The operating system excluding version information. // +kubebuilder:validation:Optional OsDistroName *string `json:"osDistroName,omitempty" tf:"os_distro_name,omitempty"` + // (String) The operating system version excluding OS name information or release name. // The operating system version excluding OS name information or release name. // +kubebuilder:validation:Optional OsDistroRevision *string `json:"osDistroRevision,omitempty" tf:"os_distro_revision,omitempty"` + // (String) The path to the file. // The path to the file. // +kubebuilder:validation:Optional Path *string `json:"path,omitempty" tf:"path,omitempty"` + // (Boolean) True if all drives must be encrypted. // True if all drives must be encrypted. // +kubebuilder:validation:Optional RequireAll *bool `json:"requireAll,omitempty" tf:"require_all,omitempty"` + // (Boolean) Checks if the application should be running. // Checks if the application should be running. // +kubebuilder:validation:Optional Running *bool `json:"running,omitempty" tf:"running,omitempty"` + // (String) The sha256 hash of the file. // The sha256 hash of the file. // +kubebuilder:validation:Optional Sha256 *string `json:"sha256,omitempty" tf:"sha256,omitempty"` + // (String) The thumbprint of the file certificate. // The thumbprint of the file certificate. // +kubebuilder:validation:Optional Thumbprint *string `json:"thumbprint,omitempty" tf:"thumbprint,omitempty"` + // (String) The operating system semantic version. // The operating system semantic version. // +kubebuilder:validation:Optional Version *string `json:"version,omitempty" tf:"version,omitempty"` } +type MatchInitParameters struct { + + // (String) The platform of the device. Available values: windows, mac, linux, android, ios, chromeos. + // The platform of the device. Available values: `windows`, `mac`, `linux`, `android`, `ios`, `chromeos`. + Platform *string `json:"platform,omitempty" tf:"platform,omitempty"` +} + type MatchObservation struct { + + // (String) The platform of the device. Available values: windows, mac, linux, android, ios, chromeos. + // The platform of the device. Available values: `windows`, `mac`, `linux`, `android`, `ios`, `chromeos`. + Platform *string `json:"platform,omitempty" tf:"platform,omitempty"` } type MatchParameters struct { + // (String) The platform of the device. Available values: windows, mac, linux, android, ios, chromeos. // The platform of the device. Available values: `windows`, `mac`, `linux`, `android`, `ios`, `chromeos`. // +kubebuilder:validation:Optional Platform *string `json:"platform,omitempty" tf:"platform,omitempty"` @@ -139,6 +375,17 @@ type MatchParameters struct { type DevicePostureRuleSpec struct { v1.ResourceSpec `json:",inline"` ForProvider DevicePostureRuleParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider DevicePostureRuleInitParameters `json:"initProvider,omitempty"` } // DevicePostureRuleStatus defines the observed state of DevicePostureRule. @@ -148,19 +395,21 @@ type DevicePostureRuleStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// DevicePostureRule is the Schema for the DevicePostureRules API. +// DevicePostureRule is the Schema for the DevicePostureRules API. Provides a Cloudflare Device Posture Rule resource. Device posture rules configure security policies for device posture checks. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type DevicePostureRule struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec DevicePostureRuleSpec `json:"spec"` - Status DevicePostureRuleStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.type) || (has(self.initProvider) && has(self.initProvider.type))",message="spec.forProvider.type is a required parameter" + Spec DevicePostureRuleSpec `json:"spec"` + Status DevicePostureRuleStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/warp/v1alpha1/zz_devicesettingspolicy_terraformed.go b/apis/warp/v1alpha1/zz_devicesettingspolicy_terraformed.go new file mode 100755 index 0000000..2bef1bf --- /dev/null +++ b/apis/warp/v1alpha1/zz_devicesettingspolicy_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this DeviceSettingsPolicy +func (mg *DeviceSettingsPolicy) GetTerraformResourceType() string { + return "cloudflare_device_settings_policy" +} + +// GetConnectionDetailsMapping for this DeviceSettingsPolicy +func (tr *DeviceSettingsPolicy) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this DeviceSettingsPolicy +func (tr *DeviceSettingsPolicy) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this DeviceSettingsPolicy +func (tr *DeviceSettingsPolicy) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this DeviceSettingsPolicy +func (tr *DeviceSettingsPolicy) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this DeviceSettingsPolicy +func (tr *DeviceSettingsPolicy) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this DeviceSettingsPolicy +func (tr *DeviceSettingsPolicy) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this DeviceSettingsPolicy +func (tr *DeviceSettingsPolicy) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this DeviceSettingsPolicy +func (tr *DeviceSettingsPolicy) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this DeviceSettingsPolicy using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *DeviceSettingsPolicy) LateInitialize(attrs []byte) (bool, error) { + params := &DeviceSettingsPolicyParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *DeviceSettingsPolicy) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/warp/v1alpha1/zz_devicesettingspolicy_types.go b/apis/warp/v1alpha1/zz_devicesettingspolicy_types.go index 619518f..3c5cfb5 100755 --- a/apis/warp/v1alpha1/zz_devicesettingspolicy_types.go +++ b/apis/warp/v1alpha1/zz_devicesettingspolicy_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,155 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type DeviceSettingsPolicyInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (Boolean) Whether to allow mode switch for this policy. + // Whether to allow mode switch for this policy. + AllowModeSwitch *bool `json:"allowModeSwitch,omitempty" tf:"allow_mode_switch,omitempty"` + + // (Boolean) Whether to allow updates under this policy. + // Whether to allow updates under this policy. + AllowUpdates *bool `json:"allowUpdates,omitempty" tf:"allow_updates,omitempty"` + + // (Boolean) Whether to allow devices to leave the organization. Defaults to true. + // Whether to allow devices to leave the organization. Defaults to `true`. + AllowedToLeave *bool `json:"allowedToLeave,omitempty" tf:"allowed_to_leave,omitempty"` + + // (Number) The amount of time in minutes to reconnect after having been disabled. + // The amount of time in minutes to reconnect after having been disabled. + AutoConnect *float64 `json:"autoConnect,omitempty" tf:"auto_connect,omitempty"` + + // (Number) The captive portal value for this policy. Defaults to 180. + // The captive portal value for this policy. Defaults to `180`. + CaptivePortal *float64 `json:"captivePortal,omitempty" tf:"captive_portal,omitempty"` + + // (Boolean) Whether the policy refers to the default account policy. + // Whether the policy refers to the default account policy. + Default *bool `json:"default,omitempty" tf:"default,omitempty"` + + // (Boolean) Whether to disable auto fallback for this policy. + // Whether to disable auto fallback for this policy. + DisableAutoFallback *bool `json:"disableAutoFallback,omitempty" tf:"disable_auto_fallback,omitempty"` + + // (Boolean) Whether the policy is enabled (cannot be set for default policies). Defaults to true. + // Whether the policy is enabled (cannot be set for default policies). Defaults to `true`. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. + // Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. + Match *string `json:"match,omitempty" tf:"match,omitempty"` + + // (String) Name of the policy. + // Name of the policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Number) The precedence of the policy. Lower values indicate higher precedence. + // The precedence of the policy. Lower values indicate higher precedence. + Precedence *float64 `json:"precedence,omitempty" tf:"precedence,omitempty"` + + // (String) The service mode. Defaults to warp. + // The service mode. Defaults to `warp`. + ServiceModeV2Mode *string `json:"serviceModeV2Mode,omitempty" tf:"service_mode_v2_mode,omitempty"` + + // (Number) The port to use for the proxy service mode. Required when using service_mode_v2_mode. + // The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. + ServiceModeV2Port *float64 `json:"serviceModeV2Port,omitempty" tf:"service_mode_v2_port,omitempty"` + + // (String) The support URL that will be opened when sending feedback. + // The support URL that will be opened when sending feedback. + SupportURL *string `json:"supportUrl,omitempty" tf:"support_url,omitempty"` + + // (Boolean) Enablement of the ZT client switch lock. + // Enablement of the ZT client switch lock. + SwitchLocked *bool `json:"switchLocked,omitempty" tf:"switch_locked,omitempty"` +} + type DeviceSettingsPolicyObservation struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (Boolean) Whether to allow mode switch for this policy. + // Whether to allow mode switch for this policy. + AllowModeSwitch *bool `json:"allowModeSwitch,omitempty" tf:"allow_mode_switch,omitempty"` + + // (Boolean) Whether to allow updates under this policy. + // Whether to allow updates under this policy. + AllowUpdates *bool `json:"allowUpdates,omitempty" tf:"allow_updates,omitempty"` + + // (Boolean) Whether to allow devices to leave the organization. Defaults to true. + // Whether to allow devices to leave the organization. Defaults to `true`. + AllowedToLeave *bool `json:"allowedToLeave,omitempty" tf:"allowed_to_leave,omitempty"` + + // (Number) The amount of time in minutes to reconnect after having been disabled. + // The amount of time in minutes to reconnect after having been disabled. + AutoConnect *float64 `json:"autoConnect,omitempty" tf:"auto_connect,omitempty"` + + // (Number) The captive portal value for this policy. Defaults to 180. + // The captive portal value for this policy. Defaults to `180`. + CaptivePortal *float64 `json:"captivePortal,omitempty" tf:"captive_portal,omitempty"` + + // (Boolean) Whether the policy refers to the default account policy. + // Whether the policy refers to the default account policy. + Default *bool `json:"default,omitempty" tf:"default,omitempty"` + + // (Boolean) Whether to disable auto fallback for this policy. + // Whether to disable auto fallback for this policy. + DisableAutoFallback *bool `json:"disableAutoFallback,omitempty" tf:"disable_auto_fallback,omitempty"` + + // (Boolean) Whether the policy is enabled (cannot be set for default policies). Defaults to true. + // Whether the policy is enabled (cannot be set for default policies). Defaults to `true`. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. + // Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. + Match *string `json:"match,omitempty" tf:"match,omitempty"` + + // (String) Name of the policy. + // Name of the policy. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Number) The precedence of the policy. Lower values indicate higher precedence. + // The precedence of the policy. Lower values indicate higher precedence. + Precedence *float64 `json:"precedence,omitempty" tf:"precedence,omitempty"` + + // (String) The service mode. Defaults to warp. + // The service mode. Defaults to `warp`. + ServiceModeV2Mode *string `json:"serviceModeV2Mode,omitempty" tf:"service_mode_v2_mode,omitempty"` + + // (Number) The port to use for the proxy service mode. Required when using service_mode_v2_mode. + // The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. + ServiceModeV2Port *float64 `json:"serviceModeV2Port,omitempty" tf:"service_mode_v2_port,omitempty"` + + // (String) The support URL that will be opened when sending feedback. + // The support URL that will be opened when sending feedback. + SupportURL *string `json:"supportUrl,omitempty" tf:"support_url,omitempty"` + + // (Boolean) Enablement of the ZT client switch lock. + // Enablement of the ZT client switch lock. + SwitchLocked *bool `json:"switchLocked,omitempty" tf:"switch_locked,omitempty"` } type DeviceSettingsPolicyParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,62 +179,77 @@ type DeviceSettingsPolicyParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (Boolean) Whether to allow mode switch for this policy. // Whether to allow mode switch for this policy. // +kubebuilder:validation:Optional AllowModeSwitch *bool `json:"allowModeSwitch,omitempty" tf:"allow_mode_switch,omitempty"` + // (Boolean) Whether to allow updates under this policy. // Whether to allow updates under this policy. // +kubebuilder:validation:Optional AllowUpdates *bool `json:"allowUpdates,omitempty" tf:"allow_updates,omitempty"` + // (Boolean) Whether to allow devices to leave the organization. Defaults to true. // Whether to allow devices to leave the organization. Defaults to `true`. // +kubebuilder:validation:Optional AllowedToLeave *bool `json:"allowedToLeave,omitempty" tf:"allowed_to_leave,omitempty"` + // (Number) The amount of time in minutes to reconnect after having been disabled. // The amount of time in minutes to reconnect after having been disabled. // +kubebuilder:validation:Optional AutoConnect *float64 `json:"autoConnect,omitempty" tf:"auto_connect,omitempty"` + // (Number) The captive portal value for this policy. Defaults to 180. // The captive portal value for this policy. Defaults to `180`. // +kubebuilder:validation:Optional CaptivePortal *float64 `json:"captivePortal,omitempty" tf:"captive_portal,omitempty"` + // (Boolean) Whether the policy refers to the default account policy. // Whether the policy refers to the default account policy. // +kubebuilder:validation:Optional Default *bool `json:"default,omitempty" tf:"default,omitempty"` + // (Boolean) Whether to disable auto fallback for this policy. // Whether to disable auto fallback for this policy. // +kubebuilder:validation:Optional DisableAutoFallback *bool `json:"disableAutoFallback,omitempty" tf:"disable_auto_fallback,omitempty"` + // (Boolean) Whether the policy is enabled (cannot be set for default policies). Defaults to true. // Whether the policy is enabled (cannot be set for default policies). Defaults to `true`. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // (String) Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. // Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. // +kubebuilder:validation:Optional Match *string `json:"match,omitempty" tf:"match,omitempty"` + // (String) Name of the policy. // Name of the policy. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (Number) The precedence of the policy. Lower values indicate higher precedence. // The precedence of the policy. Lower values indicate higher precedence. // +kubebuilder:validation:Optional Precedence *float64 `json:"precedence,omitempty" tf:"precedence,omitempty"` + // (String) The service mode. Defaults to warp. // The service mode. Defaults to `warp`. // +kubebuilder:validation:Optional ServiceModeV2Mode *string `json:"serviceModeV2Mode,omitempty" tf:"service_mode_v2_mode,omitempty"` + // (Number) The port to use for the proxy service mode. Required when using service_mode_v2_mode. // The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. // +kubebuilder:validation:Optional ServiceModeV2Port *float64 `json:"serviceModeV2Port,omitempty" tf:"service_mode_v2_port,omitempty"` + // (String) The support URL that will be opened when sending feedback. // The support URL that will be opened when sending feedback. // +kubebuilder:validation:Optional SupportURL *string `json:"supportUrl,omitempty" tf:"support_url,omitempty"` + // (Boolean) Enablement of the ZT client switch lock. // Enablement of the ZT client switch lock. // +kubebuilder:validation:Optional SwitchLocked *bool `json:"switchLocked,omitempty" tf:"switch_locked,omitempty"` @@ -97,6 +259,17 @@ type DeviceSettingsPolicyParameters struct { type DeviceSettingsPolicySpec struct { v1.ResourceSpec `json:",inline"` ForProvider DeviceSettingsPolicyParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider DeviceSettingsPolicyInitParameters `json:"initProvider,omitempty"` } // DeviceSettingsPolicyStatus defines the observed state of DeviceSettingsPolicy. @@ -106,19 +279,21 @@ type DeviceSettingsPolicyStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// DeviceSettingsPolicy is the Schema for the DeviceSettingsPolicys API. +// DeviceSettingsPolicy is the Schema for the DeviceSettingsPolicys API. Provides a Cloudflare Device Settings Policy resource. Device policies configure settings applied to WARP devices. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type DeviceSettingsPolicy struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec DeviceSettingsPolicySpec `json:"spec"` - Status DeviceSettingsPolicyStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec DeviceSettingsPolicySpec `json:"spec"` + Status DeviceSettingsPolicyStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/warp/v1alpha1/zz_fallbackdomain_terraformed.go b/apis/warp/v1alpha1/zz_fallbackdomain_terraformed.go new file mode 100755 index 0000000..62865d8 --- /dev/null +++ b/apis/warp/v1alpha1/zz_fallbackdomain_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this FallbackDomain +func (mg *FallbackDomain) GetTerraformResourceType() string { + return "cloudflare_fallback_domain" +} + +// GetConnectionDetailsMapping for this FallbackDomain +func (tr *FallbackDomain) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this FallbackDomain +func (tr *FallbackDomain) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this FallbackDomain +func (tr *FallbackDomain) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this FallbackDomain +func (tr *FallbackDomain) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this FallbackDomain +func (tr *FallbackDomain) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this FallbackDomain +func (tr *FallbackDomain) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this FallbackDomain +func (tr *FallbackDomain) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this FallbackDomain +func (tr *FallbackDomain) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this FallbackDomain using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *FallbackDomain) LateInitialize(attrs []byte) (bool, error) { + params := &FallbackDomainParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *FallbackDomain) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/warp/v1alpha1/zz_fallbackdomain_types.go b/apis/warp/v1alpha1/zz_fallbackdomain_types.go index e672675..147e51f 100755 --- a/apis/warp/v1alpha1/zz_fallbackdomain_types.go +++ b/apis/warp/v1alpha1/zz_fallbackdomain_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,30 +17,106 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type DomainsInitParameters struct { + + // (List of String) A list of IP addresses to handle domain resolution. + // A list of IP addresses to handle domain resolution. + DNSServer []*string `json:"dnsServer,omitempty" tf:"dns_server,omitempty"` + + // (String) A description of the fallback domain, displayed in the client UI. + // A description of the fallback domain, displayed in the client UI. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The domain suffix to match when resolving locally. + // The domain suffix to match when resolving locally. + Suffix *string `json:"suffix,omitempty" tf:"suffix,omitempty"` +} + type DomainsObservation struct { + + // (List of String) A list of IP addresses to handle domain resolution. + // A list of IP addresses to handle domain resolution. + DNSServer []*string `json:"dnsServer,omitempty" tf:"dns_server,omitempty"` + + // (String) A description of the fallback domain, displayed in the client UI. + // A description of the fallback domain, displayed in the client UI. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The domain suffix to match when resolving locally. + // The domain suffix to match when resolving locally. + Suffix *string `json:"suffix,omitempty" tf:"suffix,omitempty"` } type DomainsParameters struct { + // (List of String) A list of IP addresses to handle domain resolution. // A list of IP addresses to handle domain resolution. // +kubebuilder:validation:Optional DNSServer []*string `json:"dnsServer,omitempty" tf:"dns_server,omitempty"` + // (String) A description of the fallback domain, displayed in the client UI. // A description of the fallback domain, displayed in the client UI. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (String) The domain suffix to match when resolving locally. // The domain suffix to match when resolving locally. // +kubebuilder:validation:Optional Suffix *string `json:"suffix,omitempty" tf:"suffix,omitempty"` } +type FallbackDomainInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (Block Set, Min: 1) (see below for nested schema) + Domains []DomainsInitParameters `json:"domains,omitempty" tf:"domains,omitempty"` + + // (String) The settings policy for which to configure this fallback domain policy. + // The settings policy for which to configure this fallback domain policy. + // +crossplane:generate:reference:type=DeviceSettingsPolicy + PolicyID *string `json:"policyId,omitempty" tf:"policy_id,omitempty"` + + // Reference to a DeviceSettingsPolicy to populate policyId. + // +kubebuilder:validation:Optional + PolicyIDRef *v1.Reference `json:"policyIdRef,omitempty" tf:"-"` + + // Selector for a DeviceSettingsPolicy to populate policyId. + // +kubebuilder:validation:Optional + PolicyIDSelector *v1.Selector `json:"policyIdSelector,omitempty" tf:"-"` +} + type FallbackDomainObservation struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (Block Set, Min: 1) (see below for nested schema) + Domains []DomainsObservation `json:"domains,omitempty" tf:"domains,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The settings policy for which to configure this fallback domain policy. + // The settings policy for which to configure this fallback domain policy. + PolicyID *string `json:"policyId,omitempty" tf:"policy_id,omitempty"` } type FallbackDomainParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -50,9 +130,11 @@ type FallbackDomainParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` - // +kubebuilder:validation:Required - Domains []DomainsParameters `json:"domains" tf:"domains,omitempty"` + // (Block Set, Min: 1) (see below for nested schema) + // +kubebuilder:validation:Optional + Domains []DomainsParameters `json:"domains,omitempty" tf:"domains,omitempty"` + // (String) The settings policy for which to configure this fallback domain policy. // The settings policy for which to configure this fallback domain policy. // +crossplane:generate:reference:type=DeviceSettingsPolicy // +kubebuilder:validation:Optional @@ -71,6 +153,17 @@ type FallbackDomainParameters struct { type FallbackDomainSpec struct { v1.ResourceSpec `json:",inline"` ForProvider FallbackDomainParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider FallbackDomainInitParameters `json:"initProvider,omitempty"` } // FallbackDomainStatus defines the observed state of FallbackDomain. @@ -80,19 +173,21 @@ type FallbackDomainStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// FallbackDomain is the Schema for the FallbackDomains API. +// FallbackDomain is the Schema for the FallbackDomains API. Provides a Cloudflare Fallback Domain resource. Fallback domains are used to ignore DNS requests to a given list of domains. These DNS requests will be passed back to other DNS servers configured on existing network interfaces on the device. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type FallbackDomain struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec FallbackDomainSpec `json:"spec"` - Status FallbackDomainStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.domains) || (has(self.initProvider) && has(self.initProvider.domains))",message="spec.forProvider.domains is a required parameter" + Spec FallbackDomainSpec `json:"spec"` + Status FallbackDomainStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/warp/v1alpha1/zz_generated.conversion_hubs.go b/apis/warp/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..393a9fd --- /dev/null +++ b/apis/warp/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,29 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *DevicePolicyCertificates) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *DevicePostureIntegration) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *DevicePostureRule) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *DeviceSettingsPolicy) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *FallbackDomain) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *SplitTunnel) Hub() {} diff --git a/apis/warp/v1alpha1/zz_generated.deepcopy.go b/apis/warp/v1alpha1/zz_generated.deepcopy.go index 06650b4..994dfcf 100644 --- a/apis/warp/v1alpha1/zz_generated.deepcopy.go +++ b/apis/warp/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -14,9 +13,64 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConfigInitParameters) DeepCopyInto(out *ConfigInitParameters) { + *out = *in + if in.APIURL != nil { + in, out := &in.APIURL, &out.APIURL + *out = new(string) + **out = **in + } + if in.AuthURL != nil { + in, out := &in.AuthURL, &out.AuthURL + *out = new(string) + **out = **in + } + if in.ClientID != nil { + in, out := &in.ClientID, &out.ClientID + *out = new(string) + **out = **in + } + if in.CustomerID != nil { + in, out := &in.CustomerID, &out.CustomerID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigInitParameters. +func (in *ConfigInitParameters) DeepCopy() *ConfigInitParameters { + if in == nil { + return nil + } + out := new(ConfigInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ConfigObservation) DeepCopyInto(out *ConfigObservation) { *out = *in + if in.APIURL != nil { + in, out := &in.APIURL, &out.APIURL + *out = new(string) + **out = **in + } + if in.AuthURL != nil { + in, out := &in.AuthURL, &out.AuthURL + *out = new(string) + **out = **in + } + if in.ClientID != nil { + in, out := &in.ClientID, &out.ClientID + *out = new(string) + **out = **in + } + if in.CustomerID != nil { + in, out := &in.CustomerID, &out.CustomerID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigObservation. @@ -101,6 +155,41 @@ func (in *DevicePolicyCertificates) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DevicePolicyCertificatesInitParameters) DeepCopyInto(out *DevicePolicyCertificatesInitParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePolicyCertificatesInitParameters. +func (in *DevicePolicyCertificatesInitParameters) DeepCopy() *DevicePolicyCertificatesInitParameters { + if in == nil { + return nil + } + out := new(DevicePolicyCertificatesInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DevicePolicyCertificatesList) DeepCopyInto(out *DevicePolicyCertificatesList) { *out = *in @@ -136,11 +225,21 @@ func (in *DevicePolicyCertificatesList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DevicePolicyCertificatesObservation) DeepCopyInto(out *DevicePolicyCertificatesObservation) { *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePolicyCertificatesObservation. @@ -193,6 +292,7 @@ func (in *DevicePolicyCertificatesSpec) DeepCopyInto(out *DevicePolicyCertificat *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePolicyCertificatesSpec. @@ -249,6 +349,63 @@ func (in *DevicePostureIntegration) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DevicePostureIntegrationInitParameters) DeepCopyInto(out *DevicePostureIntegrationInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Config != nil { + in, out := &in.Config, &out.Config + *out = make([]ConfigInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Identifier != nil { + in, out := &in.Identifier, &out.Identifier + *out = new(string) + **out = **in + } + if in.Interval != nil { + in, out := &in.Interval, &out.Interval + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureIntegrationInitParameters. +func (in *DevicePostureIntegrationInitParameters) DeepCopy() *DevicePostureIntegrationInitParameters { + if in == nil { + return nil + } + out := new(DevicePostureIntegrationInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DevicePostureIntegrationList) DeepCopyInto(out *DevicePostureIntegrationList) { *out = *in @@ -284,11 +441,43 @@ func (in *DevicePostureIntegrationList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DevicePostureIntegrationObservation) DeepCopyInto(out *DevicePostureIntegrationObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Config != nil { + in, out := &in.Config, &out.Config + *out = make([]ConfigObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Identifier != nil { + in, out := &in.Identifier, &out.Identifier + *out = new(string) + **out = **in + } + if in.Interval != nil { + in, out := &in.Interval, &out.Interval + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureIntegrationObservation. @@ -363,6 +552,7 @@ func (in *DevicePostureIntegrationSpec) DeepCopyInto(out *DevicePostureIntegrati *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureIntegrationSpec. @@ -420,59 +610,7 @@ func (in *DevicePostureRule) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DevicePostureRuleList) DeepCopyInto(out *DevicePostureRuleList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]DevicePostureRule, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureRuleList. -func (in *DevicePostureRuleList) DeepCopy() *DevicePostureRuleList { - if in == nil { - return nil - } - out := new(DevicePostureRuleList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *DevicePostureRuleList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DevicePostureRuleObservation) DeepCopyInto(out *DevicePostureRuleObservation) { - *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID - *out = new(string) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureRuleObservation. -func (in *DevicePostureRuleObservation) DeepCopy() *DevicePostureRuleObservation { - if in == nil { - return nil - } - out := new(DevicePostureRuleObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DevicePostureRuleParameters) DeepCopyInto(out *DevicePostureRuleParameters) { +func (in *DevicePostureRuleInitParameters) DeepCopyInto(out *DevicePostureRuleInitParameters) { *out = *in if in.AccountID != nil { in, out := &in.AccountID, &out.AccountID @@ -501,14 +639,14 @@ func (in *DevicePostureRuleParameters) DeepCopyInto(out *DevicePostureRuleParame } if in.Input != nil { in, out := &in.Input, &out.Input - *out = make([]InputParameters, len(*in)) + *out = make([]InputInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } if in.Match != nil { in, out := &in.Match, &out.Match - *out = make([]MatchParameters, len(*in)) + *out = make([]MatchInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -530,131 +668,245 @@ func (in *DevicePostureRuleParameters) DeepCopyInto(out *DevicePostureRuleParame } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureRuleParameters. -func (in *DevicePostureRuleParameters) DeepCopy() *DevicePostureRuleParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureRuleInitParameters. +func (in *DevicePostureRuleInitParameters) DeepCopy() *DevicePostureRuleInitParameters { if in == nil { return nil } - out := new(DevicePostureRuleParameters) + out := new(DevicePostureRuleInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DevicePostureRuleSpec) DeepCopyInto(out *DevicePostureRuleSpec) { +func (in *DevicePostureRuleList) DeepCopyInto(out *DevicePostureRuleList) { *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]DevicePostureRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureRuleSpec. -func (in *DevicePostureRuleSpec) DeepCopy() *DevicePostureRuleSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureRuleList. +func (in *DevicePostureRuleList) DeepCopy() *DevicePostureRuleList { if in == nil { return nil } - out := new(DevicePostureRuleSpec) + out := new(DevicePostureRuleList) in.DeepCopyInto(out) return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DevicePostureRuleStatus) DeepCopyInto(out *DevicePostureRuleStatus) { - *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *DevicePostureRuleList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureRuleStatus. -func (in *DevicePostureRuleStatus) DeepCopy() *DevicePostureRuleStatus { +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DevicePostureRuleObservation) DeepCopyInto(out *DevicePostureRuleObservation) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Expiration != nil { + in, out := &in.Expiration, &out.Expiration + *out = new(string) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Input != nil { + in, out := &in.Input, &out.Input + *out = make([]InputObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Match != nil { + in, out := &in.Match, &out.Match + *out = make([]MatchObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Schedule != nil { + in, out := &in.Schedule, &out.Schedule + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureRuleObservation. +func (in *DevicePostureRuleObservation) DeepCopy() *DevicePostureRuleObservation { if in == nil { return nil } - out := new(DevicePostureRuleStatus) + out := new(DevicePostureRuleObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeviceSettingsPolicy) DeepCopyInto(out *DeviceSettingsPolicy) { +func (in *DevicePostureRuleParameters) DeepCopyInto(out *DevicePostureRuleParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Expiration != nil { + in, out := &in.Expiration, &out.Expiration + *out = new(string) + **out = **in + } + if in.Input != nil { + in, out := &in.Input, &out.Input + *out = make([]InputParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Match != nil { + in, out := &in.Match, &out.Match + *out = make([]MatchParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Schedule != nil { + in, out := &in.Schedule, &out.Schedule + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicy. -func (in *DeviceSettingsPolicy) DeepCopy() *DeviceSettingsPolicy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureRuleParameters. +func (in *DevicePostureRuleParameters) DeepCopy() *DevicePostureRuleParameters { if in == nil { return nil } - out := new(DeviceSettingsPolicy) + out := new(DevicePostureRuleParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *DeviceSettingsPolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeviceSettingsPolicyList) DeepCopyInto(out *DeviceSettingsPolicyList) { +func (in *DevicePostureRuleSpec) DeepCopyInto(out *DevicePostureRuleSpec) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]DeviceSettingsPolicy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicyList. -func (in *DeviceSettingsPolicyList) DeepCopy() *DeviceSettingsPolicyList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureRuleSpec. +func (in *DevicePostureRuleSpec) DeepCopy() *DevicePostureRuleSpec { if in == nil { return nil } - out := new(DeviceSettingsPolicyList) + out := new(DevicePostureRuleSpec) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *DeviceSettingsPolicyList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DevicePostureRuleStatus) DeepCopyInto(out *DevicePostureRuleStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicePostureRuleStatus. +func (in *DevicePostureRuleStatus) DeepCopy() *DevicePostureRuleStatus { + if in == nil { + return nil } - return nil + out := new(DevicePostureRuleStatus) + in.DeepCopyInto(out) + return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeviceSettingsPolicyObservation) DeepCopyInto(out *DeviceSettingsPolicyObservation) { +func (in *DeviceSettingsPolicy) DeepCopyInto(out *DeviceSettingsPolicy) { *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID - *out = new(string) - **out = **in - } + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicyObservation. -func (in *DeviceSettingsPolicyObservation) DeepCopy() *DeviceSettingsPolicyObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicy. +func (in *DeviceSettingsPolicy) DeepCopy() *DeviceSettingsPolicy { if in == nil { return nil } - out := new(DeviceSettingsPolicyObservation) + out := new(DeviceSettingsPolicy) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *DeviceSettingsPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeviceSettingsPolicyParameters) DeepCopyInto(out *DeviceSettingsPolicyParameters) { +func (in *DeviceSettingsPolicyInitParameters) DeepCopyInto(out *DeviceSettingsPolicyInitParameters) { *out = *in if in.AccountID != nil { in, out := &in.AccountID, &out.AccountID @@ -748,59 +1000,354 @@ func (in *DeviceSettingsPolicyParameters) DeepCopyInto(out *DeviceSettingsPolicy } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicyParameters. -func (in *DeviceSettingsPolicyParameters) DeepCopy() *DeviceSettingsPolicyParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicyInitParameters. +func (in *DeviceSettingsPolicyInitParameters) DeepCopy() *DeviceSettingsPolicyInitParameters { if in == nil { return nil } - out := new(DeviceSettingsPolicyParameters) + out := new(DeviceSettingsPolicyInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeviceSettingsPolicySpec) DeepCopyInto(out *DeviceSettingsPolicySpec) { +func (in *DeviceSettingsPolicyList) DeepCopyInto(out *DeviceSettingsPolicyList) { *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]DeviceSettingsPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicySpec. -func (in *DeviceSettingsPolicySpec) DeepCopy() *DeviceSettingsPolicySpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicyList. +func (in *DeviceSettingsPolicyList) DeepCopy() *DeviceSettingsPolicyList { if in == nil { return nil } - out := new(DeviceSettingsPolicySpec) + out := new(DeviceSettingsPolicyList) in.DeepCopyInto(out) return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeviceSettingsPolicyStatus) DeepCopyInto(out *DeviceSettingsPolicyStatus) { - *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicyStatus. -func (in *DeviceSettingsPolicyStatus) DeepCopy() *DeviceSettingsPolicyStatus { - if in == nil { - return nil +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *DeviceSettingsPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c } - out := new(DeviceSettingsPolicyStatus) - in.DeepCopyInto(out) - return out + return nil } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DomainsObservation) DeepCopyInto(out *DomainsObservation) { +func (in *DeviceSettingsPolicyObservation) DeepCopyInto(out *DeviceSettingsPolicyObservation) { *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainsObservation. -func (in *DomainsObservation) DeepCopy() *DomainsObservation { - if in == nil { - return nil + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AllowModeSwitch != nil { + in, out := &in.AllowModeSwitch, &out.AllowModeSwitch + *out = new(bool) + **out = **in + } + if in.AllowUpdates != nil { + in, out := &in.AllowUpdates, &out.AllowUpdates + *out = new(bool) + **out = **in + } + if in.AllowedToLeave != nil { + in, out := &in.AllowedToLeave, &out.AllowedToLeave + *out = new(bool) + **out = **in + } + if in.AutoConnect != nil { + in, out := &in.AutoConnect, &out.AutoConnect + *out = new(float64) + **out = **in + } + if in.CaptivePortal != nil { + in, out := &in.CaptivePortal, &out.CaptivePortal + *out = new(float64) + **out = **in + } + if in.Default != nil { + in, out := &in.Default, &out.Default + *out = new(bool) + **out = **in + } + if in.DisableAutoFallback != nil { + in, out := &in.DisableAutoFallback, &out.DisableAutoFallback + *out = new(bool) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Match != nil { + in, out := &in.Match, &out.Match + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Precedence != nil { + in, out := &in.Precedence, &out.Precedence + *out = new(float64) + **out = **in + } + if in.ServiceModeV2Mode != nil { + in, out := &in.ServiceModeV2Mode, &out.ServiceModeV2Mode + *out = new(string) + **out = **in + } + if in.ServiceModeV2Port != nil { + in, out := &in.ServiceModeV2Port, &out.ServiceModeV2Port + *out = new(float64) + **out = **in + } + if in.SupportURL != nil { + in, out := &in.SupportURL, &out.SupportURL + *out = new(string) + **out = **in + } + if in.SwitchLocked != nil { + in, out := &in.SwitchLocked, &out.SwitchLocked + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicyObservation. +func (in *DeviceSettingsPolicyObservation) DeepCopy() *DeviceSettingsPolicyObservation { + if in == nil { + return nil + } + out := new(DeviceSettingsPolicyObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeviceSettingsPolicyParameters) DeepCopyInto(out *DeviceSettingsPolicyParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.AllowModeSwitch != nil { + in, out := &in.AllowModeSwitch, &out.AllowModeSwitch + *out = new(bool) + **out = **in + } + if in.AllowUpdates != nil { + in, out := &in.AllowUpdates, &out.AllowUpdates + *out = new(bool) + **out = **in + } + if in.AllowedToLeave != nil { + in, out := &in.AllowedToLeave, &out.AllowedToLeave + *out = new(bool) + **out = **in + } + if in.AutoConnect != nil { + in, out := &in.AutoConnect, &out.AutoConnect + *out = new(float64) + **out = **in + } + if in.CaptivePortal != nil { + in, out := &in.CaptivePortal, &out.CaptivePortal + *out = new(float64) + **out = **in + } + if in.Default != nil { + in, out := &in.Default, &out.Default + *out = new(bool) + **out = **in + } + if in.DisableAutoFallback != nil { + in, out := &in.DisableAutoFallback, &out.DisableAutoFallback + *out = new(bool) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Match != nil { + in, out := &in.Match, &out.Match + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Precedence != nil { + in, out := &in.Precedence, &out.Precedence + *out = new(float64) + **out = **in + } + if in.ServiceModeV2Mode != nil { + in, out := &in.ServiceModeV2Mode, &out.ServiceModeV2Mode + *out = new(string) + **out = **in + } + if in.ServiceModeV2Port != nil { + in, out := &in.ServiceModeV2Port, &out.ServiceModeV2Port + *out = new(float64) + **out = **in + } + if in.SupportURL != nil { + in, out := &in.SupportURL, &out.SupportURL + *out = new(string) + **out = **in + } + if in.SwitchLocked != nil { + in, out := &in.SwitchLocked, &out.SwitchLocked + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicyParameters. +func (in *DeviceSettingsPolicyParameters) DeepCopy() *DeviceSettingsPolicyParameters { + if in == nil { + return nil + } + out := new(DeviceSettingsPolicyParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeviceSettingsPolicySpec) DeepCopyInto(out *DeviceSettingsPolicySpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicySpec. +func (in *DeviceSettingsPolicySpec) DeepCopy() *DeviceSettingsPolicySpec { + if in == nil { + return nil + } + out := new(DeviceSettingsPolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeviceSettingsPolicyStatus) DeepCopyInto(out *DeviceSettingsPolicyStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSettingsPolicyStatus. +func (in *DeviceSettingsPolicyStatus) DeepCopy() *DeviceSettingsPolicyStatus { + if in == nil { + return nil + } + out := new(DeviceSettingsPolicyStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainsInitParameters) DeepCopyInto(out *DomainsInitParameters) { + *out = *in + if in.DNSServer != nil { + in, out := &in.DNSServer, &out.DNSServer + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Suffix != nil { + in, out := &in.Suffix, &out.Suffix + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainsInitParameters. +func (in *DomainsInitParameters) DeepCopy() *DomainsInitParameters { + if in == nil { + return nil + } + out := new(DomainsInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainsObservation) DeepCopyInto(out *DomainsObservation) { + *out = *in + if in.DNSServer != nil { + in, out := &in.DNSServer, &out.DNSServer + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Suffix != nil { + in, out := &in.Suffix, &out.Suffix + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainsObservation. +func (in *DomainsObservation) DeepCopy() *DomainsObservation { + if in == nil { + return nil } out := new(DomainsObservation) in.DeepCopyInto(out) @@ -808,209 +1355,444 @@ func (in *DomainsObservation) DeepCopy() *DomainsObservation { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DomainsParameters) DeepCopyInto(out *DomainsParameters) { +func (in *DomainsParameters) DeepCopyInto(out *DomainsParameters) { + *out = *in + if in.DNSServer != nil { + in, out := &in.DNSServer, &out.DNSServer + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Suffix != nil { + in, out := &in.Suffix, &out.Suffix + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainsParameters. +func (in *DomainsParameters) DeepCopy() *DomainsParameters { + if in == nil { + return nil + } + out := new(DomainsParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FallbackDomain) DeepCopyInto(out *FallbackDomain) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomain. +func (in *FallbackDomain) DeepCopy() *FallbackDomain { + if in == nil { + return nil + } + out := new(FallbackDomain) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *FallbackDomain) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FallbackDomainInitParameters) DeepCopyInto(out *FallbackDomainInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Domains != nil { + in, out := &in.Domains, &out.Domains + *out = make([]DomainsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PolicyID != nil { + in, out := &in.PolicyID, &out.PolicyID + *out = new(string) + **out = **in + } + if in.PolicyIDRef != nil { + in, out := &in.PolicyIDRef, &out.PolicyIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.PolicyIDSelector != nil { + in, out := &in.PolicyIDSelector, &out.PolicyIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomainInitParameters. +func (in *FallbackDomainInitParameters) DeepCopy() *FallbackDomainInitParameters { + if in == nil { + return nil + } + out := new(FallbackDomainInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FallbackDomainList) DeepCopyInto(out *FallbackDomainList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]FallbackDomain, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomainList. +func (in *FallbackDomainList) DeepCopy() *FallbackDomainList { + if in == nil { + return nil + } + out := new(FallbackDomainList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *FallbackDomainList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FallbackDomainObservation) DeepCopyInto(out *FallbackDomainObservation) { *out = *in - if in.DNSServer != nil { - in, out := &in.DNSServer, &out.DNSServer - *out = make([]*string, len(*in)) + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.Domains != nil { + in, out := &in.Domains, &out.Domains + *out = make([]DomainsObservation, len(*in)) for i := range *in { - if (*in)[i] != nil { - in, out := &(*in)[i], &(*out)[i] - *out = new(string) - **out = **in - } + (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.Description != nil { - in, out := &in.Description, &out.Description + if in.ID != nil { + in, out := &in.ID, &out.ID *out = new(string) **out = **in } - if in.Suffix != nil { - in, out := &in.Suffix, &out.Suffix + if in.PolicyID != nil { + in, out := &in.PolicyID, &out.PolicyID *out = new(string) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainsParameters. -func (in *DomainsParameters) DeepCopy() *DomainsParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomainObservation. +func (in *FallbackDomainObservation) DeepCopy() *FallbackDomainObservation { if in == nil { return nil } - out := new(DomainsParameters) + out := new(FallbackDomainObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FallbackDomain) DeepCopyInto(out *FallbackDomain) { +func (in *FallbackDomainParameters) DeepCopyInto(out *FallbackDomainParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Domains != nil { + in, out := &in.Domains, &out.Domains + *out = make([]DomainsParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PolicyID != nil { + in, out := &in.PolicyID, &out.PolicyID + *out = new(string) + **out = **in + } + if in.PolicyIDRef != nil { + in, out := &in.PolicyIDRef, &out.PolicyIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.PolicyIDSelector != nil { + in, out := &in.PolicyIDSelector, &out.PolicyIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomain. -func (in *FallbackDomain) DeepCopy() *FallbackDomain { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomainParameters. +func (in *FallbackDomainParameters) DeepCopy() *FallbackDomainParameters { if in == nil { return nil } - out := new(FallbackDomain) + out := new(FallbackDomainParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *FallbackDomain) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FallbackDomainSpec) DeepCopyInto(out *FallbackDomainSpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomainSpec. +func (in *FallbackDomainSpec) DeepCopy() *FallbackDomainSpec { + if in == nil { + return nil } - return nil + out := new(FallbackDomainSpec) + in.DeepCopyInto(out) + return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FallbackDomainList) DeepCopyInto(out *FallbackDomainList) { +func (in *FallbackDomainStatus) DeepCopyInto(out *FallbackDomainStatus) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]FallbackDomain, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomainList. -func (in *FallbackDomainList) DeepCopy() *FallbackDomainList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomainStatus. +func (in *FallbackDomainStatus) DeepCopy() *FallbackDomainStatus { if in == nil { return nil } - out := new(FallbackDomainList) + out := new(FallbackDomainStatus) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *FallbackDomainList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InputInitParameters) DeepCopyInto(out *InputInitParameters) { + *out = *in + if in.ComplianceStatus != nil { + in, out := &in.ComplianceStatus, &out.ComplianceStatus + *out = new(string) + **out = **in } - return nil + if in.ConnectionID != nil { + in, out := &in.ConnectionID, &out.ConnectionID + *out = new(string) + **out = **in + } + if in.Domain != nil { + in, out := &in.Domain, &out.Domain + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Exists != nil { + in, out := &in.Exists, &out.Exists + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Operator != nil { + in, out := &in.Operator, &out.Operator + *out = new(string) + **out = **in + } + if in.OsDistroName != nil { + in, out := &in.OsDistroName, &out.OsDistroName + *out = new(string) + **out = **in + } + if in.OsDistroRevision != nil { + in, out := &in.OsDistroRevision, &out.OsDistroRevision + *out = new(string) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + if in.RequireAll != nil { + in, out := &in.RequireAll, &out.RequireAll + *out = new(bool) + **out = **in + } + if in.Running != nil { + in, out := &in.Running, &out.Running + *out = new(bool) + **out = **in + } + if in.Sha256 != nil { + in, out := &in.Sha256, &out.Sha256 + *out = new(string) + **out = **in + } + if in.Thumbprint != nil { + in, out := &in.Thumbprint, &out.Thumbprint + *out = new(string) + **out = **in + } + if in.Version != nil { + in, out := &in.Version, &out.Version + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InputInitParameters. +func (in *InputInitParameters) DeepCopy() *InputInitParameters { + if in == nil { + return nil + } + out := new(InputInitParameters) + in.DeepCopyInto(out) + return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FallbackDomainObservation) DeepCopyInto(out *FallbackDomainObservation) { +func (in *InputObservation) DeepCopyInto(out *InputObservation) { *out = *in + if in.ComplianceStatus != nil { + in, out := &in.ComplianceStatus, &out.ComplianceStatus + *out = new(string) + **out = **in + } + if in.ConnectionID != nil { + in, out := &in.ConnectionID, &out.ConnectionID + *out = new(string) + **out = **in + } + if in.Domain != nil { + in, out := &in.Domain, &out.Domain + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Exists != nil { + in, out := &in.Exists, &out.Exists + *out = new(bool) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomainObservation. -func (in *FallbackDomainObservation) DeepCopy() *FallbackDomainObservation { - if in == nil { - return nil - } - out := new(FallbackDomainObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FallbackDomainParameters) DeepCopyInto(out *FallbackDomainParameters) { - *out = *in - if in.AccountID != nil { - in, out := &in.AccountID, &out.AccountID + if in.Operator != nil { + in, out := &in.Operator, &out.Operator *out = new(string) **out = **in } - if in.AccountIDRef != nil { - in, out := &in.AccountIDRef, &out.AccountIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.AccountIDSelector != nil { - in, out := &in.AccountIDSelector, &out.AccountIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) + if in.OsDistroName != nil { + in, out := &in.OsDistroName, &out.OsDistroName + *out = new(string) + **out = **in } - if in.Domains != nil { - in, out := &in.Domains, &out.Domains - *out = make([]DomainsParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.OsDistroRevision != nil { + in, out := &in.OsDistroRevision, &out.OsDistroRevision + *out = new(string) + **out = **in } - if in.PolicyID != nil { - in, out := &in.PolicyID, &out.PolicyID + if in.Path != nil { + in, out := &in.Path, &out.Path *out = new(string) **out = **in } - if in.PolicyIDRef != nil { - in, out := &in.PolicyIDRef, &out.PolicyIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) + if in.RequireAll != nil { + in, out := &in.RequireAll, &out.RequireAll + *out = new(bool) + **out = **in } - if in.PolicyIDSelector != nil { - in, out := &in.PolicyIDSelector, &out.PolicyIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) + if in.Running != nil { + in, out := &in.Running, &out.Running + *out = new(bool) + **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomainParameters. -func (in *FallbackDomainParameters) DeepCopy() *FallbackDomainParameters { - if in == nil { - return nil + if in.Sha256 != nil { + in, out := &in.Sha256, &out.Sha256 + *out = new(string) + **out = **in } - out := new(FallbackDomainParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FallbackDomainSpec) DeepCopyInto(out *FallbackDomainSpec) { - *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomainSpec. -func (in *FallbackDomainSpec) DeepCopy() *FallbackDomainSpec { - if in == nil { - return nil + if in.Thumbprint != nil { + in, out := &in.Thumbprint, &out.Thumbprint + *out = new(string) + **out = **in } - out := new(FallbackDomainSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FallbackDomainStatus) DeepCopyInto(out *FallbackDomainStatus) { - *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FallbackDomainStatus. -func (in *FallbackDomainStatus) DeepCopy() *FallbackDomainStatus { - if in == nil { - return nil + if in.Version != nil { + in, out := &in.Version, &out.Version + *out = new(string) + **out = **in } - out := new(FallbackDomainStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InputObservation) DeepCopyInto(out *InputObservation) { - *out = *in } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InputObservation. @@ -1113,9 +1895,34 @@ func (in *InputParameters) DeepCopy() *InputParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchInitParameters) DeepCopyInto(out *MatchInitParameters) { + *out = *in + if in.Platform != nil { + in, out := &in.Platform, &out.Platform + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchInitParameters. +func (in *MatchInitParameters) DeepCopy() *MatchInitParameters { + if in == nil { + return nil + } + out := new(MatchInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MatchObservation) DeepCopyInto(out *MatchObservation) { *out = *in + if in.Platform != nil { + in, out := &in.Platform, &out.Platform + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchObservation. @@ -1175,6 +1982,63 @@ func (in *SplitTunnel) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SplitTunnelInitParameters) DeepCopyInto(out *SplitTunnelInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.PolicyID != nil { + in, out := &in.PolicyID, &out.PolicyID + *out = new(string) + **out = **in + } + if in.PolicyIDRef != nil { + in, out := &in.PolicyIDRef, &out.PolicyIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.PolicyIDSelector != nil { + in, out := &in.PolicyIDSelector, &out.PolicyIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Tunnels != nil { + in, out := &in.Tunnels, &out.Tunnels + *out = make([]TunnelsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SplitTunnelInitParameters. +func (in *SplitTunnelInitParameters) DeepCopy() *SplitTunnelInitParameters { + if in == nil { + return nil + } + out := new(SplitTunnelInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SplitTunnelList) DeepCopyInto(out *SplitTunnelList) { *out = *in @@ -1210,11 +2074,33 @@ func (in *SplitTunnelList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SplitTunnelObservation) DeepCopyInto(out *SplitTunnelObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.PolicyID != nil { + in, out := &in.PolicyID, &out.PolicyID + *out = new(string) + **out = **in + } + if in.Tunnels != nil { + in, out := &in.Tunnels, &out.Tunnels + *out = make([]TunnelsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SplitTunnelObservation. @@ -1289,6 +2175,7 @@ func (in *SplitTunnelSpec) DeepCopyInto(out *SplitTunnelSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SplitTunnelSpec. @@ -1318,9 +2205,54 @@ func (in *SplitTunnelStatus) DeepCopy() *SplitTunnelStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TunnelsInitParameters) DeepCopyInto(out *TunnelsInitParameters) { + *out = *in + if in.Address != nil { + in, out := &in.Address, &out.Address + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelsInitParameters. +func (in *TunnelsInitParameters) DeepCopy() *TunnelsInitParameters { + if in == nil { + return nil + } + out := new(TunnelsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TunnelsObservation) DeepCopyInto(out *TunnelsObservation) { *out = *in + if in.Address != nil { + in, out := &in.Address, &out.Address + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TunnelsObservation. diff --git a/apis/warp/v1alpha1/zz_generated.managed.go b/apis/warp/v1alpha1/zz_generated.managed.go index c980efd..f784bfc 100644 --- a/apis/warp/v1alpha1/zz_generated.managed.go +++ b/apis/warp/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *DevicePolicyCertificates) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this DevicePolicyCertificates. +func (mg *DevicePolicyCertificates) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this DevicePolicyCertificates. func (mg *DevicePolicyCertificates) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this DevicePolicyCertificates. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *DevicePolicyCertificates) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this DevicePolicyCertificates. func (mg *DevicePolicyCertificates) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *DevicePolicyCertificates) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this DevicePolicyCertificates. +func (mg *DevicePolicyCertificates) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this DevicePolicyCertificates. func (mg *DevicePolicyCertificates) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this DevicePolicyCertificates. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *DevicePolicyCertificates) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this DevicePolicyCertificates. func (mg *DevicePolicyCertificates) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *DevicePostureIntegration) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this DevicePostureIntegration. +func (mg *DevicePostureIntegration) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this DevicePostureIntegration. func (mg *DevicePostureIntegration) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this DevicePostureIntegration. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *DevicePostureIntegration) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this DevicePostureIntegration. func (mg *DevicePostureIntegration) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *DevicePostureIntegration) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this DevicePostureIntegration. +func (mg *DevicePostureIntegration) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this DevicePostureIntegration. func (mg *DevicePostureIntegration) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this DevicePostureIntegration. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *DevicePostureIntegration) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this DevicePostureIntegration. func (mg *DevicePostureIntegration) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -149,19 +137,16 @@ func (mg *DevicePostureRule) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this DevicePostureRule. +func (mg *DevicePostureRule) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this DevicePostureRule. func (mg *DevicePostureRule) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this DevicePostureRule. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *DevicePostureRule) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this DevicePostureRule. func (mg *DevicePostureRule) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -182,19 +167,16 @@ func (mg *DevicePostureRule) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this DevicePostureRule. +func (mg *DevicePostureRule) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this DevicePostureRule. func (mg *DevicePostureRule) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this DevicePostureRule. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *DevicePostureRule) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this DevicePostureRule. func (mg *DevicePostureRule) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -215,19 +197,16 @@ func (mg *DeviceSettingsPolicy) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this DeviceSettingsPolicy. +func (mg *DeviceSettingsPolicy) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this DeviceSettingsPolicy. func (mg *DeviceSettingsPolicy) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this DeviceSettingsPolicy. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *DeviceSettingsPolicy) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this DeviceSettingsPolicy. func (mg *DeviceSettingsPolicy) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -248,19 +227,16 @@ func (mg *DeviceSettingsPolicy) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this DeviceSettingsPolicy. +func (mg *DeviceSettingsPolicy) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this DeviceSettingsPolicy. func (mg *DeviceSettingsPolicy) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this DeviceSettingsPolicy. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *DeviceSettingsPolicy) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this DeviceSettingsPolicy. func (mg *DeviceSettingsPolicy) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -281,19 +257,16 @@ func (mg *FallbackDomain) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this FallbackDomain. +func (mg *FallbackDomain) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this FallbackDomain. func (mg *FallbackDomain) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this FallbackDomain. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *FallbackDomain) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this FallbackDomain. func (mg *FallbackDomain) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -314,19 +287,16 @@ func (mg *FallbackDomain) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this FallbackDomain. +func (mg *FallbackDomain) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this FallbackDomain. func (mg *FallbackDomain) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this FallbackDomain. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *FallbackDomain) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this FallbackDomain. func (mg *FallbackDomain) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -347,19 +317,16 @@ func (mg *SplitTunnel) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this SplitTunnel. +func (mg *SplitTunnel) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this SplitTunnel. func (mg *SplitTunnel) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this SplitTunnel. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *SplitTunnel) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this SplitTunnel. func (mg *SplitTunnel) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -380,19 +347,16 @@ func (mg *SplitTunnel) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this SplitTunnel. +func (mg *SplitTunnel) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this SplitTunnel. func (mg *SplitTunnel) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this SplitTunnel. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *SplitTunnel) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this SplitTunnel. func (mg *SplitTunnel) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/warp/v1alpha1/zz_generated.resolvers.go b/apis/warp/v1alpha1/zz_generated.resolvers.go index 2c7b43c..94ba2f8 100644 --- a/apis/warp/v1alpha1/zz_generated.resolvers.go +++ b/apis/warp/v1alpha1/zz_generated.resolvers.go @@ -37,6 +37,22 @@ func (mg *DevicePolicyCertificates) ResolveReferences(ctx context.Context, c cli mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -63,6 +79,22 @@ func (mg *DevicePostureIntegration) ResolveReferences(ctx context.Context, c cli mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha11.AccountList{}, + Managed: &v1alpha11.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -89,6 +121,22 @@ func (mg *DevicePostureRule) ResolveReferences(ctx context.Context, c client.Rea mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha11.AccountList{}, + Managed: &v1alpha11.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -115,6 +163,22 @@ func (mg *DeviceSettingsPolicy) ResolveReferences(ctx context.Context, c client. mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha11.AccountList{}, + Managed: &v1alpha11.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -157,6 +221,38 @@ func (mg *FallbackDomain) ResolveReferences(ctx context.Context, c client.Reader mg.Spec.ForProvider.PolicyID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.PolicyIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha11.AccountList{}, + Managed: &v1alpha11.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.PolicyID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.PolicyIDRef, + Selector: mg.Spec.InitProvider.PolicyIDSelector, + To: reference.To{ + List: &DeviceSettingsPolicyList{}, + Managed: &DeviceSettingsPolicy{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.PolicyID") + } + mg.Spec.InitProvider.PolicyID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.PolicyIDRef = rsp.ResolvedReference + return nil } @@ -199,5 +295,37 @@ func (mg *SplitTunnel) ResolveReferences(ctx context.Context, c client.Reader) e mg.Spec.ForProvider.PolicyID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.PolicyIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha11.AccountList{}, + Managed: &v1alpha11.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.PolicyID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.PolicyIDRef, + Selector: mg.Spec.InitProvider.PolicyIDSelector, + To: reference.To{ + List: &DeviceSettingsPolicyList{}, + Managed: &DeviceSettingsPolicy{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.PolicyID") + } + mg.Spec.InitProvider.PolicyID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.PolicyIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/warp/v1alpha1/zz_generated_terraformed.go b/apis/warp/v1alpha1/zz_generated_terraformed.go deleted file mode 100755 index 9af5fe5..0000000 --- a/apis/warp/v1alpha1/zz_generated_terraformed.go +++ /dev/null @@ -1,458 +0,0 @@ -/* -Copyright 2022 Upbound Inc. -*/ - -// Code generated by upjet. DO NOT EDIT. - -package v1alpha1 - -import ( - "github.com/pkg/errors" - - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" -) - -// GetTerraformResourceType returns Terraform resource type for this DevicePolicyCertificates -func (mg *DevicePolicyCertificates) GetTerraformResourceType() string { - return "cloudflare_device_policy_certificates" -} - -// GetConnectionDetailsMapping for this DevicePolicyCertificates -func (tr *DevicePolicyCertificates) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this DevicePolicyCertificates -func (tr *DevicePolicyCertificates) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this DevicePolicyCertificates -func (tr *DevicePolicyCertificates) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this DevicePolicyCertificates -func (tr *DevicePolicyCertificates) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this DevicePolicyCertificates -func (tr *DevicePolicyCertificates) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this DevicePolicyCertificates -func (tr *DevicePolicyCertificates) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this DevicePolicyCertificates using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *DevicePolicyCertificates) LateInitialize(attrs []byte) (bool, error) { - params := &DevicePolicyCertificatesParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *DevicePolicyCertificates) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this DevicePostureIntegration -func (mg *DevicePostureIntegration) GetTerraformResourceType() string { - return "cloudflare_device_posture_integration" -} - -// GetConnectionDetailsMapping for this DevicePostureIntegration -func (tr *DevicePostureIntegration) GetConnectionDetailsMapping() map[string]string { - return map[string]string{"config[*].client_key": "spec.forProvider.config[*].clientKeySecretRef", "config[*].client_secret": "spec.forProvider.config[*].clientSecretSecretRef"} -} - -// GetObservation of this DevicePostureIntegration -func (tr *DevicePostureIntegration) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this DevicePostureIntegration -func (tr *DevicePostureIntegration) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this DevicePostureIntegration -func (tr *DevicePostureIntegration) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this DevicePostureIntegration -func (tr *DevicePostureIntegration) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this DevicePostureIntegration -func (tr *DevicePostureIntegration) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this DevicePostureIntegration using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *DevicePostureIntegration) LateInitialize(attrs []byte) (bool, error) { - params := &DevicePostureIntegrationParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *DevicePostureIntegration) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this DevicePostureRule -func (mg *DevicePostureRule) GetTerraformResourceType() string { - return "cloudflare_device_posture_rule" -} - -// GetConnectionDetailsMapping for this DevicePostureRule -func (tr *DevicePostureRule) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this DevicePostureRule -func (tr *DevicePostureRule) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this DevicePostureRule -func (tr *DevicePostureRule) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this DevicePostureRule -func (tr *DevicePostureRule) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this DevicePostureRule -func (tr *DevicePostureRule) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this DevicePostureRule -func (tr *DevicePostureRule) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this DevicePostureRule using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *DevicePostureRule) LateInitialize(attrs []byte) (bool, error) { - params := &DevicePostureRuleParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *DevicePostureRule) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this DeviceSettingsPolicy -func (mg *DeviceSettingsPolicy) GetTerraformResourceType() string { - return "cloudflare_device_settings_policy" -} - -// GetConnectionDetailsMapping for this DeviceSettingsPolicy -func (tr *DeviceSettingsPolicy) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this DeviceSettingsPolicy -func (tr *DeviceSettingsPolicy) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this DeviceSettingsPolicy -func (tr *DeviceSettingsPolicy) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this DeviceSettingsPolicy -func (tr *DeviceSettingsPolicy) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this DeviceSettingsPolicy -func (tr *DeviceSettingsPolicy) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this DeviceSettingsPolicy -func (tr *DeviceSettingsPolicy) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this DeviceSettingsPolicy using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *DeviceSettingsPolicy) LateInitialize(attrs []byte) (bool, error) { - params := &DeviceSettingsPolicyParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *DeviceSettingsPolicy) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this FallbackDomain -func (mg *FallbackDomain) GetTerraformResourceType() string { - return "cloudflare_fallback_domain" -} - -// GetConnectionDetailsMapping for this FallbackDomain -func (tr *FallbackDomain) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this FallbackDomain -func (tr *FallbackDomain) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this FallbackDomain -func (tr *FallbackDomain) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this FallbackDomain -func (tr *FallbackDomain) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this FallbackDomain -func (tr *FallbackDomain) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this FallbackDomain -func (tr *FallbackDomain) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this FallbackDomain using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *FallbackDomain) LateInitialize(attrs []byte) (bool, error) { - params := &FallbackDomainParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *FallbackDomain) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this SplitTunnel -func (mg *SplitTunnel) GetTerraformResourceType() string { - return "cloudflare_split_tunnel" -} - -// GetConnectionDetailsMapping for this SplitTunnel -func (tr *SplitTunnel) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this SplitTunnel -func (tr *SplitTunnel) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this SplitTunnel -func (tr *SplitTunnel) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this SplitTunnel -func (tr *SplitTunnel) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this SplitTunnel -func (tr *SplitTunnel) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this SplitTunnel -func (tr *SplitTunnel) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this SplitTunnel using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *SplitTunnel) LateInitialize(attrs []byte) (bool, error) { - params := &SplitTunnelParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *SplitTunnel) GetTerraformSchemaVersion() int { - return 0 -} diff --git a/apis/warp/v1alpha1/zz_groupversion_info.go b/apis/warp/v1alpha1/zz_groupversion_info.go index 05972b3..26f0756 100755 --- a/apis/warp/v1alpha1/zz_groupversion_info.go +++ b/apis/warp/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/warp/v1alpha1/zz_splittunnel_terraformed.go b/apis/warp/v1alpha1/zz_splittunnel_terraformed.go new file mode 100755 index 0000000..f6df821 --- /dev/null +++ b/apis/warp/v1alpha1/zz_splittunnel_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this SplitTunnel +func (mg *SplitTunnel) GetTerraformResourceType() string { + return "cloudflare_split_tunnel" +} + +// GetConnectionDetailsMapping for this SplitTunnel +func (tr *SplitTunnel) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this SplitTunnel +func (tr *SplitTunnel) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this SplitTunnel +func (tr *SplitTunnel) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this SplitTunnel +func (tr *SplitTunnel) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this SplitTunnel +func (tr *SplitTunnel) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this SplitTunnel +func (tr *SplitTunnel) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this SplitTunnel +func (tr *SplitTunnel) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this SplitTunnel +func (tr *SplitTunnel) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this SplitTunnel using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *SplitTunnel) LateInitialize(attrs []byte) (bool, error) { + params := &SplitTunnelParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *SplitTunnel) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/warp/v1alpha1/zz_splittunnel_types.go b/apis/warp/v1alpha1/zz_splittunnel_types.go index 906c649..7870f3e 100755 --- a/apis/warp/v1alpha1/zz_splittunnel_types.go +++ b/apis/warp/v1alpha1/zz_splittunnel_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,68 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type SplitTunnelInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) The mode of the split tunnel policy. Available values: include, exclude. + // The mode of the split tunnel policy. Available values: `include`, `exclude`. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // (String) The settings policy for which to configure this split tunnel policy. + // The settings policy for which to configure this split tunnel policy. + // +crossplane:generate:reference:type=DeviceSettingsPolicy + PolicyID *string `json:"policyId,omitempty" tf:"policy_id,omitempty"` + + // Reference to a DeviceSettingsPolicy to populate policyId. + // +kubebuilder:validation:Optional + PolicyIDRef *v1.Reference `json:"policyIdRef,omitempty" tf:"-"` + + // Selector for a DeviceSettingsPolicy to populate policyId. + // +kubebuilder:validation:Optional + PolicyIDSelector *v1.Selector `json:"policyIdSelector,omitempty" tf:"-"` + + // (Block Set, Min: 1) The value of the tunnel attributes. (see below for nested schema) + // The value of the tunnel attributes. + Tunnels []TunnelsInitParameters `json:"tunnels,omitempty" tf:"tunnels,omitempty"` +} + type SplitTunnelObservation struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The mode of the split tunnel policy. Available values: include, exclude. + // The mode of the split tunnel policy. Available values: `include`, `exclude`. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // (String) The settings policy for which to configure this split tunnel policy. + // The settings policy for which to configure this split tunnel policy. + PolicyID *string `json:"policyId,omitempty" tf:"policy_id,omitempty"` + + // (Block Set, Min: 1) The value of the tunnel attributes. (see below for nested schema) + // The value of the tunnel attributes. + Tunnels []TunnelsObservation `json:"tunnels,omitempty" tf:"tunnels,omitempty"` } type SplitTunnelParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,10 +92,12 @@ type SplitTunnelParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) The mode of the split tunnel policy. Available values: include, exclude. // The mode of the split tunnel policy. Available values: `include`, `exclude`. - // +kubebuilder:validation:Required - Mode *string `json:"mode" tf:"mode,omitempty"` + // +kubebuilder:validation:Optional + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + // (String) The settings policy for which to configure this split tunnel policy. // The settings policy for which to configure this split tunnel policy. // +crossplane:generate:reference:type=DeviceSettingsPolicy // +kubebuilder:validation:Optional @@ -49,24 +111,55 @@ type SplitTunnelParameters struct { // +kubebuilder:validation:Optional PolicyIDSelector *v1.Selector `json:"policyIdSelector,omitempty" tf:"-"` + // (Block Set, Min: 1) The value of the tunnel attributes. (see below for nested schema) // The value of the tunnel attributes. - // +kubebuilder:validation:Required - Tunnels []TunnelsParameters `json:"tunnels" tf:"tunnels,omitempty"` + // +kubebuilder:validation:Optional + Tunnels []TunnelsParameters `json:"tunnels,omitempty" tf:"tunnels,omitempty"` +} + +type TunnelsInitParameters struct { + + // (String) The address for the tunnel. + // The address for the tunnel. + Address *string `json:"address,omitempty" tf:"address,omitempty"` + + // (String) A description for the tunnel. + // A description for the tunnel. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The domain name for the tunnel. + // The domain name for the tunnel. + Host *string `json:"host,omitempty" tf:"host,omitempty"` } type TunnelsObservation struct { + + // (String) The address for the tunnel. + // The address for the tunnel. + Address *string `json:"address,omitempty" tf:"address,omitempty"` + + // (String) A description for the tunnel. + // A description for the tunnel. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The domain name for the tunnel. + // The domain name for the tunnel. + Host *string `json:"host,omitempty" tf:"host,omitempty"` } type TunnelsParameters struct { + // (String) The address for the tunnel. // The address for the tunnel. // +kubebuilder:validation:Optional Address *string `json:"address,omitempty" tf:"address,omitempty"` + // (String) A description for the tunnel. // A description for the tunnel. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (String) The domain name for the tunnel. // The domain name for the tunnel. // +kubebuilder:validation:Optional Host *string `json:"host,omitempty" tf:"host,omitempty"` @@ -76,6 +169,17 @@ type TunnelsParameters struct { type SplitTunnelSpec struct { v1.ResourceSpec `json:",inline"` ForProvider SplitTunnelParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider SplitTunnelInitParameters `json:"initProvider,omitempty"` } // SplitTunnelStatus defines the observed state of SplitTunnel. @@ -85,19 +189,22 @@ type SplitTunnelStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// SplitTunnel is the Schema for the SplitTunnels API. +// SplitTunnel is the Schema for the SplitTunnels API. Provides a Cloudflare Split Tunnel resource. Split tunnels are used to either include or exclude lists of routes from the WARP client's tunnel. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type SplitTunnel struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec SplitTunnelSpec `json:"spec"` - Status SplitTunnelStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.mode) || (has(self.initProvider) && has(self.initProvider.mode))",message="spec.forProvider.mode is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.tunnels) || (has(self.initProvider) && has(self.initProvider.tunnels))",message="spec.forProvider.tunnels is a required parameter" + Spec SplitTunnelSpec `json:"spec"` + Status SplitTunnelStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/web3/v1alpha1/zz_generated.conversion_hubs.go b/apis/web3/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..ed7ab90 --- /dev/null +++ b/apis/web3/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,14 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Hostname) Hub() {} diff --git a/apis/web3/v1alpha1/zz_generated.deepcopy.go b/apis/web3/v1alpha1/zz_generated.deepcopy.go index ef65fa8..df1f8df 100644 --- a/apis/web3/v1alpha1/zz_generated.deepcopy.go +++ b/apis/web3/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -41,6 +40,56 @@ func (in *Hostname) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HostnameInitParameters) DeepCopyInto(out *HostnameInitParameters) { + *out = *in + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Dnslink != nil { + in, out := &in.Dnslink, &out.Dnslink + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Target != nil { + in, out := &in.Target, &out.Target + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostnameInitParameters. +func (in *HostnameInitParameters) DeepCopy() *HostnameInitParameters { + if in == nil { + return nil + } + out := new(HostnameInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HostnameList) DeepCopyInto(out *HostnameList) { *out = *in @@ -81,6 +130,16 @@ func (in *HostnameObservation) DeepCopyInto(out *HostnameObservation) { *out = new(string) **out = **in } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Dnslink != nil { + in, out := &in.Dnslink, &out.Dnslink + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) @@ -91,11 +150,26 @@ func (in *HostnameObservation) DeepCopyInto(out *HostnameObservation) { *out = new(string) **out = **in } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } if in.Status != nil { in, out := &in.Status, &out.Status *out = new(string) **out = **in } + if in.Target != nil { + in, out := &in.Target, &out.Target + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostnameObservation. @@ -163,6 +237,7 @@ func (in *HostnameSpec) DeepCopyInto(out *HostnameSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostnameSpec. diff --git a/apis/web3/v1alpha1/zz_generated.managed.go b/apis/web3/v1alpha1/zz_generated.managed.go index 0cf2bce..cb3fa09 100644 --- a/apis/web3/v1alpha1/zz_generated.managed.go +++ b/apis/web3/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *Hostname) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Hostname. +func (mg *Hostname) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Hostname. func (mg *Hostname) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Hostname. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Hostname) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Hostname. func (mg *Hostname) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *Hostname) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Hostname. +func (mg *Hostname) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Hostname. func (mg *Hostname) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Hostname. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Hostname) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Hostname. func (mg *Hostname) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/web3/v1alpha1/zz_generated.resolvers.go b/apis/web3/v1alpha1/zz_generated.resolvers.go index dd483b6..43ba558 100644 --- a/apis/web3/v1alpha1/zz_generated.resolvers.go +++ b/apis/web3/v1alpha1/zz_generated.resolvers.go @@ -36,5 +36,21 @@ func (mg *Hostname) ResolveReferences(ctx context.Context, c client.Reader) erro mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha1.ZoneList{}, + Managed: &v1alpha1.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/web3/v1alpha1/zz_groupversion_info.go b/apis/web3/v1alpha1/zz_groupversion_info.go index f082c05..eb85163 100755 --- a/apis/web3/v1alpha1/zz_groupversion_info.go +++ b/apis/web3/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/web3/v1alpha1/zz_generated_terraformed.go b/apis/web3/v1alpha1/zz_hostname_terraformed.go similarity index 60% rename from apis/web3/v1alpha1/zz_generated_terraformed.go rename to apis/web3/v1alpha1/zz_hostname_terraformed.go index 577f4cd..45ab811 100755 --- a/apis/web3/v1alpha1/zz_generated_terraformed.go +++ b/apis/web3/v1alpha1/zz_hostname_terraformed.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -7,10 +11,11 @@ Copyright 2022 Upbound Inc. package v1alpha1 import ( + "dario.cat/mergo" "github.com/pkg/errors" - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" ) // GetTerraformResourceType returns Terraform resource type for this Hostname @@ -69,6 +74,46 @@ func (tr *Hostname) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Hostname +func (tr *Hostname) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Hostname +func (tr *Hostname) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + // LateInitialize this Hostname using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Hostname) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/web3/v1alpha1/zz_hostname_types.go b/apis/web3/v1alpha1/zz_hostname_types.go index b1f288c..9862fc6 100755 --- a/apis/web3/v1alpha1/zz_hostname_types.go +++ b/apis/web3/v1alpha1/zz_hostname_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,18 +17,60 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type HostnameInitParameters struct { + + // An optional description of the hostname. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // DNSLink value used if the target is ipfs. + Dnslink *string `json:"dnslink,omitempty" tf:"dnslink,omitempty"` + + // The hostname that will point to the target gateway via CNAME. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // Target gateway of the hostname. + Target *string `json:"target,omitempty" tf:"target,omitempty"` + + // The zone identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type HostnameObservation struct { // Creation time. CreatedOn *string `json:"createdOn,omitempty" tf:"created_on,omitempty"` + // An optional description of the hostname. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // DNSLink value used if the target is ipfs. + Dnslink *string `json:"dnslink,omitempty" tf:"dnslink,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` // Last modification time. ModifiedOn *string `json:"modifiedOn,omitempty" tf:"modified_on,omitempty"` + // The hostname that will point to the target gateway via CNAME. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // Status of the hostname's activation. Status *string `json:"status,omitempty" tf:"status,omitempty"` + + // Target gateway of the hostname. + Target *string `json:"target,omitempty" tf:"target,omitempty"` + + // The zone identifier to target for the resource. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type HostnameParameters struct { @@ -38,12 +84,12 @@ type HostnameParameters struct { Dnslink *string `json:"dnslink,omitempty" tf:"dnslink,omitempty"` // The hostname that will point to the target gateway via CNAME. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` // Target gateway of the hostname. - // +kubebuilder:validation:Required - Target *string `json:"target" tf:"target,omitempty"` + // +kubebuilder:validation:Optional + Target *string `json:"target,omitempty" tf:"target,omitempty"` // The zone identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone @@ -63,6 +109,17 @@ type HostnameParameters struct { type HostnameSpec struct { v1.ResourceSpec `json:",inline"` ForProvider HostnameParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider HostnameInitParameters `json:"initProvider,omitempty"` } // HostnameStatus defines the observed state of Hostname. @@ -72,19 +129,22 @@ type HostnameStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion // Hostname is the Schema for the Hostnames API. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Hostname struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec HostnameSpec `json:"spec"` - Status HostnameStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.target) || (has(self.initProvider) && has(self.initProvider.target))",message="spec.forProvider.target is a required parameter" + Spec HostnameSpec `json:"spec"` + Status HostnameStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/worker/v1alpha1/zz_crontrigger_terraformed.go b/apis/worker/v1alpha1/zz_crontrigger_terraformed.go new file mode 100755 index 0000000..0ac8c0d --- /dev/null +++ b/apis/worker/v1alpha1/zz_crontrigger_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this CronTrigger +func (mg *CronTrigger) GetTerraformResourceType() string { + return "cloudflare_worker_cron_trigger" +} + +// GetConnectionDetailsMapping for this CronTrigger +func (tr *CronTrigger) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this CronTrigger +func (tr *CronTrigger) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this CronTrigger +func (tr *CronTrigger) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this CronTrigger +func (tr *CronTrigger) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this CronTrigger +func (tr *CronTrigger) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this CronTrigger +func (tr *CronTrigger) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this CronTrigger +func (tr *CronTrigger) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this CronTrigger +func (tr *CronTrigger) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this CronTrigger using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *CronTrigger) LateInitialize(attrs []byte) (bool, error) { + params := &CronTriggerParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *CronTrigger) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/worker/v1alpha1/zz_crontrigger_types.go b/apis/worker/v1alpha1/zz_crontrigger_types.go index f0179c9..d922cc7 100755 --- a/apis/worker/v1alpha1/zz_crontrigger_types.go +++ b/apis/worker/v1alpha1/zz_crontrigger_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,62 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type CronTriggerInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (Set of String) Cron expressions to execute the Worker script. + // Cron expressions to execute the Worker script. + // +listType=set + Schedules []*string `json:"schedules,omitempty" tf:"schedules,omitempty"` + + // (String) Worker script to target for the schedules. + // Worker script to target for the schedules. + // +crossplane:generate:reference:type=Script + ScriptName *string `json:"scriptName,omitempty" tf:"script_name,omitempty"` + + // Reference to a Script to populate scriptName. + // +kubebuilder:validation:Optional + ScriptNameRef *v1.Reference `json:"scriptNameRef,omitempty" tf:"-"` + + // Selector for a Script to populate scriptName. + // +kubebuilder:validation:Optional + ScriptNameSelector *v1.Selector `json:"scriptNameSelector,omitempty" tf:"-"` +} + type CronTriggerObservation struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Set of String) Cron expressions to execute the Worker script. + // Cron expressions to execute the Worker script. + // +listType=set + Schedules []*string `json:"schedules,omitempty" tf:"schedules,omitempty"` + + // (String) Worker script to target for the schedules. + // Worker script to target for the schedules. + ScriptName *string `json:"scriptName,omitempty" tf:"script_name,omitempty"` } type CronTriggerParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,10 +86,13 @@ type CronTriggerParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (Set of String) Cron expressions to execute the Worker script. // Cron expressions to execute the Worker script. - // +kubebuilder:validation:Required - Schedules []*string `json:"schedules" tf:"schedules,omitempty"` + // +kubebuilder:validation:Optional + // +listType=set + Schedules []*string `json:"schedules,omitempty" tf:"schedules,omitempty"` + // (String) Worker script to target for the schedules. // Worker script to target for the schedules. // +crossplane:generate:reference:type=Script // +kubebuilder:validation:Optional @@ -54,6 +111,17 @@ type CronTriggerParameters struct { type CronTriggerSpec struct { v1.ResourceSpec `json:",inline"` ForProvider CronTriggerParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider CronTriggerInitParameters `json:"initProvider,omitempty"` } // CronTriggerStatus defines the observed state of CronTrigger. @@ -63,19 +131,21 @@ type CronTriggerStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// CronTrigger is the Schema for the CronTriggers API. +// CronTrigger is the Schema for the CronTriggers API. Worker Cron Triggers allow users to map a cron expression to a Worker script using a ScheduledEvent listener that enables Workers to be executed on a schedule. Worker Cron Triggers are ideal for running periodic jobs for maintenance or calling third-party APIs to collect up-to-date data. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type CronTrigger struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec CronTriggerSpec `json:"spec"` - Status CronTriggerStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.schedules) || (has(self.initProvider) && has(self.initProvider.schedules))",message="spec.forProvider.schedules is a required parameter" + Spec CronTriggerSpec `json:"spec"` + Status CronTriggerStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/worker/v1alpha1/zz_generated.conversion_hubs.go b/apis/worker/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..82c7d41 --- /dev/null +++ b/apis/worker/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,26 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *CronTrigger) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Route) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Script) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *KV) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *KVNamespace) Hub() {} diff --git a/apis/worker/v1alpha1/zz_generated.deepcopy.go b/apis/worker/v1alpha1/zz_generated.deepcopy.go index 44ae5b0..c51eec3 100644 --- a/apis/worker/v1alpha1/zz_generated.deepcopy.go +++ b/apis/worker/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -14,9 +13,44 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AnalyticsEngineBindingInitParameters) DeepCopyInto(out *AnalyticsEngineBindingInitParameters) { + *out = *in + if in.Dataset != nil { + in, out := &in.Dataset, &out.Dataset + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AnalyticsEngineBindingInitParameters. +func (in *AnalyticsEngineBindingInitParameters) DeepCopy() *AnalyticsEngineBindingInitParameters { + if in == nil { + return nil + } + out := new(AnalyticsEngineBindingInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AnalyticsEngineBindingObservation) DeepCopyInto(out *AnalyticsEngineBindingObservation) { *out = *in + if in.Dataset != nil { + in, out := &in.Dataset, &out.Dataset + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AnalyticsEngineBindingObservation. @@ -81,6 +115,62 @@ func (in *CronTrigger) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CronTriggerInitParameters) DeepCopyInto(out *CronTriggerInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Schedules != nil { + in, out := &in.Schedules, &out.Schedules + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ScriptName != nil { + in, out := &in.ScriptName, &out.ScriptName + *out = new(string) + **out = **in + } + if in.ScriptNameRef != nil { + in, out := &in.ScriptNameRef, &out.ScriptNameRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ScriptNameSelector != nil { + in, out := &in.ScriptNameSelector, &out.ScriptNameSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CronTriggerInitParameters. +func (in *CronTriggerInitParameters) DeepCopy() *CronTriggerInitParameters { + if in == nil { + return nil + } + out := new(CronTriggerInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CronTriggerList) DeepCopyInto(out *CronTriggerList) { *out = *in @@ -116,11 +206,32 @@ func (in *CronTriggerList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CronTriggerObservation) DeepCopyInto(out *CronTriggerObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Schedules != nil { + in, out := &in.Schedules, &out.Schedules + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ScriptName != nil { + in, out := &in.ScriptName, &out.ScriptName + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CronTriggerObservation. @@ -194,6 +305,7 @@ func (in *CronTriggerSpec) DeepCopyInto(out *CronTriggerSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CronTriggerSpec. @@ -250,6 +362,61 @@ func (in *KV) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KVInitParameters) DeepCopyInto(out *KVInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Key != nil { + in, out := &in.Key, &out.Key + *out = new(string) + **out = **in + } + if in.NamespaceID != nil { + in, out := &in.NamespaceID, &out.NamespaceID + *out = new(string) + **out = **in + } + if in.NamespaceIDRef != nil { + in, out := &in.NamespaceIDRef, &out.NamespaceIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.NamespaceIDSelector != nil { + in, out := &in.NamespaceIDSelector, &out.NamespaceIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KVInitParameters. +func (in *KVInitParameters) DeepCopy() *KVInitParameters { + if in == nil { + return nil + } + out := new(KVInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KVList) DeepCopyInto(out *KVList) { *out = *in @@ -309,6 +476,41 @@ func (in *KVNamespace) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KVNamespaceInitParameters) DeepCopyInto(out *KVNamespaceInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Title != nil { + in, out := &in.Title, &out.Title + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KVNamespaceInitParameters. +func (in *KVNamespaceInitParameters) DeepCopy() *KVNamespaceInitParameters { + if in == nil { + return nil + } + out := new(KVNamespaceInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KVNamespaceList) DeepCopyInto(out *KVNamespaceList) { *out = *in @@ -344,11 +546,21 @@ func (in *KVNamespaceList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KVNamespaceObservation) DeepCopyInto(out *KVNamespaceObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Title != nil { + in, out := &in.Title, &out.Title + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KVNamespaceObservation. @@ -401,6 +613,7 @@ func (in *KVNamespaceSpec) DeepCopyInto(out *KVNamespaceSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KVNamespaceSpec. @@ -433,11 +646,31 @@ func (in *KVNamespaceStatus) DeepCopy() *KVNamespaceStatus { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KVObservation) DeepCopyInto(out *KVObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Key != nil { + in, out := &in.Key, &out.Key + *out = new(string) + **out = **in + } + if in.NamespaceID != nil { + in, out := &in.NamespaceID, &out.NamespaceID + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KVObservation. @@ -510,6 +743,7 @@ func (in *KVSpec) DeepCopyInto(out *KVSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KVSpec. @@ -540,22 +774,7 @@ func (in *KVStatus) DeepCopy() *KVStatus { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KvNamespaceBindingObservation) DeepCopyInto(out *KvNamespaceBindingObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KvNamespaceBindingObservation. -func (in *KvNamespaceBindingObservation) DeepCopy() *KvNamespaceBindingObservation { - if in == nil { - return nil - } - out := new(KvNamespaceBindingObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KvNamespaceBindingParameters) DeepCopyInto(out *KvNamespaceBindingParameters) { +func (in *KvNamespaceBindingInitParameters) DeepCopyInto(out *KvNamespaceBindingInitParameters) { *out = *in if in.Name != nil { in, out := &in.Name, &out.Name @@ -579,40 +798,135 @@ func (in *KvNamespaceBindingParameters) DeepCopyInto(out *KvNamespaceBindingPara } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KvNamespaceBindingParameters. -func (in *KvNamespaceBindingParameters) DeepCopy() *KvNamespaceBindingParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KvNamespaceBindingInitParameters. +func (in *KvNamespaceBindingInitParameters) DeepCopy() *KvNamespaceBindingInitParameters { if in == nil { return nil } - out := new(KvNamespaceBindingParameters) + out := new(KvNamespaceBindingInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PlainTextBindingObservation) DeepCopyInto(out *PlainTextBindingObservation) { +func (in *KvNamespaceBindingObservation) DeepCopyInto(out *KvNamespaceBindingObservation) { *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.NamespaceID != nil { + in, out := &in.NamespaceID, &out.NamespaceID + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlainTextBindingObservation. -func (in *PlainTextBindingObservation) DeepCopy() *PlainTextBindingObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KvNamespaceBindingObservation. +func (in *KvNamespaceBindingObservation) DeepCopy() *KvNamespaceBindingObservation { if in == nil { return nil } - out := new(PlainTextBindingObservation) + out := new(KvNamespaceBindingObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PlainTextBindingParameters) DeepCopyInto(out *PlainTextBindingParameters) { +func (in *KvNamespaceBindingParameters) DeepCopyInto(out *KvNamespaceBindingParameters) { *out = *in if in.Name != nil { in, out := &in.Name, &out.Name *out = new(string) **out = **in } - if in.Text != nil { + if in.NamespaceID != nil { + in, out := &in.NamespaceID, &out.NamespaceID + *out = new(string) + **out = **in + } + if in.NamespaceIDRef != nil { + in, out := &in.NamespaceIDRef, &out.NamespaceIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.NamespaceIDSelector != nil { + in, out := &in.NamespaceIDSelector, &out.NamespaceIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KvNamespaceBindingParameters. +func (in *KvNamespaceBindingParameters) DeepCopy() *KvNamespaceBindingParameters { + if in == nil { + return nil + } + out := new(KvNamespaceBindingParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PlainTextBindingInitParameters) DeepCopyInto(out *PlainTextBindingInitParameters) { + *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Text != nil { + in, out := &in.Text, &out.Text + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlainTextBindingInitParameters. +func (in *PlainTextBindingInitParameters) DeepCopy() *PlainTextBindingInitParameters { + if in == nil { + return nil + } + out := new(PlainTextBindingInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PlainTextBindingObservation) DeepCopyInto(out *PlainTextBindingObservation) { + *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Text != nil { + in, out := &in.Text, &out.Text + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlainTextBindingObservation. +func (in *PlainTextBindingObservation) DeepCopy() *PlainTextBindingObservation { + if in == nil { + return nil + } + out := new(PlainTextBindingObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PlainTextBindingParameters) DeepCopyInto(out *PlainTextBindingParameters) { + *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Text != nil { in, out := &in.Text, &out.Text *out = new(string) **out = **in @@ -629,9 +943,44 @@ func (in *PlainTextBindingParameters) DeepCopy() *PlainTextBindingParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *R2BucketBindingInitParameters) DeepCopyInto(out *R2BucketBindingInitParameters) { + *out = *in + if in.BucketName != nil { + in, out := &in.BucketName, &out.BucketName + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new R2BucketBindingInitParameters. +func (in *R2BucketBindingInitParameters) DeepCopy() *R2BucketBindingInitParameters { + if in == nil { + return nil + } + out := new(R2BucketBindingInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *R2BucketBindingObservation) DeepCopyInto(out *R2BucketBindingObservation) { *out = *in + if in.BucketName != nil { + in, out := &in.BucketName, &out.BucketName + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new R2BucketBindingObservation. @@ -696,6 +1045,56 @@ func (in *Route) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RouteInitParameters) DeepCopyInto(out *RouteInitParameters) { + *out = *in + if in.Pattern != nil { + in, out := &in.Pattern, &out.Pattern + *out = new(string) + **out = **in + } + if in.ScriptName != nil { + in, out := &in.ScriptName, &out.ScriptName + *out = new(string) + **out = **in + } + if in.ScriptNameRef != nil { + in, out := &in.ScriptNameRef, &out.ScriptNameRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ScriptNameSelector != nil { + in, out := &in.ScriptNameSelector, &out.ScriptNameSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteInitParameters. +func (in *RouteInitParameters) DeepCopy() *RouteInitParameters { + if in == nil { + return nil + } + out := new(RouteInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RouteList) DeepCopyInto(out *RouteList) { *out = *in @@ -736,6 +1135,21 @@ func (in *RouteObservation) DeepCopyInto(out *RouteObservation) { *out = new(string) **out = **in } + if in.Pattern != nil { + in, out := &in.Pattern, &out.Pattern + *out = new(string) + **out = **in + } + if in.ScriptName != nil { + in, out := &in.ScriptName, &out.ScriptName + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteObservation. @@ -803,6 +1217,7 @@ func (in *RouteSpec) DeepCopyInto(out *RouteSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteSpec. @@ -859,6 +1274,90 @@ func (in *Script) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ScriptInitParameters) DeepCopyInto(out *ScriptInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AnalyticsEngineBinding != nil { + in, out := &in.AnalyticsEngineBinding, &out.AnalyticsEngineBinding + *out = make([]AnalyticsEngineBindingInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Content != nil { + in, out := &in.Content, &out.Content + *out = new(string) + **out = **in + } + if in.KvNamespaceBinding != nil { + in, out := &in.KvNamespaceBinding, &out.KvNamespaceBinding + *out = make([]KvNamespaceBindingInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Module != nil { + in, out := &in.Module, &out.Module + *out = new(bool) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.PlainTextBinding != nil { + in, out := &in.PlainTextBinding, &out.PlainTextBinding + *out = make([]PlainTextBindingInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.R2BucketBinding != nil { + in, out := &in.R2BucketBinding, &out.R2BucketBinding + *out = make([]R2BucketBindingInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SecretTextBinding != nil { + in, out := &in.SecretTextBinding, &out.SecretTextBinding + *out = make([]SecretTextBindingInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceBinding != nil { + in, out := &in.ServiceBinding, &out.ServiceBinding + *out = make([]ServiceBindingInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.WebassemblyBinding != nil { + in, out := &in.WebassemblyBinding, &out.WebassemblyBinding + *out = make([]WebassemblyBindingInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScriptInitParameters. +func (in *ScriptInitParameters) DeepCopy() *ScriptInitParameters { + if in == nil { + return nil + } + out := new(ScriptInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ScriptList) DeepCopyInto(out *ScriptList) { *out = *in @@ -894,11 +1393,80 @@ func (in *ScriptList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ScriptObservation) DeepCopyInto(out *ScriptObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AnalyticsEngineBinding != nil { + in, out := &in.AnalyticsEngineBinding, &out.AnalyticsEngineBinding + *out = make([]AnalyticsEngineBindingObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Content != nil { + in, out := &in.Content, &out.Content + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.KvNamespaceBinding != nil { + in, out := &in.KvNamespaceBinding, &out.KvNamespaceBinding + *out = make([]KvNamespaceBindingObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Module != nil { + in, out := &in.Module, &out.Module + *out = new(bool) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.PlainTextBinding != nil { + in, out := &in.PlainTextBinding, &out.PlainTextBinding + *out = make([]PlainTextBindingObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.R2BucketBinding != nil { + in, out := &in.R2BucketBinding, &out.R2BucketBinding + *out = make([]R2BucketBindingObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SecretTextBinding != nil { + in, out := &in.SecretTextBinding, &out.SecretTextBinding + *out = make([]SecretTextBindingObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceBinding != nil { + in, out := &in.ServiceBinding, &out.ServiceBinding + *out = make([]ServiceBindingObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.WebassemblyBinding != nil { + in, out := &in.WebassemblyBinding, &out.WebassemblyBinding + *out = make([]WebassemblyBindingObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScriptObservation. @@ -1000,6 +1568,7 @@ func (in *ScriptSpec) DeepCopyInto(out *ScriptSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScriptSpec. @@ -1029,9 +1598,34 @@ func (in *ScriptStatus) DeepCopy() *ScriptStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretTextBindingInitParameters) DeepCopyInto(out *SecretTextBindingInitParameters) { + *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretTextBindingInitParameters. +func (in *SecretTextBindingInitParameters) DeepCopy() *SecretTextBindingInitParameters { + if in == nil { + return nil + } + out := new(SecretTextBindingInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecretTextBindingObservation) DeepCopyInto(out *SecretTextBindingObservation) { *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretTextBindingObservation. @@ -1065,9 +1659,54 @@ func (in *SecretTextBindingParameters) DeepCopy() *SecretTextBindingParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceBindingInitParameters) DeepCopyInto(out *ServiceBindingInitParameters) { + *out = *in + if in.Environment != nil { + in, out := &in.Environment, &out.Environment + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceBindingInitParameters. +func (in *ServiceBindingInitParameters) DeepCopy() *ServiceBindingInitParameters { + if in == nil { + return nil + } + out := new(ServiceBindingInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ServiceBindingObservation) DeepCopyInto(out *ServiceBindingObservation) { *out = *in + if in.Environment != nil { + in, out := &in.Environment, &out.Environment + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceBindingObservation. @@ -1110,9 +1749,44 @@ func (in *ServiceBindingParameters) DeepCopy() *ServiceBindingParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebassemblyBindingInitParameters) DeepCopyInto(out *WebassemblyBindingInitParameters) { + *out = *in + if in.Module != nil { + in, out := &in.Module, &out.Module + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebassemblyBindingInitParameters. +func (in *WebassemblyBindingInitParameters) DeepCopy() *WebassemblyBindingInitParameters { + if in == nil { + return nil + } + out := new(WebassemblyBindingInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *WebassemblyBindingObservation) DeepCopyInto(out *WebassemblyBindingObservation) { *out = *in + if in.Module != nil { + in, out := &in.Module, &out.Module + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebassemblyBindingObservation. diff --git a/apis/worker/v1alpha1/zz_generated.managed.go b/apis/worker/v1alpha1/zz_generated.managed.go index fb39f02..38a352d 100644 --- a/apis/worker/v1alpha1/zz_generated.managed.go +++ b/apis/worker/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *CronTrigger) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this CronTrigger. +func (mg *CronTrigger) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this CronTrigger. func (mg *CronTrigger) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this CronTrigger. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *CronTrigger) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this CronTrigger. func (mg *CronTrigger) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *CronTrigger) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this CronTrigger. +func (mg *CronTrigger) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this CronTrigger. func (mg *CronTrigger) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this CronTrigger. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *CronTrigger) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this CronTrigger. func (mg *CronTrigger) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *KV) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this KV. +func (mg *KV) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this KV. func (mg *KV) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this KV. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *KV) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this KV. func (mg *KV) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *KV) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this KV. +func (mg *KV) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this KV. func (mg *KV) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this KV. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *KV) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this KV. func (mg *KV) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -149,19 +137,16 @@ func (mg *KVNamespace) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this KVNamespace. +func (mg *KVNamespace) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this KVNamespace. func (mg *KVNamespace) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this KVNamespace. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *KVNamespace) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this KVNamespace. func (mg *KVNamespace) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -182,19 +167,16 @@ func (mg *KVNamespace) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this KVNamespace. +func (mg *KVNamespace) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this KVNamespace. func (mg *KVNamespace) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this KVNamespace. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *KVNamespace) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this KVNamespace. func (mg *KVNamespace) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -215,19 +197,16 @@ func (mg *Route) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Route. +func (mg *Route) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Route. func (mg *Route) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Route. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Route) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Route. func (mg *Route) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -248,19 +227,16 @@ func (mg *Route) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Route. +func (mg *Route) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Route. func (mg *Route) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Route. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Route) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Route. func (mg *Route) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -281,19 +257,16 @@ func (mg *Script) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Script. +func (mg *Script) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Script. func (mg *Script) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Script. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Script) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Script. func (mg *Script) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -314,19 +287,16 @@ func (mg *Script) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Script. +func (mg *Script) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Script. func (mg *Script) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Script. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Script) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Script. func (mg *Script) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/worker/v1alpha1/zz_generated.resolvers.go b/apis/worker/v1alpha1/zz_generated.resolvers.go index 29c166f..9f5a985 100644 --- a/apis/worker/v1alpha1/zz_generated.resolvers.go +++ b/apis/worker/v1alpha1/zz_generated.resolvers.go @@ -53,6 +53,38 @@ func (mg *CronTrigger) ResolveReferences(ctx context.Context, c client.Reader) e mg.Spec.ForProvider.ScriptName = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ScriptNameRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ScriptName), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ScriptNameRef, + Selector: mg.Spec.InitProvider.ScriptNameSelector, + To: reference.To{ + List: &ScriptList{}, + Managed: &Script{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ScriptName") + } + mg.Spec.InitProvider.ScriptName = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ScriptNameRef = rsp.ResolvedReference + return nil } @@ -95,6 +127,38 @@ func (mg *KV) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.NamespaceID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.NamespaceIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.NamespaceID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.NamespaceIDRef, + Selector: mg.Spec.InitProvider.NamespaceIDSelector, + To: reference.To{ + List: &KVNamespaceList{}, + Managed: &KVNamespace{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.NamespaceID") + } + mg.Spec.InitProvider.NamespaceID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.NamespaceIDRef = rsp.ResolvedReference + return nil } @@ -121,6 +185,22 @@ func (mg *KVNamespace) ResolveReferences(ctx context.Context, c client.Reader) e mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } @@ -163,6 +243,38 @@ func (mg *Route) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ScriptName), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ScriptNameRef, + Selector: mg.Spec.InitProvider.ScriptNameSelector, + To: reference.To{ + List: &ScriptList{}, + Managed: &Script{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ScriptName") + } + mg.Spec.InitProvider.ScriptName = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ScriptNameRef = rsp.ResolvedReference + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &v1alpha11.ZoneList{}, + Managed: &v1alpha11.Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -190,6 +302,24 @@ func (mg *Script) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.KvNamespaceBinding[i3].NamespaceID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.KvNamespaceBinding[i3].NamespaceIDRef = rsp.ResolvedReference + } + for i3 := 0; i3 < len(mg.Spec.InitProvider.KvNamespaceBinding); i3++ { + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.KvNamespaceBinding[i3].NamespaceID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.KvNamespaceBinding[i3].NamespaceIDRef, + Selector: mg.Spec.InitProvider.KvNamespaceBinding[i3].NamespaceIDSelector, + To: reference.To{ + List: &KVNamespaceList{}, + Managed: &KVNamespace{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.KvNamespaceBinding[i3].NamespaceID") + } + mg.Spec.InitProvider.KvNamespaceBinding[i3].NamespaceID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.KvNamespaceBinding[i3].NamespaceIDRef = rsp.ResolvedReference + } return nil diff --git a/apis/worker/v1alpha1/zz_generated_terraformed.go b/apis/worker/v1alpha1/zz_generated_terraformed.go deleted file mode 100755 index 921b811..0000000 --- a/apis/worker/v1alpha1/zz_generated_terraformed.go +++ /dev/null @@ -1,384 +0,0 @@ -/* -Copyright 2022 Upbound Inc. -*/ - -// Code generated by upjet. DO NOT EDIT. - -package v1alpha1 - -import ( - "github.com/pkg/errors" - - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" -) - -// GetTerraformResourceType returns Terraform resource type for this CronTrigger -func (mg *CronTrigger) GetTerraformResourceType() string { - return "cloudflare_worker_cron_trigger" -} - -// GetConnectionDetailsMapping for this CronTrigger -func (tr *CronTrigger) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this CronTrigger -func (tr *CronTrigger) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this CronTrigger -func (tr *CronTrigger) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this CronTrigger -func (tr *CronTrigger) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this CronTrigger -func (tr *CronTrigger) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this CronTrigger -func (tr *CronTrigger) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this CronTrigger using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *CronTrigger) LateInitialize(attrs []byte) (bool, error) { - params := &CronTriggerParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *CronTrigger) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Route -func (mg *Route) GetTerraformResourceType() string { - return "cloudflare_worker_route" -} - -// GetConnectionDetailsMapping for this Route -func (tr *Route) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Route -func (tr *Route) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Route -func (tr *Route) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Route -func (tr *Route) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Route -func (tr *Route) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Route -func (tr *Route) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Route using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Route) LateInitialize(attrs []byte) (bool, error) { - params := &RouteParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Route) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Script -func (mg *Script) GetTerraformResourceType() string { - return "cloudflare_worker_script" -} - -// GetConnectionDetailsMapping for this Script -func (tr *Script) GetConnectionDetailsMapping() map[string]string { - return map[string]string{"secret_text_binding[*].text": "spec.forProvider.secretTextBinding[*].textSecretRef"} -} - -// GetObservation of this Script -func (tr *Script) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Script -func (tr *Script) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Script -func (tr *Script) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Script -func (tr *Script) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Script -func (tr *Script) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Script using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Script) LateInitialize(attrs []byte) (bool, error) { - params := &ScriptParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Script) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this KV -func (mg *KV) GetTerraformResourceType() string { - return "cloudflare_workers_kv" -} - -// GetConnectionDetailsMapping for this KV -func (tr *KV) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this KV -func (tr *KV) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this KV -func (tr *KV) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this KV -func (tr *KV) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this KV -func (tr *KV) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this KV -func (tr *KV) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this KV using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *KV) LateInitialize(attrs []byte) (bool, error) { - params := &KVParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *KV) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this KVNamespace -func (mg *KVNamespace) GetTerraformResourceType() string { - return "cloudflare_workers_kv_namespace" -} - -// GetConnectionDetailsMapping for this KVNamespace -func (tr *KVNamespace) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this KVNamespace -func (tr *KVNamespace) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this KVNamespace -func (tr *KVNamespace) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this KVNamespace -func (tr *KVNamespace) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this KVNamespace -func (tr *KVNamespace) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this KVNamespace -func (tr *KVNamespace) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this KVNamespace using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *KVNamespace) LateInitialize(attrs []byte) (bool, error) { - params := &KVNamespaceParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *KVNamespace) GetTerraformSchemaVersion() int { - return 0 -} diff --git a/apis/worker/v1alpha1/zz_groupversion_info.go b/apis/worker/v1alpha1/zz_groupversion_info.go index a0c08c0..dfafac4 100755 --- a/apis/worker/v1alpha1/zz_groupversion_info.go +++ b/apis/worker/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/worker/v1alpha1/zz_kv_terraformed.go b/apis/worker/v1alpha1/zz_kv_terraformed.go new file mode 100755 index 0000000..ccfbbe2 --- /dev/null +++ b/apis/worker/v1alpha1/zz_kv_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this KV +func (mg *KV) GetTerraformResourceType() string { + return "cloudflare_workers_kv" +} + +// GetConnectionDetailsMapping for this KV +func (tr *KV) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this KV +func (tr *KV) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this KV +func (tr *KV) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this KV +func (tr *KV) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this KV +func (tr *KV) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this KV +func (tr *KV) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this KV +func (tr *KV) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this KV +func (tr *KV) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this KV using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *KV) LateInitialize(attrs []byte) (bool, error) { + params := &KVParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *KV) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/worker/v1alpha1/zz_kv_types.go b/apis/worker/v1alpha1/zz_kv_types.go index e30833a..42a80cd 100755 --- a/apis/worker/v1alpha1/zz_kv_types.go +++ b/apis/worker/v1alpha1/zz_kv_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,68 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type KVInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) Name of the KV pair. Modifying this attribute will force creation of a new resource. + // Name of the KV pair. **Modifying this attribute will force creation of a new resource.** + Key *string `json:"key,omitempty" tf:"key,omitempty"` + + // (String) The ID of the Workers KV namespace in which you want to create the KV pair. Modifying this attribute will force creation of a new resource. + // The ID of the Workers KV namespace in which you want to create the KV pair. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=KVNamespace + NamespaceID *string `json:"namespaceId,omitempty" tf:"namespace_id,omitempty"` + + // Reference to a KVNamespace to populate namespaceId. + // +kubebuilder:validation:Optional + NamespaceIDRef *v1.Reference `json:"namespaceIdRef,omitempty" tf:"-"` + + // Selector for a KVNamespace to populate namespaceId. + // +kubebuilder:validation:Optional + NamespaceIDSelector *v1.Selector `json:"namespaceIdSelector,omitempty" tf:"-"` + + // (String) Value of the KV pair. + // Value of the KV pair. + Value *string `json:"value,omitempty" tf:"value,omitempty"` +} + type KVObservation struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) Name of the KV pair. Modifying this attribute will force creation of a new resource. + // Name of the KV pair. **Modifying this attribute will force creation of a new resource.** + Key *string `json:"key,omitempty" tf:"key,omitempty"` + + // (String) The ID of the Workers KV namespace in which you want to create the KV pair. Modifying this attribute will force creation of a new resource. + // The ID of the Workers KV namespace in which you want to create the KV pair. **Modifying this attribute will force creation of a new resource.** + NamespaceID *string `json:"namespaceId,omitempty" tf:"namespace_id,omitempty"` + + // (String) Value of the KV pair. + // Value of the KV pair. + Value *string `json:"value,omitempty" tf:"value,omitempty"` } type KVParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,10 +92,12 @@ type KVParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) Name of the KV pair. Modifying this attribute will force creation of a new resource. // Name of the KV pair. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Key *string `json:"key" tf:"key,omitempty"` + // +kubebuilder:validation:Optional + Key *string `json:"key,omitempty" tf:"key,omitempty"` + // (String) The ID of the Workers KV namespace in which you want to create the KV pair. Modifying this attribute will force creation of a new resource. // The ID of the Workers KV namespace in which you want to create the KV pair. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=KVNamespace // +kubebuilder:validation:Optional @@ -49,15 +111,27 @@ type KVParameters struct { // +kubebuilder:validation:Optional NamespaceIDSelector *v1.Selector `json:"namespaceIdSelector,omitempty" tf:"-"` + // (String) Value of the KV pair. // Value of the KV pair. - // +kubebuilder:validation:Required - Value *string `json:"value" tf:"value,omitempty"` + // +kubebuilder:validation:Optional + Value *string `json:"value,omitempty" tf:"value,omitempty"` } // KVSpec defines the desired state of KV type KVSpec struct { v1.ResourceSpec `json:",inline"` ForProvider KVParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider KVInitParameters `json:"initProvider,omitempty"` } // KVStatus defines the observed state of KV. @@ -67,19 +141,22 @@ type KVStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// KV is the Schema for the KVs API. +// KV is the Schema for the KVs API. Provides a resource to manage a Cloudflare Workers KV Pair. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type KV struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec KVSpec `json:"spec"` - Status KVStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.key) || (has(self.initProvider) && has(self.initProvider.key))",message="spec.forProvider.key is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.value) || (has(self.initProvider) && has(self.initProvider.value))",message="spec.forProvider.value is a required parameter" + Spec KVSpec `json:"spec"` + Status KVStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/worker/v1alpha1/zz_kvnamespace_terraformed.go b/apis/worker/v1alpha1/zz_kvnamespace_terraformed.go new file mode 100755 index 0000000..2f6dfae --- /dev/null +++ b/apis/worker/v1alpha1/zz_kvnamespace_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this KVNamespace +func (mg *KVNamespace) GetTerraformResourceType() string { + return "cloudflare_workers_kv_namespace" +} + +// GetConnectionDetailsMapping for this KVNamespace +func (tr *KVNamespace) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this KVNamespace +func (tr *KVNamespace) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this KVNamespace +func (tr *KVNamespace) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this KVNamespace +func (tr *KVNamespace) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this KVNamespace +func (tr *KVNamespace) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this KVNamespace +func (tr *KVNamespace) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this KVNamespace +func (tr *KVNamespace) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this KVNamespace +func (tr *KVNamespace) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this KVNamespace using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *KVNamespace) LateInitialize(attrs []byte) (bool, error) { + params := &KVNamespaceParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *KVNamespace) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/worker/v1alpha1/zz_kvnamespace_types.go b/apis/worker/v1alpha1/zz_kvnamespace_types.go index 96b79a2..0ac6454 100755 --- a/apis/worker/v1alpha1/zz_kvnamespace_types.go +++ b/apis/worker/v1alpha1/zz_kvnamespace_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,12 +17,43 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type KVNamespaceInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (String) Title value of the Worker KV Namespace. + // Title value of the Worker KV Namespace. + Title *string `json:"title,omitempty" tf:"title,omitempty"` +} + type KVNamespaceObservation struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) Title value of the Worker KV Namespace. + // Title value of the Worker KV Namespace. + Title *string `json:"title,omitempty" tf:"title,omitempty"` } type KVNamespaceParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -32,15 +67,27 @@ type KVNamespaceParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (String) Title value of the Worker KV Namespace. // Title value of the Worker KV Namespace. - // +kubebuilder:validation:Required - Title *string `json:"title" tf:"title,omitempty"` + // +kubebuilder:validation:Optional + Title *string `json:"title,omitempty" tf:"title,omitempty"` } // KVNamespaceSpec defines the desired state of KVNamespace type KVNamespaceSpec struct { v1.ResourceSpec `json:",inline"` ForProvider KVNamespaceParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider KVNamespaceInitParameters `json:"initProvider,omitempty"` } // KVNamespaceStatus defines the observed state of KVNamespace. @@ -50,19 +97,21 @@ type KVNamespaceStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// KVNamespace is the Schema for the KVNamespaces API. +// KVNamespace is the Schema for the KVNamespaces API. Provides the ability to manage Cloudflare Workers KV Namespace features. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type KVNamespace struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec KVNamespaceSpec `json:"spec"` - Status KVNamespaceStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.title) || (has(self.initProvider) && has(self.initProvider.title))",message="spec.forProvider.title is a required parameter" + Spec KVNamespaceSpec `json:"spec"` + Status KVNamespaceStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/worker/v1alpha1/zz_route_terraformed.go b/apis/worker/v1alpha1/zz_route_terraformed.go new file mode 100755 index 0000000..84e62ca --- /dev/null +++ b/apis/worker/v1alpha1/zz_route_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Route +func (mg *Route) GetTerraformResourceType() string { + return "cloudflare_worker_route" +} + +// GetConnectionDetailsMapping for this Route +func (tr *Route) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Route +func (tr *Route) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Route +func (tr *Route) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Route +func (tr *Route) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Route +func (tr *Route) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Route +func (tr *Route) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Route +func (tr *Route) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Route +func (tr *Route) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Route using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Route) LateInitialize(attrs []byte) (bool, error) { + params := &RouteParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Route) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/worker/v1alpha1/zz_route_types.go b/apis/worker/v1alpha1/zz_route_types.go index c2e21e6..b8c55b0 100755 --- a/apis/worker/v1alpha1/zz_route_types.go +++ b/apis/worker/v1alpha1/zz_route_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,16 +17,65 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type RouteInitParameters struct { + + // (String) The route pattern to associate the Worker with. + // The [route pattern](https://developers.cloudflare.com/workers/about/routes/) to associate the Worker with. + Pattern *string `json:"pattern,omitempty" tf:"pattern,omitempty"` + + // (String) Worker script name to invoke for requests that match the route pattern. + // Worker script name to invoke for requests that match the route pattern. + // +crossplane:generate:reference:type=Script + ScriptName *string `json:"scriptName,omitempty" tf:"script_name,omitempty"` + + // Reference to a Script to populate scriptName. + // +kubebuilder:validation:Optional + ScriptNameRef *v1.Reference `json:"scriptNameRef,omitempty" tf:"-"` + + // Selector for a Script to populate scriptName. + // +kubebuilder:validation:Optional + ScriptNameSelector *v1.Selector `json:"scriptNameSelector,omitempty" tf:"-"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone in zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type RouteObservation struct { + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The route pattern to associate the Worker with. + // The [route pattern](https://developers.cloudflare.com/workers/about/routes/) to associate the Worker with. + Pattern *string `json:"pattern,omitempty" tf:"pattern,omitempty"` + + // (String) Worker script name to invoke for requests that match the route pattern. + // Worker script name to invoke for requests that match the route pattern. + ScriptName *string `json:"scriptName,omitempty" tf:"script_name,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type RouteParameters struct { + // (String) The route pattern to associate the Worker with. // The [route pattern](https://developers.cloudflare.com/workers/about/routes/) to associate the Worker with. - // +kubebuilder:validation:Required - Pattern *string `json:"pattern" tf:"pattern,omitempty"` + // +kubebuilder:validation:Optional + Pattern *string `json:"pattern,omitempty" tf:"pattern,omitempty"` + // (String) Worker script name to invoke for requests that match the route pattern. // Worker script name to invoke for requests that match the route pattern. // +crossplane:generate:reference:type=Script // +kubebuilder:validation:Optional @@ -36,6 +89,7 @@ type RouteParameters struct { // +kubebuilder:validation:Optional ScriptNameSelector *v1.Selector `json:"scriptNameSelector,omitempty" tf:"-"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1.Zone // +kubebuilder:validation:Optional @@ -54,6 +108,17 @@ type RouteParameters struct { type RouteSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RouteParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RouteInitParameters `json:"initProvider,omitempty"` } // RouteStatus defines the observed state of Route. @@ -63,19 +128,21 @@ type RouteStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Route is the Schema for the Routes API. +// Route is the Schema for the Routes API. Provides a Cloudflare worker route resource. A route will also require a cloudflare_worker_script. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Route struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RouteSpec `json:"spec"` - Status RouteStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.pattern) || (has(self.initProvider) && has(self.initProvider.pattern))",message="spec.forProvider.pattern is a required parameter" + Spec RouteSpec `json:"spec"` + Status RouteStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/worker/v1alpha1/zz_script_terraformed.go b/apis/worker/v1alpha1/zz_script_terraformed.go new file mode 100755 index 0000000..e9c6c71 --- /dev/null +++ b/apis/worker/v1alpha1/zz_script_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Script +func (mg *Script) GetTerraformResourceType() string { + return "cloudflare_worker_script" +} + +// GetConnectionDetailsMapping for this Script +func (tr *Script) GetConnectionDetailsMapping() map[string]string { + return map[string]string{"secret_text_binding[*].text": "spec.forProvider.secretTextBinding[*].textSecretRef"} +} + +// GetObservation of this Script +func (tr *Script) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Script +func (tr *Script) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Script +func (tr *Script) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Script +func (tr *Script) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Script +func (tr *Script) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Script +func (tr *Script) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Script +func (tr *Script) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Script using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Script) LateInitialize(attrs []byte) (bool, error) { + params := &ScriptParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Script) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/worker/v1alpha1/zz_script_types.go b/apis/worker/v1alpha1/zz_script_types.go index 638e9f5..c4cffea 100755 --- a/apis/worker/v1alpha1/zz_script_types.go +++ b/apis/worker/v1alpha1/zz_script_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,29 +17,80 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type AnalyticsEngineBindingInitParameters struct { + + // (String) The name of the Analytics Engine dataset to write to. + // The name of the Analytics Engine dataset to write to. + Dataset *string `json:"dataset,omitempty" tf:"dataset,omitempty"` + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type AnalyticsEngineBindingObservation struct { + + // (String) The name of the Analytics Engine dataset to write to. + // The name of the Analytics Engine dataset to write to. + Dataset *string `json:"dataset,omitempty" tf:"dataset,omitempty"` + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type AnalyticsEngineBindingParameters struct { + // (String) The name of the Analytics Engine dataset to write to. // The name of the Analytics Engine dataset to write to. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Dataset *string `json:"dataset" tf:"dataset,omitempty"` + // (String) The name for the script. Modifying this attribute will force creation of a new resource. // The global variable for the binding in your Worker code. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` } +type KvNamespaceBindingInitParameters struct { + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) ID of the KV namespace you want to use. + // ID of the KV namespace you want to use. + // +crossplane:generate:reference:type=KVNamespace + NamespaceID *string `json:"namespaceId,omitempty" tf:"namespace_id,omitempty"` + + // Reference to a KVNamespace to populate namespaceId. + // +kubebuilder:validation:Optional + NamespaceIDRef *v1.Reference `json:"namespaceIdRef,omitempty" tf:"-"` + + // Selector for a KVNamespace to populate namespaceId. + // +kubebuilder:validation:Optional + NamespaceIDSelector *v1.Selector `json:"namespaceIdSelector,omitempty" tf:"-"` +} + type KvNamespaceBindingObservation struct { + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) ID of the KV namespace you want to use. + // ID of the KV namespace you want to use. + NamespaceID *string `json:"namespaceId,omitempty" tf:"namespace_id,omitempty"` } type KvNamespaceBindingParameters struct { + // (String) The name for the script. Modifying this attribute will force creation of a new resource. // The global variable for the binding in your Worker code. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` + // (String) ID of the KV namespace you want to use. // ID of the KV namespace you want to use. // +crossplane:generate:reference:type=KVNamespace // +kubebuilder:validation:Optional @@ -50,121 +105,317 @@ type KvNamespaceBindingParameters struct { NamespaceIDSelector *v1.Selector `json:"namespaceIdSelector,omitempty" tf:"-"` } +type PlainTextBindingInitParameters struct { + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The plain text you want to store. + // The plain text you want to store. + Text *string `json:"text,omitempty" tf:"text,omitempty"` +} + type PlainTextBindingObservation struct { + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The plain text you want to store. + // The plain text you want to store. + Text *string `json:"text,omitempty" tf:"text,omitempty"` } type PlainTextBindingParameters struct { + // (String) The name for the script. Modifying this attribute will force creation of a new resource. // The global variable for the binding in your Worker code. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` + // (String) The plain text you want to store. // The plain text you want to store. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Text *string `json:"text" tf:"text,omitempty"` } +type R2BucketBindingInitParameters struct { + + // (String) The name of the Bucket to bind to. + // The name of the Bucket to bind to. + BucketName *string `json:"bucketName,omitempty" tf:"bucket_name,omitempty"` + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type R2BucketBindingObservation struct { + + // (String) The name of the Bucket to bind to. + // The name of the Bucket to bind to. + BucketName *string `json:"bucketName,omitempty" tf:"bucket_name,omitempty"` + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type R2BucketBindingParameters struct { + // (String) The name of the Bucket to bind to. // The name of the Bucket to bind to. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional BucketName *string `json:"bucketName" tf:"bucket_name,omitempty"` + // (String) The name for the script. Modifying this attribute will force creation of a new resource. // The global variable for the binding in your Worker code. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` } +type ScriptInitParameters struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (Block Set) (see below for nested schema) + AnalyticsEngineBinding []AnalyticsEngineBindingInitParameters `json:"analyticsEngineBinding,omitempty" tf:"analytics_engine_binding,omitempty"` + + // (String) The script content. + // The script content. + Content *string `json:"content,omitempty" tf:"content,omitempty"` + + // (Block Set) (see below for nested schema) + KvNamespaceBinding []KvNamespaceBindingInitParameters `json:"kvNamespaceBinding,omitempty" tf:"kv_namespace_binding,omitempty"` + + // (Boolean) Whether to upload Worker as a module. + // Whether to upload Worker as a module. + Module *bool `json:"module,omitempty" tf:"module,omitempty"` + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The name for the script. **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Block Set) (see below for nested schema) + PlainTextBinding []PlainTextBindingInitParameters `json:"plainTextBinding,omitempty" tf:"plain_text_binding,omitempty"` + + // (Block Set) (see below for nested schema) + R2BucketBinding []R2BucketBindingInitParameters `json:"r2BucketBinding,omitempty" tf:"r2_bucket_binding,omitempty"` + + // (Block Set) (see below for nested schema) + SecretTextBinding []SecretTextBindingInitParameters `json:"secretTextBinding,omitempty" tf:"secret_text_binding,omitempty"` + + // (Block Set) (see below for nested schema) + ServiceBinding []ServiceBindingInitParameters `json:"serviceBinding,omitempty" tf:"service_binding,omitempty"` + + // (Block Set) (see below for nested schema) + WebassemblyBinding []WebassemblyBindingInitParameters `json:"webassemblyBinding,omitempty" tf:"webassembly_binding,omitempty"` +} + type ScriptObservation struct { + + // (String) The account identifier to target for the resource. + // The account identifier to target for the resource. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (Block Set) (see below for nested schema) + AnalyticsEngineBinding []AnalyticsEngineBindingObservation `json:"analyticsEngineBinding,omitempty" tf:"analytics_engine_binding,omitempty"` + + // (String) The script content. + // The script content. + Content *string `json:"content,omitempty" tf:"content,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Block Set) (see below for nested schema) + KvNamespaceBinding []KvNamespaceBindingObservation `json:"kvNamespaceBinding,omitempty" tf:"kv_namespace_binding,omitempty"` + + // (Boolean) Whether to upload Worker as a module. + // Whether to upload Worker as a module. + Module *bool `json:"module,omitempty" tf:"module,omitempty"` + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The name for the script. **Modifying this attribute will force creation of a new resource.** + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (Block Set) (see below for nested schema) + PlainTextBinding []PlainTextBindingObservation `json:"plainTextBinding,omitempty" tf:"plain_text_binding,omitempty"` + + // (Block Set) (see below for nested schema) + R2BucketBinding []R2BucketBindingObservation `json:"r2BucketBinding,omitempty" tf:"r2_bucket_binding,omitempty"` + + // (Block Set) (see below for nested schema) + SecretTextBinding []SecretTextBindingObservation `json:"secretTextBinding,omitempty" tf:"secret_text_binding,omitempty"` + + // (Block Set) (see below for nested schema) + ServiceBinding []ServiceBindingObservation `json:"serviceBinding,omitempty" tf:"service_binding,omitempty"` + + // (Block Set) (see below for nested schema) + WebassemblyBinding []WebassemblyBindingObservation `json:"webassemblyBinding,omitempty" tf:"webassembly_binding,omitempty"` } type ScriptParameters struct { + // (String) The account identifier to target for the resource. // The account identifier to target for the resource. // +kubebuilder:validation:Optional AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + // (Block Set) (see below for nested schema) // +kubebuilder:validation:Optional AnalyticsEngineBinding []AnalyticsEngineBindingParameters `json:"analyticsEngineBinding,omitempty" tf:"analytics_engine_binding,omitempty"` + // (String) The script content. // The script content. - // +kubebuilder:validation:Required - Content *string `json:"content" tf:"content,omitempty"` + // +kubebuilder:validation:Optional + Content *string `json:"content,omitempty" tf:"content,omitempty"` + // (Block Set) (see below for nested schema) // +kubebuilder:validation:Optional KvNamespaceBinding []KvNamespaceBindingParameters `json:"kvNamespaceBinding,omitempty" tf:"kv_namespace_binding,omitempty"` + // (Boolean) Whether to upload Worker as a module. // Whether to upload Worker as a module. // +kubebuilder:validation:Optional Module *bool `json:"module,omitempty" tf:"module,omitempty"` + // (String) The name for the script. Modifying this attribute will force creation of a new resource. // The name for the script. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (Block Set) (see below for nested schema) // +kubebuilder:validation:Optional PlainTextBinding []PlainTextBindingParameters `json:"plainTextBinding,omitempty" tf:"plain_text_binding,omitempty"` + // (Block Set) (see below for nested schema) // +kubebuilder:validation:Optional R2BucketBinding []R2BucketBindingParameters `json:"r2BucketBinding,omitempty" tf:"r2_bucket_binding,omitempty"` + // (Block Set) (see below for nested schema) // +kubebuilder:validation:Optional SecretTextBinding []SecretTextBindingParameters `json:"secretTextBinding,omitempty" tf:"secret_text_binding,omitempty"` + // (Block Set) (see below for nested schema) // +kubebuilder:validation:Optional ServiceBinding []ServiceBindingParameters `json:"serviceBinding,omitempty" tf:"service_binding,omitempty"` + // (Block Set) (see below for nested schema) // +kubebuilder:validation:Optional WebassemblyBinding []WebassemblyBindingParameters `json:"webassemblyBinding,omitempty" tf:"webassembly_binding,omitempty"` } +type SecretTextBindingInitParameters struct { + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type SecretTextBindingObservation struct { + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type SecretTextBindingParameters struct { + // (String) The name for the script. Modifying this attribute will force creation of a new resource. // The global variable for the binding in your Worker code. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` + // (String) The plain text you want to store. // The secret text you want to store. // +kubebuilder:validation:Required TextSecretRef v1.SecretKeySelector `json:"textSecretRef" tf:"-"` } +type ServiceBindingInitParameters struct { + + // (String) The name of the Worker environment to bind to. + // The name of the Worker environment to bind to. + Environment *string `json:"environment,omitempty" tf:"environment,omitempty"` + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The name of the Worker to bind to. + // The name of the Worker to bind to. + Service *string `json:"service,omitempty" tf:"service,omitempty"` +} + type ServiceBindingObservation struct { + + // (String) The name of the Worker environment to bind to. + // The name of the Worker environment to bind to. + Environment *string `json:"environment,omitempty" tf:"environment,omitempty"` + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The name of the Worker to bind to. + // The name of the Worker to bind to. + Service *string `json:"service,omitempty" tf:"service,omitempty"` } type ServiceBindingParameters struct { + // (String) The name of the Worker environment to bind to. // The name of the Worker environment to bind to. // +kubebuilder:validation:Optional Environment *string `json:"environment,omitempty" tf:"environment,omitempty"` + // (String) The name for the script. Modifying this attribute will force creation of a new resource. // The global variable for the binding in your Worker code. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` + // (String) The name of the Worker to bind to. // The name of the Worker to bind to. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Service *string `json:"service" tf:"service,omitempty"` } +type WebassemblyBindingInitParameters struct { + + // (Boolean) Whether to upload Worker as a module. + // The base64 encoded wasm module you want to store. + Module *string `json:"module,omitempty" tf:"module,omitempty"` + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` +} + type WebassemblyBindingObservation struct { + + // (Boolean) Whether to upload Worker as a module. + // The base64 encoded wasm module you want to store. + Module *string `json:"module,omitempty" tf:"module,omitempty"` + + // (String) The name for the script. Modifying this attribute will force creation of a new resource. + // The global variable for the binding in your Worker code. + Name *string `json:"name,omitempty" tf:"name,omitempty"` } type WebassemblyBindingParameters struct { + // (Boolean) Whether to upload Worker as a module. // The base64 encoded wasm module you want to store. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Module *string `json:"module" tf:"module,omitempty"` + // (String) The name for the script. Modifying this attribute will force creation of a new resource. // The global variable for the binding in your Worker code. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Name *string `json:"name" tf:"name,omitempty"` } @@ -172,6 +423,17 @@ type WebassemblyBindingParameters struct { type ScriptSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ScriptParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ScriptInitParameters `json:"initProvider,omitempty"` } // ScriptStatus defines the observed state of Script. @@ -181,19 +443,22 @@ type ScriptStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Script is the Schema for the Scripts API. +// Script is the Schema for the Scripts API. Provides a Cloudflare worker script resource. In order for a script to be active, you'll also need to setup a cloudflare_worker_route. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Script struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec ScriptSpec `json:"spec"` - Status ScriptStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.content) || (has(self.initProvider) && has(self.initProvider.content))",message="spec.forProvider.content is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + Spec ScriptSpec `json:"spec"` + Status ScriptStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/zone/v1alpha1/zz_dnssec_terraformed.go b/apis/zone/v1alpha1/zz_dnssec_terraformed.go new file mode 100755 index 0000000..7e3ccbb --- /dev/null +++ b/apis/zone/v1alpha1/zz_dnssec_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this DNSSEC +func (mg *DNSSEC) GetTerraformResourceType() string { + return "cloudflare_zone_dnssec" +} + +// GetConnectionDetailsMapping for this DNSSEC +func (tr *DNSSEC) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this DNSSEC +func (tr *DNSSEC) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this DNSSEC +func (tr *DNSSEC) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this DNSSEC +func (tr *DNSSEC) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this DNSSEC +func (tr *DNSSEC) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this DNSSEC +func (tr *DNSSEC) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this DNSSEC +func (tr *DNSSEC) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this DNSSEC +func (tr *DNSSEC) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this DNSSEC using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *DNSSEC) LateInitialize(attrs []byte) (bool, error) { + params := &DNSSECParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *DNSSEC) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/zone/v1alpha1/zz_dnssec_types.go b/apis/zone/v1alpha1/zz_dnssec_types.go index 607b36d..87effa6 100755 --- a/apis/zone/v1alpha1/zz_dnssec_types.go +++ b/apis/zone/v1alpha1/zz_dnssec_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,47 +17,88 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type DNSSECInitParameters struct { + + // (String) Zone DNSSEC updated time. + // Zone DNSSEC updated time. + ModifiedOn *string `json:"modifiedOn,omitempty" tf:"modified_on,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type DNSSECObservation struct { + // (String) Zone DNSSEC algorithm. // Zone DNSSEC algorithm. Algorithm *string `json:"algorithm,omitempty" tf:"algorithm,omitempty"` + // (String) Zone DNSSEC digest. // Zone DNSSEC digest. Digest *string `json:"digest,omitempty" tf:"digest,omitempty"` + // (String) Digest algorithm use for Zone DNSSEC. // Digest algorithm use for Zone DNSSEC. DigestAlgorithm *string `json:"digestAlgorithm,omitempty" tf:"digest_algorithm,omitempty"` + // (String) Digest Type for Zone DNSSEC. // Digest Type for Zone DNSSEC. DigestType *string `json:"digestType,omitempty" tf:"digest_type,omitempty"` + // (String) DS for the Zone DNSSEC. // DS for the Zone DNSSEC. Ds *string `json:"ds,omitempty" tf:"ds,omitempty"` + // (Number) Zone DNSSEC flags. // Zone DNSSEC flags. Flags *float64 `json:"flags,omitempty" tf:"flags,omitempty"` + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (Number) Key Tag for the Zone DNSSEC. // Key Tag for the Zone DNSSEC. KeyTag *float64 `json:"keyTag,omitempty" tf:"key_tag,omitempty"` + // (String) Key type used for Zone DNSSEC. // Key type used for Zone DNSSEC. KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"` + // (String) Zone DNSSEC updated time. + // Zone DNSSEC updated time. + ModifiedOn *string `json:"modifiedOn,omitempty" tf:"modified_on,omitempty"` + + // (String) Public Key for the Zone DNSSEC. // Public Key for the Zone DNSSEC. PublicKey *string `json:"publicKey,omitempty" tf:"public_key,omitempty"` + // (String) The status of the Zone DNSSEC. // The status of the Zone DNSSEC. Status *string `json:"status,omitempty" tf:"status,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type DNSSECParameters struct { + // (String) Zone DNSSEC updated time. // Zone DNSSEC updated time. // +kubebuilder:validation:Optional ModifiedOn *string `json:"modifiedOn,omitempty" tf:"modified_on,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=Zone // +kubebuilder:validation:Optional @@ -72,6 +117,17 @@ type DNSSECParameters struct { type DNSSECSpec struct { v1.ResourceSpec `json:",inline"` ForProvider DNSSECParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider DNSSECInitParameters `json:"initProvider,omitempty"` } // DNSSECStatus defines the observed state of DNSSEC. @@ -81,13 +137,14 @@ type DNSSECStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// DNSSEC is the Schema for the DNSSECs API. +// DNSSEC is the Schema for the DNSSECs API. Provides a Cloudflare resource to create and modify zone DNSSEC settings. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type DNSSEC struct { metav1.TypeMeta `json:",inline"` diff --git a/apis/zone/v1alpha1/zz_generated.conversion_hubs.go b/apis/zone/v1alpha1/zz_generated.conversion_hubs.go new file mode 100755 index 0000000..de94b57 --- /dev/null +++ b/apis/zone/v1alpha1/zz_generated.conversion_hubs.go @@ -0,0 +1,44 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +// Hub marks this type as a conversion hub. +func (tr *Healthcheck) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *LogpullRetention) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *ManagedHeaders) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *RateLimit) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *TieredCache) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *TotalTLS) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *URLNormalizationSettings) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *UserAgentBlockingRule) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *Zone) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *DNSSEC) Hub() {} + +// Hub marks this type as a conversion hub. +func (tr *SettingsOverride) Hub() {} diff --git a/apis/zone/v1alpha1/zz_generated.deepcopy.go b/apis/zone/v1alpha1/zz_generated.deepcopy.go index c514500..d350b3f 100644 --- a/apis/zone/v1alpha1/zz_generated.deepcopy.go +++ b/apis/zone/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2022 Upbound Inc. @@ -14,9 +13,58 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActionInitParameters) DeepCopyInto(out *ActionInitParameters) { + *out = *in + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.Response != nil { + in, out := &in.Response, &out.Response + *out = make([]ResponseInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Timeout != nil { + in, out := &in.Timeout, &out.Timeout + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionInitParameters. +func (in *ActionInitParameters) DeepCopy() *ActionInitParameters { + if in == nil { + return nil + } + out := new(ActionInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ActionObservation) DeepCopyInto(out *ActionObservation) { *out = *in + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.Response != nil { + in, out := &in.Response, &out.Response + *out = make([]ResponseObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Timeout != nil { + in, out := &in.Timeout, &out.Timeout + *out = new(float64) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActionObservation. @@ -61,9 +109,44 @@ func (in *ActionParameters) DeepCopy() *ActionParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConfigurationInitParameters) DeepCopyInto(out *ConfigurationInitParameters) { + *out = *in + if in.Target != nil { + in, out := &in.Target, &out.Target + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationInitParameters. +func (in *ConfigurationInitParameters) DeepCopy() *ConfigurationInitParameters { + if in == nil { + return nil + } + out := new(ConfigurationInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ConfigurationObservation) DeepCopyInto(out *ConfigurationObservation) { *out = *in + if in.Target != nil { + in, out := &in.Target, &out.Target + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationObservation. @@ -101,9 +184,34 @@ func (in *ConfigurationParameters) DeepCopy() *ConfigurationParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CorrelateInitParameters) DeepCopyInto(out *CorrelateInitParameters) { + *out = *in + if in.By != nil { + in, out := &in.By, &out.By + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CorrelateInitParameters. +func (in *CorrelateInitParameters) DeepCopy() *CorrelateInitParameters { + if in == nil { + return nil + } + out := new(CorrelateInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CorrelateObservation) DeepCopyInto(out *CorrelateObservation) { *out = *in + if in.By != nil { + in, out := &in.By, &out.By + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CorrelateObservation. @@ -163,6 +271,41 @@ func (in *DNSSEC) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DNSSECInitParameters) DeepCopyInto(out *DNSSECInitParameters) { + *out = *in + if in.ModifiedOn != nil { + in, out := &in.ModifiedOn, &out.ModifiedOn + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSSECInitParameters. +func (in *DNSSECInitParameters) DeepCopy() *DNSSECInitParameters { + if in == nil { + return nil + } + out := new(DNSSECInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DNSSECList) DeepCopyInto(out *DNSSECList) { *out = *in @@ -243,6 +386,11 @@ func (in *DNSSECObservation) DeepCopyInto(out *DNSSECObservation) { *out = new(string) **out = **in } + if in.ModifiedOn != nil { + in, out := &in.ModifiedOn, &out.ModifiedOn + *out = new(string) + **out = **in + } if in.PublicKey != nil { in, out := &in.PublicKey, &out.PublicKey *out = new(string) @@ -253,6 +401,11 @@ func (in *DNSSECObservation) DeepCopyInto(out *DNSSECObservation) { *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSSECObservation. @@ -305,6 +458,7 @@ func (in *DNSSECSpec) DeepCopyInto(out *DNSSECSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSSECSpec. @@ -334,9 +488,56 @@ func (in *DNSSECStatus) DeepCopy() *DNSSECStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HeaderInitParameters) DeepCopyInto(out *HeaderInitParameters) { + *out = *in + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = new(string) + **out = **in + } + if in.Values != nil { + in, out := &in.Values, &out.Values + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeaderInitParameters. +func (in *HeaderInitParameters) DeepCopy() *HeaderInitParameters { + if in == nil { + return nil + } + out := new(HeaderInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HeaderObservation) DeepCopyInto(out *HeaderObservation) { *out = *in + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = new(string) + **out = **in + } + if in.Values != nil { + in, out := &in.Values, &out.Values + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeaderObservation. @@ -408,69 +609,7 @@ func (in *Healthcheck) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HealthcheckList) DeepCopyInto(out *HealthcheckList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Healthcheck, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthcheckList. -func (in *HealthcheckList) DeepCopy() *HealthcheckList { - if in == nil { - return nil - } - out := new(HealthcheckList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *HealthcheckList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HealthcheckObservation) DeepCopyInto(out *HealthcheckObservation) { - *out = *in - if in.CreatedOn != nil { - in, out := &in.CreatedOn, &out.CreatedOn - *out = new(string) - **out = **in - } - if in.ID != nil { - in, out := &in.ID, &out.ID - *out = new(string) - **out = **in - } - if in.ModifiedOn != nil { - in, out := &in.ModifiedOn, &out.ModifiedOn - *out = new(string) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthcheckObservation. -func (in *HealthcheckObservation) DeepCopy() *HealthcheckObservation { - if in == nil { - return nil - } - out := new(HealthcheckObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HealthcheckParameters) DeepCopyInto(out *HealthcheckParameters) { +func (in *HealthcheckInitParameters) DeepCopyInto(out *HealthcheckInitParameters) { *out = *in if in.Address != nil { in, out := &in.Address, &out.Address @@ -531,7 +670,7 @@ func (in *HealthcheckParameters) DeepCopyInto(out *HealthcheckParameters) { } if in.Header != nil { in, out := &in.Header, &out.Header - *out = make([]HeaderParameters, len(*in)) + *out = make([]HeaderInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -598,100 +737,99 @@ func (in *HealthcheckParameters) DeepCopyInto(out *HealthcheckParameters) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthcheckParameters. -func (in *HealthcheckParameters) DeepCopy() *HealthcheckParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthcheckInitParameters. +func (in *HealthcheckInitParameters) DeepCopy() *HealthcheckInitParameters { if in == nil { return nil } - out := new(HealthcheckParameters) + out := new(HealthcheckInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HealthcheckSpec) DeepCopyInto(out *HealthcheckSpec) { +func (in *HealthcheckList) DeepCopyInto(out *HealthcheckList) { *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthcheckSpec. -func (in *HealthcheckSpec) DeepCopy() *HealthcheckSpec { - if in == nil { - return nil + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Healthcheck, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - out := new(HealthcheckSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HealthcheckStatus) DeepCopyInto(out *HealthcheckStatus) { - *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthcheckStatus. -func (in *HealthcheckStatus) DeepCopy() *HealthcheckStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthcheckList. +func (in *HealthcheckList) DeepCopy() *HealthcheckList { if in == nil { return nil } - out := new(HealthcheckStatus) + out := new(HealthcheckList) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *HealthcheckList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InitialSettingsObservation) DeepCopyInto(out *InitialSettingsObservation) { +func (in *HealthcheckObservation) DeepCopyInto(out *HealthcheckObservation) { *out = *in - if in.AlwaysOnline != nil { - in, out := &in.AlwaysOnline, &out.AlwaysOnline - *out = new(string) - **out = **in - } - if in.AlwaysUseHTTPS != nil { - in, out := &in.AlwaysUseHTTPS, &out.AlwaysUseHTTPS + if in.Address != nil { + in, out := &in.Address, &out.Address *out = new(string) **out = **in } - if in.AutomaticHTTPSRewrites != nil { - in, out := &in.AutomaticHTTPSRewrites, &out.AutomaticHTTPSRewrites - *out = new(string) + if in.AllowInsecure != nil { + in, out := &in.AllowInsecure, &out.AllowInsecure + *out = new(bool) **out = **in } - if in.BinaryAst != nil { - in, out := &in.BinaryAst, &out.BinaryAst - *out = new(string) - **out = **in + if in.CheckRegions != nil { + in, out := &in.CheckRegions, &out.CheckRegions + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } - if in.Brotli != nil { - in, out := &in.Brotli, &out.Brotli - *out = new(string) + if in.ConsecutiveFails != nil { + in, out := &in.ConsecutiveFails, &out.ConsecutiveFails + *out = new(float64) **out = **in } - if in.BrowserCacheTTL != nil { - in, out := &in.BrowserCacheTTL, &out.BrowserCacheTTL + if in.ConsecutiveSuccesses != nil { + in, out := &in.ConsecutiveSuccesses, &out.ConsecutiveSuccesses *out = new(float64) **out = **in } - if in.BrowserCheck != nil { - in, out := &in.BrowserCheck, &out.BrowserCheck + if in.CreatedOn != nil { + in, out := &in.CreatedOn, &out.CreatedOn *out = new(string) **out = **in } - if in.CacheLevel != nil { - in, out := &in.CacheLevel, &out.CacheLevel + if in.Description != nil { + in, out := &in.Description, &out.Description *out = new(string) **out = **in } - if in.ChallengeTTL != nil { - in, out := &in.ChallengeTTL, &out.ChallengeTTL - *out = new(float64) + if in.ExpectedBody != nil { + in, out := &in.ExpectedBody, &out.ExpectedBody + *out = new(string) **out = **in } - if in.Ciphers != nil { - in, out := &in.Ciphers, &out.Ciphers + if in.ExpectedCodes != nil { + in, out := &in.ExpectedCodes, &out.ExpectedCodes *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -701,762 +839,2497 @@ func (in *InitialSettingsObservation) DeepCopyInto(out *InitialSettingsObservati } } } - if in.CnameFlattening != nil { - in, out := &in.CnameFlattening, &out.CnameFlattening - *out = new(string) + if in.FollowRedirects != nil { + in, out := &in.FollowRedirects, &out.FollowRedirects + *out = new(bool) **out = **in } - if in.DevelopmentMode != nil { - in, out := &in.DevelopmentMode, &out.DevelopmentMode + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = make([]HeaderObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ID != nil { + in, out := &in.ID, &out.ID *out = new(string) **out = **in } - if in.EarlyHints != nil { - in, out := &in.EarlyHints, &out.EarlyHints - *out = new(string) + if in.Interval != nil { + in, out := &in.Interval, &out.Interval + *out = new(float64) **out = **in } - if in.EmailObfuscation != nil { - in, out := &in.EmailObfuscation, &out.EmailObfuscation + if in.Method != nil { + in, out := &in.Method, &out.Method *out = new(string) **out = **in } - if in.FilterLogsToCloudflare != nil { - in, out := &in.FilterLogsToCloudflare, &out.FilterLogsToCloudflare + if in.ModifiedOn != nil { + in, out := &in.ModifiedOn, &out.ModifiedOn *out = new(string) **out = **in } - if in.H2Prioritization != nil { - in, out := &in.H2Prioritization, &out.H2Prioritization + if in.Name != nil { + in, out := &in.Name, &out.Name *out = new(string) **out = **in } - if in.HotlinkProtection != nil { - in, out := &in.HotlinkProtection, &out.HotlinkProtection + if in.Path != nil { + in, out := &in.Path, &out.Path *out = new(string) **out = **in } - if in.Http2 != nil { - in, out := &in.Http2, &out.Http2 - *out = new(string) + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(float64) **out = **in } - if in.Http3 != nil { - in, out := &in.Http3, &out.Http3 - *out = new(string) + if in.Retries != nil { + in, out := &in.Retries, &out.Retries + *out = new(float64) **out = **in } - if in.IPGeolocation != nil { - in, out := &in.IPGeolocation, &out.IPGeolocation - *out = new(string) + if in.Suspended != nil { + in, out := &in.Suspended, &out.Suspended + *out = new(bool) **out = **in } - if in.IPv6 != nil { - in, out := &in.IPv6, &out.IPv6 + if in.Timeout != nil { + in, out := &in.Timeout, &out.Timeout + *out = new(float64) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type *out = new(string) **out = **in } - if in.ImageResizing != nil { - in, out := &in.ImageResizing, &out.ImageResizing + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID *out = new(string) **out = **in } - if in.LogToCloudflare != nil { - in, out := &in.LogToCloudflare, &out.LogToCloudflare +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthcheckObservation. +func (in *HealthcheckObservation) DeepCopy() *HealthcheckObservation { + if in == nil { + return nil + } + out := new(HealthcheckObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HealthcheckParameters) DeepCopyInto(out *HealthcheckParameters) { + *out = *in + if in.Address != nil { + in, out := &in.Address, &out.Address *out = new(string) **out = **in } - if in.MaxUpload != nil { - in, out := &in.MaxUpload, &out.MaxUpload + if in.AllowInsecure != nil { + in, out := &in.AllowInsecure, &out.AllowInsecure + *out = new(bool) + **out = **in + } + if in.CheckRegions != nil { + in, out := &in.CheckRegions, &out.CheckRegions + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ConsecutiveFails != nil { + in, out := &in.ConsecutiveFails, &out.ConsecutiveFails *out = new(float64) **out = **in } - if in.MinTLSVersion != nil { - in, out := &in.MinTLSVersion, &out.MinTLSVersion + if in.ConsecutiveSuccesses != nil { + in, out := &in.ConsecutiveSuccesses, &out.ConsecutiveSuccesses + *out = new(float64) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description *out = new(string) **out = **in } - if in.Minify != nil { - in, out := &in.Minify, &out.Minify - *out = make([]MinifyObservation, len(*in)) + if in.ExpectedBody != nil { + in, out := &in.ExpectedBody, &out.ExpectedBody + *out = new(string) + **out = **in + } + if in.ExpectedCodes != nil { + in, out := &in.ExpectedCodes, &out.ExpectedCodes + *out = make([]*string, len(*in)) for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } } } - if in.Mirage != nil { - in, out := &in.Mirage, &out.Mirage - *out = new(string) + if in.FollowRedirects != nil { + in, out := &in.FollowRedirects, &out.FollowRedirects + *out = new(bool) **out = **in } - if in.MobileRedirect != nil { - in, out := &in.MobileRedirect, &out.MobileRedirect - *out = make([]MobileRedirectObservation, len(*in)) + if in.Header != nil { + in, out := &in.Header, &out.Header + *out = make([]HeaderParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.OpportunisticEncryption != nil { - in, out := &in.OpportunisticEncryption, &out.OpportunisticEncryption - *out = new(string) + if in.Interval != nil { + in, out := &in.Interval, &out.Interval + *out = new(float64) **out = **in } - if in.OpportunisticOnion != nil { - in, out := &in.OpportunisticOnion, &out.OpportunisticOnion + if in.Method != nil { + in, out := &in.Method, &out.Method *out = new(string) **out = **in } - if in.OrangeToOrange != nil { - in, out := &in.OrangeToOrange, &out.OrangeToOrange + if in.Name != nil { + in, out := &in.Name, &out.Name *out = new(string) **out = **in } - if in.OriginErrorPagePassThru != nil { - in, out := &in.OriginErrorPagePassThru, &out.OriginErrorPagePassThru + if in.Path != nil { + in, out := &in.Path, &out.Path *out = new(string) **out = **in } - if in.OriginMaxHTTPVersion != nil { - in, out := &in.OriginMaxHTTPVersion, &out.OriginMaxHTTPVersion - *out = new(string) - **out = **in - } - if in.Polish != nil { - in, out := &in.Polish, &out.Polish - *out = new(string) - **out = **in - } - if in.PrefetchPreload != nil { - in, out := &in.PrefetchPreload, &out.PrefetchPreload - *out = new(string) - **out = **in - } - if in.PrivacyPass != nil { - in, out := &in.PrivacyPass, &out.PrivacyPass - *out = new(string) - **out = **in - } - if in.ProxyReadTimeout != nil { - in, out := &in.ProxyReadTimeout, &out.ProxyReadTimeout - *out = new(string) - **out = **in - } - if in.PseudoIPv4 != nil { - in, out := &in.PseudoIPv4, &out.PseudoIPv4 - *out = new(string) - **out = **in - } - if in.ResponseBuffering != nil { - in, out := &in.ResponseBuffering, &out.ResponseBuffering - *out = new(string) - **out = **in - } - if in.RocketLoader != nil { - in, out := &in.RocketLoader, &out.RocketLoader - *out = new(string) - **out = **in - } - if in.SSL != nil { - in, out := &in.SSL, &out.SSL - *out = new(string) - **out = **in - } - if in.SecurityHeader != nil { - in, out := &in.SecurityHeader, &out.SecurityHeader - *out = make([]SecurityHeaderObservation, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.SecurityLevel != nil { - in, out := &in.SecurityLevel, &out.SecurityLevel - *out = new(string) - **out = **in - } - if in.ServerSideExclude != nil { - in, out := &in.ServerSideExclude, &out.ServerSideExclude - *out = new(string) - **out = **in - } - if in.SortQueryStringForCache != nil { - in, out := &in.SortQueryStringForCache, &out.SortQueryStringForCache - *out = new(string) - **out = **in - } - if in.TLS12Only != nil { - in, out := &in.TLS12Only, &out.TLS12Only - *out = new(string) - **out = **in - } - if in.TLS13 != nil { - in, out := &in.TLS13, &out.TLS13 - *out = new(string) - **out = **in - } - if in.TLSClientAuth != nil { - in, out := &in.TLSClientAuth, &out.TLSClientAuth - *out = new(string) + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(float64) **out = **in } - if in.TrueClientIPHeader != nil { - in, out := &in.TrueClientIPHeader, &out.TrueClientIPHeader - *out = new(string) + if in.Retries != nil { + in, out := &in.Retries, &out.Retries + *out = new(float64) **out = **in } - if in.UniversalSSL != nil { - in, out := &in.UniversalSSL, &out.UniversalSSL - *out = new(string) + if in.Suspended != nil { + in, out := &in.Suspended, &out.Suspended + *out = new(bool) **out = **in } - if in.VisitorIP != nil { - in, out := &in.VisitorIP, &out.VisitorIP - *out = new(string) + if in.Timeout != nil { + in, out := &in.Timeout, &out.Timeout + *out = new(float64) **out = **in } - if in.Waf != nil { - in, out := &in.Waf, &out.Waf + if in.Type != nil { + in, out := &in.Type, &out.Type *out = new(string) **out = **in } - if in.Webp != nil { - in, out := &in.Webp, &out.Webp + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID *out = new(string) **out = **in } - if in.Websockets != nil { - in, out := &in.Websockets, &out.Websockets - *out = new(string) - **out = **in + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) } - if in.ZeroRtt != nil { - in, out := &in.ZeroRtt, &out.ZeroRtt - *out = new(string) - **out = **in + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InitialSettingsObservation. -func (in *InitialSettingsObservation) DeepCopy() *InitialSettingsObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthcheckParameters. +func (in *HealthcheckParameters) DeepCopy() *HealthcheckParameters { if in == nil { return nil } - out := new(InitialSettingsObservation) + out := new(HealthcheckParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InitialSettingsParameters) DeepCopyInto(out *InitialSettingsParameters) { +func (in *HealthcheckSpec) DeepCopyInto(out *HealthcheckSpec) { *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InitialSettingsParameters. -func (in *InitialSettingsParameters) DeepCopy() *InitialSettingsParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthcheckSpec. +func (in *HealthcheckSpec) DeepCopy() *HealthcheckSpec { if in == nil { return nil } - out := new(InitialSettingsParameters) + out := new(HealthcheckSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LogpullRetention) DeepCopyInto(out *LogpullRetention) { +func (in *HealthcheckStatus) DeepCopyInto(out *HealthcheckStatus) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetention. -func (in *LogpullRetention) DeepCopy() *LogpullRetention { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthcheckStatus. +func (in *HealthcheckStatus) DeepCopy() *HealthcheckStatus { if in == nil { return nil } - out := new(LogpullRetention) + out := new(HealthcheckStatus) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *LogpullRetention) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LogpullRetentionList) DeepCopyInto(out *LogpullRetentionList) { +func (in *InitialSettingsInitParameters) DeepCopyInto(out *InitialSettingsInitParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]LogpullRetention, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetentionList. -func (in *LogpullRetentionList) DeepCopy() *LogpullRetentionList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InitialSettingsInitParameters. +func (in *InitialSettingsInitParameters) DeepCopy() *InitialSettingsInitParameters { if in == nil { return nil } - out := new(LogpullRetentionList) + out := new(InitialSettingsInitParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *LogpullRetentionList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LogpullRetentionObservation) DeepCopyInto(out *LogpullRetentionObservation) { +func (in *InitialSettingsObservation) DeepCopyInto(out *InitialSettingsObservation) { *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID + if in.AlwaysOnline != nil { + in, out := &in.AlwaysOnline, &out.AlwaysOnline *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetentionObservation. -func (in *LogpullRetentionObservation) DeepCopy() *LogpullRetentionObservation { - if in == nil { - return nil + if in.AlwaysUseHTTPS != nil { + in, out := &in.AlwaysUseHTTPS, &out.AlwaysUseHTTPS + *out = new(string) + **out = **in } - out := new(LogpullRetentionObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LogpullRetentionParameters) DeepCopyInto(out *LogpullRetentionParameters) { - *out = *in - if in.Enabled != nil { - in, out := &in.Enabled, &out.Enabled - *out = new(bool) + if in.AutomaticHTTPSRewrites != nil { + in, out := &in.AutomaticHTTPSRewrites, &out.AutomaticHTTPSRewrites + *out = new(string) **out = **in } - if in.ZoneID != nil { - in, out := &in.ZoneID, &out.ZoneID + if in.BinaryAst != nil { + in, out := &in.BinaryAst, &out.BinaryAst *out = new(string) **out = **in } - if in.ZoneIDRef != nil { - in, out := &in.ZoneIDRef, &out.ZoneIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) + if in.Brotli != nil { + in, out := &in.Brotli, &out.Brotli + *out = new(string) + **out = **in } - if in.ZoneIDSelector != nil { - in, out := &in.ZoneIDSelector, &out.ZoneIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) + if in.BrowserCacheTTL != nil { + in, out := &in.BrowserCacheTTL, &out.BrowserCacheTTL + *out = new(float64) + **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetentionParameters. -func (in *LogpullRetentionParameters) DeepCopy() *LogpullRetentionParameters { - if in == nil { - return nil + if in.BrowserCheck != nil { + in, out := &in.BrowserCheck, &out.BrowserCheck + *out = new(string) + **out = **in } - out := new(LogpullRetentionParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LogpullRetentionSpec) DeepCopyInto(out *LogpullRetentionSpec) { - *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetentionSpec. + if in.CacheLevel != nil { + in, out := &in.CacheLevel, &out.CacheLevel + *out = new(string) + **out = **in + } + if in.ChallengeTTL != nil { + in, out := &in.ChallengeTTL, &out.ChallengeTTL + *out = new(float64) + **out = **in + } + if in.Ciphers != nil { + in, out := &in.Ciphers, &out.Ciphers + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.CnameFlattening != nil { + in, out := &in.CnameFlattening, &out.CnameFlattening + *out = new(string) + **out = **in + } + if in.DevelopmentMode != nil { + in, out := &in.DevelopmentMode, &out.DevelopmentMode + *out = new(string) + **out = **in + } + if in.EarlyHints != nil { + in, out := &in.EarlyHints, &out.EarlyHints + *out = new(string) + **out = **in + } + if in.EmailObfuscation != nil { + in, out := &in.EmailObfuscation, &out.EmailObfuscation + *out = new(string) + **out = **in + } + if in.FilterLogsToCloudflare != nil { + in, out := &in.FilterLogsToCloudflare, &out.FilterLogsToCloudflare + *out = new(string) + **out = **in + } + if in.H2Prioritization != nil { + in, out := &in.H2Prioritization, &out.H2Prioritization + *out = new(string) + **out = **in + } + if in.HotlinkProtection != nil { + in, out := &in.HotlinkProtection, &out.HotlinkProtection + *out = new(string) + **out = **in + } + if in.Http2 != nil { + in, out := &in.Http2, &out.Http2 + *out = new(string) + **out = **in + } + if in.Http3 != nil { + in, out := &in.Http3, &out.Http3 + *out = new(string) + **out = **in + } + if in.IPGeolocation != nil { + in, out := &in.IPGeolocation, &out.IPGeolocation + *out = new(string) + **out = **in + } + if in.IPv6 != nil { + in, out := &in.IPv6, &out.IPv6 + *out = new(string) + **out = **in + } + if in.ImageResizing != nil { + in, out := &in.ImageResizing, &out.ImageResizing + *out = new(string) + **out = **in + } + if in.LogToCloudflare != nil { + in, out := &in.LogToCloudflare, &out.LogToCloudflare + *out = new(string) + **out = **in + } + if in.MaxUpload != nil { + in, out := &in.MaxUpload, &out.MaxUpload + *out = new(float64) + **out = **in + } + if in.MinTLSVersion != nil { + in, out := &in.MinTLSVersion, &out.MinTLSVersion + *out = new(string) + **out = **in + } + if in.Minify != nil { + in, out := &in.Minify, &out.Minify + *out = make([]MinifyObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Mirage != nil { + in, out := &in.Mirage, &out.Mirage + *out = new(string) + **out = **in + } + if in.MobileRedirect != nil { + in, out := &in.MobileRedirect, &out.MobileRedirect + *out = make([]MobileRedirectObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.OpportunisticEncryption != nil { + in, out := &in.OpportunisticEncryption, &out.OpportunisticEncryption + *out = new(string) + **out = **in + } + if in.OpportunisticOnion != nil { + in, out := &in.OpportunisticOnion, &out.OpportunisticOnion + *out = new(string) + **out = **in + } + if in.OrangeToOrange != nil { + in, out := &in.OrangeToOrange, &out.OrangeToOrange + *out = new(string) + **out = **in + } + if in.OriginErrorPagePassThru != nil { + in, out := &in.OriginErrorPagePassThru, &out.OriginErrorPagePassThru + *out = new(string) + **out = **in + } + if in.OriginMaxHTTPVersion != nil { + in, out := &in.OriginMaxHTTPVersion, &out.OriginMaxHTTPVersion + *out = new(string) + **out = **in + } + if in.Polish != nil { + in, out := &in.Polish, &out.Polish + *out = new(string) + **out = **in + } + if in.PrefetchPreload != nil { + in, out := &in.PrefetchPreload, &out.PrefetchPreload + *out = new(string) + **out = **in + } + if in.PrivacyPass != nil { + in, out := &in.PrivacyPass, &out.PrivacyPass + *out = new(string) + **out = **in + } + if in.ProxyReadTimeout != nil { + in, out := &in.ProxyReadTimeout, &out.ProxyReadTimeout + *out = new(string) + **out = **in + } + if in.PseudoIPv4 != nil { + in, out := &in.PseudoIPv4, &out.PseudoIPv4 + *out = new(string) + **out = **in + } + if in.ResponseBuffering != nil { + in, out := &in.ResponseBuffering, &out.ResponseBuffering + *out = new(string) + **out = **in + } + if in.RocketLoader != nil { + in, out := &in.RocketLoader, &out.RocketLoader + *out = new(string) + **out = **in + } + if in.SSL != nil { + in, out := &in.SSL, &out.SSL + *out = new(string) + **out = **in + } + if in.SecurityHeader != nil { + in, out := &in.SecurityHeader, &out.SecurityHeader + *out = make([]SecurityHeaderObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SecurityLevel != nil { + in, out := &in.SecurityLevel, &out.SecurityLevel + *out = new(string) + **out = **in + } + if in.ServerSideExclude != nil { + in, out := &in.ServerSideExclude, &out.ServerSideExclude + *out = new(string) + **out = **in + } + if in.SortQueryStringForCache != nil { + in, out := &in.SortQueryStringForCache, &out.SortQueryStringForCache + *out = new(string) + **out = **in + } + if in.TLS12Only != nil { + in, out := &in.TLS12Only, &out.TLS12Only + *out = new(string) + **out = **in + } + if in.TLS13 != nil { + in, out := &in.TLS13, &out.TLS13 + *out = new(string) + **out = **in + } + if in.TLSClientAuth != nil { + in, out := &in.TLSClientAuth, &out.TLSClientAuth + *out = new(string) + **out = **in + } + if in.TrueClientIPHeader != nil { + in, out := &in.TrueClientIPHeader, &out.TrueClientIPHeader + *out = new(string) + **out = **in + } + if in.UniversalSSL != nil { + in, out := &in.UniversalSSL, &out.UniversalSSL + *out = new(string) + **out = **in + } + if in.VisitorIP != nil { + in, out := &in.VisitorIP, &out.VisitorIP + *out = new(string) + **out = **in + } + if in.Waf != nil { + in, out := &in.Waf, &out.Waf + *out = new(string) + **out = **in + } + if in.Webp != nil { + in, out := &in.Webp, &out.Webp + *out = new(string) + **out = **in + } + if in.Websockets != nil { + in, out := &in.Websockets, &out.Websockets + *out = new(string) + **out = **in + } + if in.ZeroRtt != nil { + in, out := &in.ZeroRtt, &out.ZeroRtt + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InitialSettingsObservation. +func (in *InitialSettingsObservation) DeepCopy() *InitialSettingsObservation { + if in == nil { + return nil + } + out := new(InitialSettingsObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InitialSettingsParameters) DeepCopyInto(out *InitialSettingsParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InitialSettingsParameters. +func (in *InitialSettingsParameters) DeepCopy() *InitialSettingsParameters { + if in == nil { + return nil + } + out := new(InitialSettingsParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LogpullRetention) DeepCopyInto(out *LogpullRetention) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetention. +func (in *LogpullRetention) DeepCopy() *LogpullRetention { + if in == nil { + return nil + } + out := new(LogpullRetention) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *LogpullRetention) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LogpullRetentionInitParameters) DeepCopyInto(out *LogpullRetentionInitParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetentionInitParameters. +func (in *LogpullRetentionInitParameters) DeepCopy() *LogpullRetentionInitParameters { + if in == nil { + return nil + } + out := new(LogpullRetentionInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LogpullRetentionList) DeepCopyInto(out *LogpullRetentionList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]LogpullRetention, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetentionList. +func (in *LogpullRetentionList) DeepCopy() *LogpullRetentionList { + if in == nil { + return nil + } + out := new(LogpullRetentionList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *LogpullRetentionList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LogpullRetentionObservation) DeepCopyInto(out *LogpullRetentionObservation) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetentionObservation. +func (in *LogpullRetentionObservation) DeepCopy() *LogpullRetentionObservation { + if in == nil { + return nil + } + out := new(LogpullRetentionObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LogpullRetentionParameters) DeepCopyInto(out *LogpullRetentionParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetentionParameters. +func (in *LogpullRetentionParameters) DeepCopy() *LogpullRetentionParameters { + if in == nil { + return nil + } + out := new(LogpullRetentionParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LogpullRetentionSpec) DeepCopyInto(out *LogpullRetentionSpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetentionSpec. func (in *LogpullRetentionSpec) DeepCopy() *LogpullRetentionSpec { if in == nil { return nil } - out := new(LogpullRetentionSpec) + out := new(LogpullRetentionSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LogpullRetentionStatus) DeepCopyInto(out *LogpullRetentionStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetentionStatus. +func (in *LogpullRetentionStatus) DeepCopy() *LogpullRetentionStatus { + if in == nil { + return nil + } + out := new(LogpullRetentionStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedHeaders) DeepCopyInto(out *ManagedHeaders) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeaders. +func (in *ManagedHeaders) DeepCopy() *ManagedHeaders { + if in == nil { + return nil + } + out := new(ManagedHeaders) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ManagedHeaders) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedHeadersInitParameters) DeepCopyInto(out *ManagedHeadersInitParameters) { + *out = *in + if in.ManagedRequestHeaders != nil { + in, out := &in.ManagedRequestHeaders, &out.ManagedRequestHeaders + *out = make([]ManagedRequestHeadersInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ManagedResponseHeaders != nil { + in, out := &in.ManagedResponseHeaders, &out.ManagedResponseHeaders + *out = make([]ManagedResponseHeadersInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeadersInitParameters. +func (in *ManagedHeadersInitParameters) DeepCopy() *ManagedHeadersInitParameters { + if in == nil { + return nil + } + out := new(ManagedHeadersInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedHeadersList) DeepCopyInto(out *ManagedHeadersList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ManagedHeaders, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeadersList. +func (in *ManagedHeadersList) DeepCopy() *ManagedHeadersList { + if in == nil { + return nil + } + out := new(ManagedHeadersList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ManagedHeadersList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedHeadersObservation) DeepCopyInto(out *ManagedHeadersObservation) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.ManagedRequestHeaders != nil { + in, out := &in.ManagedRequestHeaders, &out.ManagedRequestHeaders + *out = make([]ManagedRequestHeadersObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ManagedResponseHeaders != nil { + in, out := &in.ManagedResponseHeaders, &out.ManagedResponseHeaders + *out = make([]ManagedResponseHeadersObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeadersObservation. +func (in *ManagedHeadersObservation) DeepCopy() *ManagedHeadersObservation { + if in == nil { + return nil + } + out := new(ManagedHeadersObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedHeadersParameters) DeepCopyInto(out *ManagedHeadersParameters) { + *out = *in + if in.ManagedRequestHeaders != nil { + in, out := &in.ManagedRequestHeaders, &out.ManagedRequestHeaders + *out = make([]ManagedRequestHeadersParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ManagedResponseHeaders != nil { + in, out := &in.ManagedResponseHeaders, &out.ManagedResponseHeaders + *out = make([]ManagedResponseHeadersParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeadersParameters. +func (in *ManagedHeadersParameters) DeepCopy() *ManagedHeadersParameters { + if in == nil { + return nil + } + out := new(ManagedHeadersParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedHeadersSpec) DeepCopyInto(out *ManagedHeadersSpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeadersSpec. +func (in *ManagedHeadersSpec) DeepCopy() *ManagedHeadersSpec { + if in == nil { + return nil + } + out := new(ManagedHeadersSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedHeadersStatus) DeepCopyInto(out *ManagedHeadersStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeadersStatus. +func (in *ManagedHeadersStatus) DeepCopy() *ManagedHeadersStatus { + if in == nil { + return nil + } + out := new(ManagedHeadersStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedRequestHeadersInitParameters) DeepCopyInto(out *ManagedRequestHeadersInitParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedRequestHeadersInitParameters. +func (in *ManagedRequestHeadersInitParameters) DeepCopy() *ManagedRequestHeadersInitParameters { + if in == nil { + return nil + } + out := new(ManagedRequestHeadersInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedRequestHeadersObservation) DeepCopyInto(out *ManagedRequestHeadersObservation) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedRequestHeadersObservation. +func (in *ManagedRequestHeadersObservation) DeepCopy() *ManagedRequestHeadersObservation { + if in == nil { + return nil + } + out := new(ManagedRequestHeadersObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedRequestHeadersParameters) DeepCopyInto(out *ManagedRequestHeadersParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedRequestHeadersParameters. +func (in *ManagedRequestHeadersParameters) DeepCopy() *ManagedRequestHeadersParameters { + if in == nil { + return nil + } + out := new(ManagedRequestHeadersParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedResponseHeadersInitParameters) DeepCopyInto(out *ManagedResponseHeadersInitParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedResponseHeadersInitParameters. +func (in *ManagedResponseHeadersInitParameters) DeepCopy() *ManagedResponseHeadersInitParameters { + if in == nil { + return nil + } + out := new(ManagedResponseHeadersInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedResponseHeadersObservation) DeepCopyInto(out *ManagedResponseHeadersObservation) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedResponseHeadersObservation. +func (in *ManagedResponseHeadersObservation) DeepCopy() *ManagedResponseHeadersObservation { + if in == nil { + return nil + } + out := new(ManagedResponseHeadersObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ManagedResponseHeadersParameters) DeepCopyInto(out *ManagedResponseHeadersParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedResponseHeadersParameters. +func (in *ManagedResponseHeadersParameters) DeepCopy() *ManagedResponseHeadersParameters { + if in == nil { + return nil + } + out := new(ManagedResponseHeadersParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchInitParameters) DeepCopyInto(out *MatchInitParameters) { + *out = *in + if in.Request != nil { + in, out := &in.Request, &out.Request + *out = make([]RequestInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Response != nil { + in, out := &in.Response, &out.Response + *out = make([]MatchResponseInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchInitParameters. +func (in *MatchInitParameters) DeepCopy() *MatchInitParameters { + if in == nil { + return nil + } + out := new(MatchInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchObservation) DeepCopyInto(out *MatchObservation) { + *out = *in + if in.Request != nil { + in, out := &in.Request, &out.Request + *out = make([]RequestObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Response != nil { + in, out := &in.Response, &out.Response + *out = make([]MatchResponseObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchObservation. +func (in *MatchObservation) DeepCopy() *MatchObservation { + if in == nil { + return nil + } + out := new(MatchObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchParameters) DeepCopyInto(out *MatchParameters) { + *out = *in + if in.Request != nil { + in, out := &in.Request, &out.Request + *out = make([]RequestParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Response != nil { + in, out := &in.Response, &out.Response + *out = make([]MatchResponseParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchParameters. +func (in *MatchParameters) DeepCopy() *MatchParameters { + if in == nil { + return nil + } + out := new(MatchParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchResponseInitParameters) DeepCopyInto(out *MatchResponseInitParameters) { + *out = *in + if in.Headers != nil { + in, out := &in.Headers, &out.Headers + *out = make([]map[string]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + } + } + if in.OriginTraffic != nil { + in, out := &in.OriginTraffic, &out.OriginTraffic + *out = new(bool) + **out = **in + } + if in.Statuses != nil { + in, out := &in.Statuses, &out.Statuses + *out = make([]*float64, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(float64) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchResponseInitParameters. +func (in *MatchResponseInitParameters) DeepCopy() *MatchResponseInitParameters { + if in == nil { + return nil + } + out := new(MatchResponseInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchResponseObservation) DeepCopyInto(out *MatchResponseObservation) { + *out = *in + if in.Headers != nil { + in, out := &in.Headers, &out.Headers + *out = make([]map[string]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + } + } + if in.OriginTraffic != nil { + in, out := &in.OriginTraffic, &out.OriginTraffic + *out = new(bool) + **out = **in + } + if in.Statuses != nil { + in, out := &in.Statuses, &out.Statuses + *out = make([]*float64, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(float64) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchResponseObservation. +func (in *MatchResponseObservation) DeepCopy() *MatchResponseObservation { + if in == nil { + return nil + } + out := new(MatchResponseObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchResponseParameters) DeepCopyInto(out *MatchResponseParameters) { + *out = *in + if in.Headers != nil { + in, out := &in.Headers, &out.Headers + *out = make([]map[string]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + } + } + if in.OriginTraffic != nil { + in, out := &in.OriginTraffic, &out.OriginTraffic + *out = new(bool) + **out = **in + } + if in.Statuses != nil { + in, out := &in.Statuses, &out.Statuses + *out = make([]*float64, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(float64) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchResponseParameters. +func (in *MatchResponseParameters) DeepCopy() *MatchResponseParameters { + if in == nil { + return nil + } + out := new(MatchResponseParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MinifyInitParameters) DeepCopyInto(out *MinifyInitParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MinifyInitParameters. +func (in *MinifyInitParameters) DeepCopy() *MinifyInitParameters { + if in == nil { + return nil + } + out := new(MinifyInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MinifyObservation) DeepCopyInto(out *MinifyObservation) { + *out = *in + if in.CSS != nil { + in, out := &in.CSS, &out.CSS + *out = new(string) + **out = **in + } + if in.HTML != nil { + in, out := &in.HTML, &out.HTML + *out = new(string) + **out = **in + } + if in.Js != nil { + in, out := &in.Js, &out.Js + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MinifyObservation. +func (in *MinifyObservation) DeepCopy() *MinifyObservation { + if in == nil { + return nil + } + out := new(MinifyObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MinifyParameters) DeepCopyInto(out *MinifyParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MinifyParameters. +func (in *MinifyParameters) DeepCopy() *MinifyParameters { + if in == nil { + return nil + } + out := new(MinifyParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MobileRedirectInitParameters) DeepCopyInto(out *MobileRedirectInitParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MobileRedirectInitParameters. +func (in *MobileRedirectInitParameters) DeepCopy() *MobileRedirectInitParameters { + if in == nil { + return nil + } + out := new(MobileRedirectInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MobileRedirectObservation) DeepCopyInto(out *MobileRedirectObservation) { + *out = *in + if in.MobileSubdomain != nil { + in, out := &in.MobileSubdomain, &out.MobileSubdomain + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } + if in.StripURI != nil { + in, out := &in.StripURI, &out.StripURI + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MobileRedirectObservation. +func (in *MobileRedirectObservation) DeepCopy() *MobileRedirectObservation { + if in == nil { + return nil + } + out := new(MobileRedirectObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MobileRedirectParameters) DeepCopyInto(out *MobileRedirectParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MobileRedirectParameters. +func (in *MobileRedirectParameters) DeepCopy() *MobileRedirectParameters { + if in == nil { + return nil + } + out := new(MobileRedirectParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RateLimit) DeepCopyInto(out *RateLimit) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimit. +func (in *RateLimit) DeepCopy() *RateLimit { + if in == nil { + return nil + } + out := new(RateLimit) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *RateLimit) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RateLimitInitParameters) DeepCopyInto(out *RateLimitInitParameters) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = make([]ActionInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.BypassURLPatterns != nil { + in, out := &in.BypassURLPatterns, &out.BypassURLPatterns + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Correlate != nil { + in, out := &in.Correlate, &out.Correlate + *out = make([]CorrelateInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Disabled != nil { + in, out := &in.Disabled, &out.Disabled + *out = new(bool) + **out = **in + } + if in.Match != nil { + in, out := &in.Match, &out.Match + *out = make([]MatchInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Period != nil { + in, out := &in.Period, &out.Period + *out = new(float64) + **out = **in + } + if in.Threshold != nil { + in, out := &in.Threshold, &out.Threshold + *out = new(float64) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitInitParameters. +func (in *RateLimitInitParameters) DeepCopy() *RateLimitInitParameters { + if in == nil { + return nil + } + out := new(RateLimitInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RateLimitList) DeepCopyInto(out *RateLimitList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]RateLimit, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitList. +func (in *RateLimitList) DeepCopy() *RateLimitList { + if in == nil { + return nil + } + out := new(RateLimitList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *RateLimitList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RateLimitObservation) DeepCopyInto(out *RateLimitObservation) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = make([]ActionObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.BypassURLPatterns != nil { + in, out := &in.BypassURLPatterns, &out.BypassURLPatterns + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Correlate != nil { + in, out := &in.Correlate, &out.Correlate + *out = make([]CorrelateObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Disabled != nil { + in, out := &in.Disabled, &out.Disabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Match != nil { + in, out := &in.Match, &out.Match + *out = make([]MatchObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Period != nil { + in, out := &in.Period, &out.Period + *out = new(float64) + **out = **in + } + if in.Threshold != nil { + in, out := &in.Threshold, &out.Threshold + *out = new(float64) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitObservation. +func (in *RateLimitObservation) DeepCopy() *RateLimitObservation { + if in == nil { + return nil + } + out := new(RateLimitObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RateLimitParameters) DeepCopyInto(out *RateLimitParameters) { + *out = *in + if in.Action != nil { + in, out := &in.Action, &out.Action + *out = make([]ActionParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.BypassURLPatterns != nil { + in, out := &in.BypassURLPatterns, &out.BypassURLPatterns + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Correlate != nil { + in, out := &in.Correlate, &out.Correlate + *out = make([]CorrelateParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Disabled != nil { + in, out := &in.Disabled, &out.Disabled + *out = new(bool) + **out = **in + } + if in.Match != nil { + in, out := &in.Match, &out.Match + *out = make([]MatchParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Period != nil { + in, out := &in.Period, &out.Period + *out = new(float64) + **out = **in + } + if in.Threshold != nil { + in, out := &in.Threshold, &out.Threshold + *out = new(float64) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitParameters. +func (in *RateLimitParameters) DeepCopy() *RateLimitParameters { + if in == nil { + return nil + } + out := new(RateLimitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LogpullRetentionStatus) DeepCopyInto(out *LogpullRetentionStatus) { +func (in *RateLimitSpec) DeepCopyInto(out *RateLimitSpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitSpec. +func (in *RateLimitSpec) DeepCopy() *RateLimitSpec { + if in == nil { + return nil + } + out := new(RateLimitSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RateLimitStatus) DeepCopyInto(out *RateLimitStatus) { *out = *in in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) in.AtProvider.DeepCopyInto(&out.AtProvider) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogpullRetentionStatus. -func (in *LogpullRetentionStatus) DeepCopy() *LogpullRetentionStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitStatus. +func (in *RateLimitStatus) DeepCopy() *RateLimitStatus { if in == nil { return nil } - out := new(LogpullRetentionStatus) + out := new(RateLimitStatus) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ManagedHeaders) DeepCopyInto(out *ManagedHeaders) { +func (in *RequestInitParameters) DeepCopyInto(out *RequestInitParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + if in.Methods != nil { + in, out := &in.Methods, &out.Methods + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Schemes != nil { + in, out := &in.Schemes, &out.Schemes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.URLPattern != nil { + in, out := &in.URLPattern, &out.URLPattern + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeaders. -func (in *ManagedHeaders) DeepCopy() *ManagedHeaders { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestInitParameters. +func (in *RequestInitParameters) DeepCopy() *RequestInitParameters { if in == nil { return nil } - out := new(ManagedHeaders) + out := new(RequestInitParameters) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ManagedHeaders) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RequestObservation) DeepCopyInto(out *RequestObservation) { + *out = *in + if in.Methods != nil { + in, out := &in.Methods, &out.Methods + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } } - return nil + if in.Schemes != nil { + in, out := &in.Schemes, &out.Schemes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.URLPattern != nil { + in, out := &in.URLPattern, &out.URLPattern + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestObservation. +func (in *RequestObservation) DeepCopy() *RequestObservation { + if in == nil { + return nil + } + out := new(RequestObservation) + in.DeepCopyInto(out) + return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ManagedHeadersList) DeepCopyInto(out *ManagedHeadersList) { +func (in *RequestParameters) DeepCopyInto(out *RequestParameters) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ManagedHeaders, len(*in)) + if in.Methods != nil { + in, out := &in.Methods, &out.Methods + *out = make([]*string, len(*in)) for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Schemes != nil { + in, out := &in.Schemes, &out.Schemes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } } } + if in.URLPattern != nil { + in, out := &in.URLPattern, &out.URLPattern + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestParameters. +func (in *RequestParameters) DeepCopy() *RequestParameters { + if in == nil { + return nil + } + out := new(RequestParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ResponseInitParameters) DeepCopyInto(out *ResponseInitParameters) { + *out = *in + if in.Body != nil { + in, out := &in.Body, &out.Body + *out = new(string) + **out = **in + } + if in.ContentType != nil { + in, out := &in.ContentType, &out.ContentType + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResponseInitParameters. +func (in *ResponseInitParameters) DeepCopy() *ResponseInitParameters { + if in == nil { + return nil + } + out := new(ResponseInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ResponseObservation) DeepCopyInto(out *ResponseObservation) { + *out = *in + if in.Body != nil { + in, out := &in.Body, &out.Body + *out = new(string) + **out = **in + } + if in.ContentType != nil { + in, out := &in.ContentType, &out.ContentType + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResponseObservation. +func (in *ResponseObservation) DeepCopy() *ResponseObservation { + if in == nil { + return nil + } + out := new(ResponseObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ResponseParameters) DeepCopyInto(out *ResponseParameters) { + *out = *in + if in.Body != nil { + in, out := &in.Body, &out.Body + *out = new(string) + **out = **in + } + if in.ContentType != nil { + in, out := &in.ContentType, &out.ContentType + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResponseParameters. +func (in *ResponseParameters) DeepCopy() *ResponseParameters { + if in == nil { + return nil + } + out := new(ResponseParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecurityHeaderInitParameters) DeepCopyInto(out *SecurityHeaderInitParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityHeaderInitParameters. +func (in *SecurityHeaderInitParameters) DeepCopy() *SecurityHeaderInitParameters { + if in == nil { + return nil + } + out := new(SecurityHeaderInitParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecurityHeaderObservation) DeepCopyInto(out *SecurityHeaderObservation) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.IncludeSubdomains != nil { + in, out := &in.IncludeSubdomains, &out.IncludeSubdomains + *out = new(bool) + **out = **in + } + if in.MaxAge != nil { + in, out := &in.MaxAge, &out.MaxAge + *out = new(float64) + **out = **in + } + if in.Nosniff != nil { + in, out := &in.Nosniff, &out.Nosniff + *out = new(bool) + **out = **in + } + if in.Preload != nil { + in, out := &in.Preload, &out.Preload + *out = new(bool) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeadersList. -func (in *ManagedHeadersList) DeepCopy() *ManagedHeadersList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityHeaderObservation. +func (in *SecurityHeaderObservation) DeepCopy() *SecurityHeaderObservation { if in == nil { return nil } - out := new(ManagedHeadersList) + out := new(SecurityHeaderObservation) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ManagedHeadersList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ManagedHeadersObservation) DeepCopyInto(out *ManagedHeadersObservation) { +func (in *SecurityHeaderParameters) DeepCopyInto(out *SecurityHeaderParameters) { *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID - *out = new(string) - **out = **in - } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeadersObservation. -func (in *ManagedHeadersObservation) DeepCopy() *ManagedHeadersObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityHeaderParameters. +func (in *SecurityHeaderParameters) DeepCopy() *SecurityHeaderParameters { if in == nil { return nil } - out := new(ManagedHeadersObservation) + out := new(SecurityHeaderParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ManagedHeadersParameters) DeepCopyInto(out *ManagedHeadersParameters) { +func (in *SettingsInitParameters) DeepCopyInto(out *SettingsInitParameters) { *out = *in - if in.ManagedRequestHeaders != nil { - in, out := &in.ManagedRequestHeaders, &out.ManagedRequestHeaders - *out = make([]ManagedRequestHeadersParameters, len(*in)) + if in.AlwaysOnline != nil { + in, out := &in.AlwaysOnline, &out.AlwaysOnline + *out = new(string) + **out = **in + } + if in.AlwaysUseHTTPS != nil { + in, out := &in.AlwaysUseHTTPS, &out.AlwaysUseHTTPS + *out = new(string) + **out = **in + } + if in.AutomaticHTTPSRewrites != nil { + in, out := &in.AutomaticHTTPSRewrites, &out.AutomaticHTTPSRewrites + *out = new(string) + **out = **in + } + if in.BinaryAst != nil { + in, out := &in.BinaryAst, &out.BinaryAst + *out = new(string) + **out = **in + } + if in.Brotli != nil { + in, out := &in.Brotli, &out.Brotli + *out = new(string) + **out = **in + } + if in.BrowserCacheTTL != nil { + in, out := &in.BrowserCacheTTL, &out.BrowserCacheTTL + *out = new(float64) + **out = **in + } + if in.BrowserCheck != nil { + in, out := &in.BrowserCheck, &out.BrowserCheck + *out = new(string) + **out = **in + } + if in.CacheLevel != nil { + in, out := &in.CacheLevel, &out.CacheLevel + *out = new(string) + **out = **in + } + if in.ChallengeTTL != nil { + in, out := &in.ChallengeTTL, &out.ChallengeTTL + *out = new(float64) + **out = **in + } + if in.Ciphers != nil { + in, out := &in.Ciphers, &out.Ciphers + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.CnameFlattening != nil { + in, out := &in.CnameFlattening, &out.CnameFlattening + *out = new(string) + **out = **in + } + if in.DevelopmentMode != nil { + in, out := &in.DevelopmentMode, &out.DevelopmentMode + *out = new(string) + **out = **in + } + if in.EarlyHints != nil { + in, out := &in.EarlyHints, &out.EarlyHints + *out = new(string) + **out = **in + } + if in.EmailObfuscation != nil { + in, out := &in.EmailObfuscation, &out.EmailObfuscation + *out = new(string) + **out = **in + } + if in.FilterLogsToCloudflare != nil { + in, out := &in.FilterLogsToCloudflare, &out.FilterLogsToCloudflare + *out = new(string) + **out = **in + } + if in.H2Prioritization != nil { + in, out := &in.H2Prioritization, &out.H2Prioritization + *out = new(string) + **out = **in + } + if in.HotlinkProtection != nil { + in, out := &in.HotlinkProtection, &out.HotlinkProtection + *out = new(string) + **out = **in + } + if in.Http2 != nil { + in, out := &in.Http2, &out.Http2 + *out = new(string) + **out = **in + } + if in.Http3 != nil { + in, out := &in.Http3, &out.Http3 + *out = new(string) + **out = **in + } + if in.IPGeolocation != nil { + in, out := &in.IPGeolocation, &out.IPGeolocation + *out = new(string) + **out = **in + } + if in.IPv6 != nil { + in, out := &in.IPv6, &out.IPv6 + *out = new(string) + **out = **in + } + if in.ImageResizing != nil { + in, out := &in.ImageResizing, &out.ImageResizing + *out = new(string) + **out = **in + } + if in.LogToCloudflare != nil { + in, out := &in.LogToCloudflare, &out.LogToCloudflare + *out = new(string) + **out = **in + } + if in.MaxUpload != nil { + in, out := &in.MaxUpload, &out.MaxUpload + *out = new(float64) + **out = **in + } + if in.MinTLSVersion != nil { + in, out := &in.MinTLSVersion, &out.MinTLSVersion + *out = new(string) + **out = **in + } + if in.Minify != nil { + in, out := &in.Minify, &out.Minify + *out = make([]SettingsMinifyInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.ManagedResponseHeaders != nil { - in, out := &in.ManagedResponseHeaders, &out.ManagedResponseHeaders - *out = make([]ManagedResponseHeadersParameters, len(*in)) + if in.Mirage != nil { + in, out := &in.Mirage, &out.Mirage + *out = new(string) + **out = **in + } + if in.MobileRedirect != nil { + in, out := &in.MobileRedirect, &out.MobileRedirect + *out = make([]SettingsMobileRedirectInitParameters, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.ZoneID != nil { - in, out := &in.ZoneID, &out.ZoneID + if in.OpportunisticEncryption != nil { + in, out := &in.OpportunisticEncryption, &out.OpportunisticEncryption + *out = new(string) + **out = **in + } + if in.OpportunisticOnion != nil { + in, out := &in.OpportunisticOnion, &out.OpportunisticOnion + *out = new(string) + **out = **in + } + if in.OrangeToOrange != nil { + in, out := &in.OrangeToOrange, &out.OrangeToOrange + *out = new(string) + **out = **in + } + if in.OriginErrorPagePassThru != nil { + in, out := &in.OriginErrorPagePassThru, &out.OriginErrorPagePassThru + *out = new(string) + **out = **in + } + if in.OriginMaxHTTPVersion != nil { + in, out := &in.OriginMaxHTTPVersion, &out.OriginMaxHTTPVersion + *out = new(string) + **out = **in + } + if in.Polish != nil { + in, out := &in.Polish, &out.Polish + *out = new(string) + **out = **in + } + if in.PrefetchPreload != nil { + in, out := &in.PrefetchPreload, &out.PrefetchPreload + *out = new(string) + **out = **in + } + if in.PrivacyPass != nil { + in, out := &in.PrivacyPass, &out.PrivacyPass + *out = new(string) + **out = **in + } + if in.ProxyReadTimeout != nil { + in, out := &in.ProxyReadTimeout, &out.ProxyReadTimeout + *out = new(string) + **out = **in + } + if in.PseudoIPv4 != nil { + in, out := &in.PseudoIPv4, &out.PseudoIPv4 + *out = new(string) + **out = **in + } + if in.ResponseBuffering != nil { + in, out := &in.ResponseBuffering, &out.ResponseBuffering + *out = new(string) + **out = **in + } + if in.RocketLoader != nil { + in, out := &in.RocketLoader, &out.RocketLoader + *out = new(string) + **out = **in + } + if in.SSL != nil { + in, out := &in.SSL, &out.SSL + *out = new(string) + **out = **in + } + if in.SecurityHeader != nil { + in, out := &in.SecurityHeader, &out.SecurityHeader + *out = make([]SettingsSecurityHeaderInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SecurityLevel != nil { + in, out := &in.SecurityLevel, &out.SecurityLevel *out = new(string) **out = **in } - if in.ZoneIDRef != nil { - in, out := &in.ZoneIDRef, &out.ZoneIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.ZoneIDSelector != nil { - in, out := &in.ZoneIDSelector, &out.ZoneIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) + if in.ServerSideExclude != nil { + in, out := &in.ServerSideExclude, &out.ServerSideExclude + *out = new(string) + **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeadersParameters. -func (in *ManagedHeadersParameters) DeepCopy() *ManagedHeadersParameters { - if in == nil { - return nil + if in.SortQueryStringForCache != nil { + in, out := &in.SortQueryStringForCache, &out.SortQueryStringForCache + *out = new(string) + **out = **in } - out := new(ManagedHeadersParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ManagedHeadersSpec) DeepCopyInto(out *ManagedHeadersSpec) { - *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeadersSpec. -func (in *ManagedHeadersSpec) DeepCopy() *ManagedHeadersSpec { - if in == nil { - return nil + if in.TLS12Only != nil { + in, out := &in.TLS12Only, &out.TLS12Only + *out = new(string) + **out = **in } - out := new(ManagedHeadersSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ManagedHeadersStatus) DeepCopyInto(out *ManagedHeadersStatus) { - *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedHeadersStatus. -func (in *ManagedHeadersStatus) DeepCopy() *ManagedHeadersStatus { - if in == nil { - return nil + if in.TLS13 != nil { + in, out := &in.TLS13, &out.TLS13 + *out = new(string) + **out = **in } - out := new(ManagedHeadersStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ManagedRequestHeadersObservation) DeepCopyInto(out *ManagedRequestHeadersObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedRequestHeadersObservation. -func (in *ManagedRequestHeadersObservation) DeepCopy() *ManagedRequestHeadersObservation { - if in == nil { - return nil + if in.TLSClientAuth != nil { + in, out := &in.TLSClientAuth, &out.TLSClientAuth + *out = new(string) + **out = **in } - out := new(ManagedRequestHeadersObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ManagedRequestHeadersParameters) DeepCopyInto(out *ManagedRequestHeadersParameters) { - *out = *in - if in.Enabled != nil { - in, out := &in.Enabled, &out.Enabled - *out = new(bool) + if in.TrueClientIPHeader != nil { + in, out := &in.TrueClientIPHeader, &out.TrueClientIPHeader + *out = new(string) **out = **in } - if in.ID != nil { - in, out := &in.ID, &out.ID + if in.UniversalSSL != nil { + in, out := &in.UniversalSSL, &out.UniversalSSL *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedRequestHeadersParameters. -func (in *ManagedRequestHeadersParameters) DeepCopy() *ManagedRequestHeadersParameters { - if in == nil { - return nil + if in.VisitorIP != nil { + in, out := &in.VisitorIP, &out.VisitorIP + *out = new(string) + **out = **in } - out := new(ManagedRequestHeadersParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ManagedResponseHeadersObservation) DeepCopyInto(out *ManagedResponseHeadersObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedResponseHeadersObservation. -func (in *ManagedResponseHeadersObservation) DeepCopy() *ManagedResponseHeadersObservation { - if in == nil { - return nil + if in.Waf != nil { + in, out := &in.Waf, &out.Waf + *out = new(string) + **out = **in } - out := new(ManagedResponseHeadersObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ManagedResponseHeadersParameters) DeepCopyInto(out *ManagedResponseHeadersParameters) { - *out = *in - if in.Enabled != nil { - in, out := &in.Enabled, &out.Enabled - *out = new(bool) + if in.Webp != nil { + in, out := &in.Webp, &out.Webp + *out = new(string) **out = **in } - if in.ID != nil { - in, out := &in.ID, &out.ID + if in.Websockets != nil { + in, out := &in.Websockets, &out.Websockets *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedResponseHeadersParameters. -func (in *ManagedResponseHeadersParameters) DeepCopy() *ManagedResponseHeadersParameters { - if in == nil { - return nil + if in.ZeroRtt != nil { + in, out := &in.ZeroRtt, &out.ZeroRtt + *out = new(string) + **out = **in } - out := new(ManagedResponseHeadersParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MatchObservation) DeepCopyInto(out *MatchObservation) { - *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchObservation. -func (in *MatchObservation) DeepCopy() *MatchObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsInitParameters. +func (in *SettingsInitParameters) DeepCopy() *SettingsInitParameters { if in == nil { return nil } - out := new(MatchObservation) + out := new(SettingsInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MatchParameters) DeepCopyInto(out *MatchParameters) { +func (in *SettingsMinifyInitParameters) DeepCopyInto(out *SettingsMinifyInitParameters) { *out = *in - if in.Request != nil { - in, out := &in.Request, &out.Request - *out = make([]RequestParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.CSS != nil { + in, out := &in.CSS, &out.CSS + *out = new(string) + **out = **in } - if in.Response != nil { - in, out := &in.Response, &out.Response - *out = make([]MatchResponseParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.HTML != nil { + in, out := &in.HTML, &out.HTML + *out = new(string) + **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchParameters. -func (in *MatchParameters) DeepCopy() *MatchParameters { - if in == nil { - return nil + if in.Js != nil { + in, out := &in.Js, &out.Js + *out = new(string) + **out = **in } - out := new(MatchParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MatchResponseObservation) DeepCopyInto(out *MatchResponseObservation) { - *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchResponseObservation. -func (in *MatchResponseObservation) DeepCopy() *MatchResponseObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsMinifyInitParameters. +func (in *SettingsMinifyInitParameters) DeepCopy() *SettingsMinifyInitParameters { if in == nil { return nil } - out := new(MatchResponseObservation) + out := new(SettingsMinifyInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MatchResponseParameters) DeepCopyInto(out *MatchResponseParameters) { +func (in *SettingsMinifyObservation) DeepCopyInto(out *SettingsMinifyObservation) { *out = *in - if in.Headers != nil { - in, out := &in.Headers, &out.Headers - *out = make([]map[string]*string, len(*in)) - for i := range *in { - if (*in)[i] != nil { - in, out := &(*in)[i], &(*out)[i] - *out = make(map[string]*string, len(*in)) - for key, val := range *in { - var outVal *string - if val == nil { - (*out)[key] = nil - } else { - in, out := &val, &outVal - *out = new(string) - **out = **in - } - (*out)[key] = outVal - } - } - } + if in.CSS != nil { + in, out := &in.CSS, &out.CSS + *out = new(string) + **out = **in } - if in.OriginTraffic != nil { - in, out := &in.OriginTraffic, &out.OriginTraffic - *out = new(bool) + if in.HTML != nil { + in, out := &in.HTML, &out.HTML + *out = new(string) **out = **in } - if in.Statuses != nil { - in, out := &in.Statuses, &out.Statuses - *out = make([]*float64, len(*in)) - for i := range *in { - if (*in)[i] != nil { - in, out := &(*in)[i], &(*out)[i] - *out = new(float64) - **out = **in - } - } + if in.Js != nil { + in, out := &in.Js, &out.Js + *out = new(string) + **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchResponseParameters. -func (in *MatchResponseParameters) DeepCopy() *MatchResponseParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsMinifyObservation. +func (in *SettingsMinifyObservation) DeepCopy() *SettingsMinifyObservation { if in == nil { return nil } - out := new(MatchResponseParameters) + out := new(SettingsMinifyObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MinifyObservation) DeepCopyInto(out *MinifyObservation) { +func (in *SettingsMinifyParameters) DeepCopyInto(out *SettingsMinifyParameters) { *out = *in if in.CSS != nil { in, out := &in.CSS, &out.CSS @@ -1475,33 +3348,48 @@ func (in *MinifyObservation) DeepCopyInto(out *MinifyObservation) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MinifyObservation. -func (in *MinifyObservation) DeepCopy() *MinifyObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsMinifyParameters. +func (in *SettingsMinifyParameters) DeepCopy() *SettingsMinifyParameters { if in == nil { return nil } - out := new(MinifyObservation) + out := new(SettingsMinifyParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MinifyParameters) DeepCopyInto(out *MinifyParameters) { +func (in *SettingsMobileRedirectInitParameters) DeepCopyInto(out *SettingsMobileRedirectInitParameters) { *out = *in + if in.MobileSubdomain != nil { + in, out := &in.MobileSubdomain, &out.MobileSubdomain + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } + if in.StripURI != nil { + in, out := &in.StripURI, &out.StripURI + *out = new(bool) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MinifyParameters. -func (in *MinifyParameters) DeepCopy() *MinifyParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsMobileRedirectInitParameters. +func (in *SettingsMobileRedirectInitParameters) DeepCopy() *SettingsMobileRedirectInitParameters { if in == nil { return nil } - out := new(MinifyParameters) + out := new(SettingsMobileRedirectInitParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MobileRedirectObservation) DeepCopyInto(out *MobileRedirectObservation) { +func (in *SettingsMobileRedirectObservation) DeepCopyInto(out *SettingsMobileRedirectObservation) { *out = *in if in.MobileSubdomain != nil { in, out := &in.MobileSubdomain, &out.MobileSubdomain @@ -1520,122 +3408,96 @@ func (in *MobileRedirectObservation) DeepCopyInto(out *MobileRedirectObservation } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MobileRedirectObservation. -func (in *MobileRedirectObservation) DeepCopy() *MobileRedirectObservation { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsMobileRedirectObservation. +func (in *SettingsMobileRedirectObservation) DeepCopy() *SettingsMobileRedirectObservation { if in == nil { return nil } - out := new(MobileRedirectObservation) + out := new(SettingsMobileRedirectObservation) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MobileRedirectParameters) DeepCopyInto(out *MobileRedirectParameters) { +func (in *SettingsMobileRedirectParameters) DeepCopyInto(out *SettingsMobileRedirectParameters) { *out = *in + if in.MobileSubdomain != nil { + in, out := &in.MobileSubdomain, &out.MobileSubdomain + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } + if in.StripURI != nil { + in, out := &in.StripURI, &out.StripURI + *out = new(bool) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MobileRedirectParameters. -func (in *MobileRedirectParameters) DeepCopy() *MobileRedirectParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsMobileRedirectParameters. +func (in *SettingsMobileRedirectParameters) DeepCopy() *SettingsMobileRedirectParameters { if in == nil { return nil } - out := new(MobileRedirectParameters) + out := new(SettingsMobileRedirectParameters) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RateLimit) DeepCopyInto(out *RateLimit) { +func (in *SettingsObservation) DeepCopyInto(out *SettingsObservation) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimit. -func (in *RateLimit) DeepCopy() *RateLimit { - if in == nil { - return nil + if in.AlwaysOnline != nil { + in, out := &in.AlwaysOnline, &out.AlwaysOnline + *out = new(string) + **out = **in } - out := new(RateLimit) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *RateLimit) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c + if in.AlwaysUseHTTPS != nil { + in, out := &in.AlwaysUseHTTPS, &out.AlwaysUseHTTPS + *out = new(string) + **out = **in } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RateLimitList) DeepCopyInto(out *RateLimitList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]RateLimit, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.AutomaticHTTPSRewrites != nil { + in, out := &in.AutomaticHTTPSRewrites, &out.AutomaticHTTPSRewrites + *out = new(string) + **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitList. -func (in *RateLimitList) DeepCopy() *RateLimitList { - if in == nil { - return nil + if in.BinaryAst != nil { + in, out := &in.BinaryAst, &out.BinaryAst + *out = new(string) + **out = **in } - out := new(RateLimitList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *RateLimitList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c + if in.Brotli != nil { + in, out := &in.Brotli, &out.Brotli + *out = new(string) + **out = **in } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RateLimitObservation) DeepCopyInto(out *RateLimitObservation) { - *out = *in - if in.ID != nil { - in, out := &in.ID, &out.ID + if in.BrowserCacheTTL != nil { + in, out := &in.BrowserCacheTTL, &out.BrowserCacheTTL + *out = new(float64) + **out = **in + } + if in.BrowserCheck != nil { + in, out := &in.BrowserCheck, &out.BrowserCheck *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitObservation. -func (in *RateLimitObservation) DeepCopy() *RateLimitObservation { - if in == nil { - return nil + if in.CacheLevel != nil { + in, out := &in.CacheLevel, &out.CacheLevel + *out = new(string) + **out = **in } - out := new(RateLimitObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RateLimitParameters) DeepCopyInto(out *RateLimitParameters) { - *out = *in - if in.Action != nil { - in, out := &in.Action, &out.Action - *out = make([]ActionParameters, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.ChallengeTTL != nil { + in, out := &in.ChallengeTTL, &out.ChallengeTTL + *out = new(float64) + **out = **in } - if in.BypassURLPatterns != nil { - in, out := &in.BypassURLPatterns, &out.BypassURLPatterns + if in.Ciphers != nil { + in, out := &in.Ciphers, &out.Ciphers *out = make([]*string, len(*in)) for i := range *in { if (*in)[i] != nil { @@ -1645,346 +3507,237 @@ func (in *RateLimitParameters) DeepCopyInto(out *RateLimitParameters) { } } } - if in.Correlate != nil { - in, out := &in.Correlate, &out.Correlate - *out = make([]CorrelateParameters, len(*in)) + if in.CnameFlattening != nil { + in, out := &in.CnameFlattening, &out.CnameFlattening + *out = new(string) + **out = **in + } + if in.DevelopmentMode != nil { + in, out := &in.DevelopmentMode, &out.DevelopmentMode + *out = new(string) + **out = **in + } + if in.EarlyHints != nil { + in, out := &in.EarlyHints, &out.EarlyHints + *out = new(string) + **out = **in + } + if in.EmailObfuscation != nil { + in, out := &in.EmailObfuscation, &out.EmailObfuscation + *out = new(string) + **out = **in + } + if in.FilterLogsToCloudflare != nil { + in, out := &in.FilterLogsToCloudflare, &out.FilterLogsToCloudflare + *out = new(string) + **out = **in + } + if in.H2Prioritization != nil { + in, out := &in.H2Prioritization, &out.H2Prioritization + *out = new(string) + **out = **in + } + if in.HotlinkProtection != nil { + in, out := &in.HotlinkProtection, &out.HotlinkProtection + *out = new(string) + **out = **in + } + if in.Http2 != nil { + in, out := &in.Http2, &out.Http2 + *out = new(string) + **out = **in + } + if in.Http3 != nil { + in, out := &in.Http3, &out.Http3 + *out = new(string) + **out = **in + } + if in.IPGeolocation != nil { + in, out := &in.IPGeolocation, &out.IPGeolocation + *out = new(string) + **out = **in + } + if in.IPv6 != nil { + in, out := &in.IPv6, &out.IPv6 + *out = new(string) + **out = **in + } + if in.ImageResizing != nil { + in, out := &in.ImageResizing, &out.ImageResizing + *out = new(string) + **out = **in + } + if in.LogToCloudflare != nil { + in, out := &in.LogToCloudflare, &out.LogToCloudflare + *out = new(string) + **out = **in + } + if in.MaxUpload != nil { + in, out := &in.MaxUpload, &out.MaxUpload + *out = new(float64) + **out = **in + } + if in.MinTLSVersion != nil { + in, out := &in.MinTLSVersion, &out.MinTLSVersion + *out = new(string) + **out = **in + } + if in.Minify != nil { + in, out := &in.Minify, &out.Minify + *out = make([]SettingsMinifyObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.Description != nil { - in, out := &in.Description, &out.Description + if in.Mirage != nil { + in, out := &in.Mirage, &out.Mirage *out = new(string) **out = **in } - if in.Disabled != nil { - in, out := &in.Disabled, &out.Disabled - *out = new(bool) - **out = **in - } - if in.Match != nil { - in, out := &in.Match, &out.Match - *out = make([]MatchParameters, len(*in)) + if in.MobileRedirect != nil { + in, out := &in.MobileRedirect, &out.MobileRedirect + *out = make([]SettingsMobileRedirectObservation, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.Period != nil { - in, out := &in.Period, &out.Period - *out = new(float64) + if in.OpportunisticEncryption != nil { + in, out := &in.OpportunisticEncryption, &out.OpportunisticEncryption + *out = new(string) **out = **in } - if in.Threshold != nil { - in, out := &in.Threshold, &out.Threshold - *out = new(float64) + if in.OpportunisticOnion != nil { + in, out := &in.OpportunisticOnion, &out.OpportunisticOnion + *out = new(string) **out = **in } - if in.ZoneID != nil { - in, out := &in.ZoneID, &out.ZoneID + if in.OrangeToOrange != nil { + in, out := &in.OrangeToOrange, &out.OrangeToOrange *out = new(string) **out = **in } - if in.ZoneIDRef != nil { - in, out := &in.ZoneIDRef, &out.ZoneIDRef - *out = new(v1.Reference) - (*in).DeepCopyInto(*out) - } - if in.ZoneIDSelector != nil { - in, out := &in.ZoneIDSelector, &out.ZoneIDSelector - *out = new(v1.Selector) - (*in).DeepCopyInto(*out) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitParameters. -func (in *RateLimitParameters) DeepCopy() *RateLimitParameters { - if in == nil { - return nil - } - out := new(RateLimitParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RateLimitSpec) DeepCopyInto(out *RateLimitSpec) { - *out = *in - in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) - in.ForProvider.DeepCopyInto(&out.ForProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitSpec. -func (in *RateLimitSpec) DeepCopy() *RateLimitSpec { - if in == nil { - return nil - } - out := new(RateLimitSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RateLimitStatus) DeepCopyInto(out *RateLimitStatus) { - *out = *in - in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - in.AtProvider.DeepCopyInto(&out.AtProvider) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitStatus. -func (in *RateLimitStatus) DeepCopy() *RateLimitStatus { - if in == nil { - return nil - } - out := new(RateLimitStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequestObservation) DeepCopyInto(out *RequestObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestObservation. -func (in *RequestObservation) DeepCopy() *RequestObservation { - if in == nil { - return nil - } - out := new(RequestObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequestParameters) DeepCopyInto(out *RequestParameters) { - *out = *in - if in.Methods != nil { - in, out := &in.Methods, &out.Methods - *out = make([]*string, len(*in)) - for i := range *in { - if (*in)[i] != nil { - in, out := &(*in)[i], &(*out)[i] - *out = new(string) - **out = **in - } - } - } - if in.Schemes != nil { - in, out := &in.Schemes, &out.Schemes - *out = make([]*string, len(*in)) - for i := range *in { - if (*in)[i] != nil { - in, out := &(*in)[i], &(*out)[i] - *out = new(string) - **out = **in - } - } - } - if in.URLPattern != nil { - in, out := &in.URLPattern, &out.URLPattern + if in.OriginErrorPagePassThru != nil { + in, out := &in.OriginErrorPagePassThru, &out.OriginErrorPagePassThru *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestParameters. -func (in *RequestParameters) DeepCopy() *RequestParameters { - if in == nil { - return nil - } - out := new(RequestParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResponseObservation) DeepCopyInto(out *ResponseObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResponseObservation. -func (in *ResponseObservation) DeepCopy() *ResponseObservation { - if in == nil { - return nil + if in.OriginMaxHTTPVersion != nil { + in, out := &in.OriginMaxHTTPVersion, &out.OriginMaxHTTPVersion + *out = new(string) + **out = **in } - out := new(ResponseObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResponseParameters) DeepCopyInto(out *ResponseParameters) { - *out = *in - if in.Body != nil { - in, out := &in.Body, &out.Body + if in.Polish != nil { + in, out := &in.Polish, &out.Polish *out = new(string) **out = **in } - if in.ContentType != nil { - in, out := &in.ContentType, &out.ContentType + if in.PrefetchPreload != nil { + in, out := &in.PrefetchPreload, &out.PrefetchPreload *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResponseParameters. -func (in *ResponseParameters) DeepCopy() *ResponseParameters { - if in == nil { - return nil + if in.PrivacyPass != nil { + in, out := &in.PrivacyPass, &out.PrivacyPass + *out = new(string) + **out = **in } - out := new(ResponseParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SecurityHeaderObservation) DeepCopyInto(out *SecurityHeaderObservation) { - *out = *in - if in.Enabled != nil { - in, out := &in.Enabled, &out.Enabled - *out = new(bool) + if in.ProxyReadTimeout != nil { + in, out := &in.ProxyReadTimeout, &out.ProxyReadTimeout + *out = new(string) **out = **in } - if in.IncludeSubdomains != nil { - in, out := &in.IncludeSubdomains, &out.IncludeSubdomains - *out = new(bool) + if in.PseudoIPv4 != nil { + in, out := &in.PseudoIPv4, &out.PseudoIPv4 + *out = new(string) **out = **in } - if in.MaxAge != nil { - in, out := &in.MaxAge, &out.MaxAge - *out = new(float64) + if in.ResponseBuffering != nil { + in, out := &in.ResponseBuffering, &out.ResponseBuffering + *out = new(string) **out = **in } - if in.Nosniff != nil { - in, out := &in.Nosniff, &out.Nosniff - *out = new(bool) + if in.RocketLoader != nil { + in, out := &in.RocketLoader, &out.RocketLoader + *out = new(string) **out = **in } - if in.Preload != nil { - in, out := &in.Preload, &out.Preload - *out = new(bool) + if in.SSL != nil { + in, out := &in.SSL, &out.SSL + *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityHeaderObservation. -func (in *SecurityHeaderObservation) DeepCopy() *SecurityHeaderObservation { - if in == nil { - return nil + if in.SecurityHeader != nil { + in, out := &in.SecurityHeader, &out.SecurityHeader + *out = make([]SettingsSecurityHeaderObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - out := new(SecurityHeaderObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SecurityHeaderParameters) DeepCopyInto(out *SecurityHeaderParameters) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityHeaderParameters. -func (in *SecurityHeaderParameters) DeepCopy() *SecurityHeaderParameters { - if in == nil { - return nil + if in.SecurityLevel != nil { + in, out := &in.SecurityLevel, &out.SecurityLevel + *out = new(string) + **out = **in + } + if in.ServerSideExclude != nil { + in, out := &in.ServerSideExclude, &out.ServerSideExclude + *out = new(string) + **out = **in } - out := new(SecurityHeaderParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SettingsMinifyObservation) DeepCopyInto(out *SettingsMinifyObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsMinifyObservation. -func (in *SettingsMinifyObservation) DeepCopy() *SettingsMinifyObservation { - if in == nil { - return nil + if in.SortQueryStringForCache != nil { + in, out := &in.SortQueryStringForCache, &out.SortQueryStringForCache + *out = new(string) + **out = **in } - out := new(SettingsMinifyObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SettingsMinifyParameters) DeepCopyInto(out *SettingsMinifyParameters) { - *out = *in - if in.CSS != nil { - in, out := &in.CSS, &out.CSS + if in.TLS12Only != nil { + in, out := &in.TLS12Only, &out.TLS12Only *out = new(string) **out = **in } - if in.HTML != nil { - in, out := &in.HTML, &out.HTML + if in.TLS13 != nil { + in, out := &in.TLS13, &out.TLS13 *out = new(string) **out = **in } - if in.Js != nil { - in, out := &in.Js, &out.Js + if in.TLSClientAuth != nil { + in, out := &in.TLSClientAuth, &out.TLSClientAuth *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsMinifyParameters. -func (in *SettingsMinifyParameters) DeepCopy() *SettingsMinifyParameters { - if in == nil { - return nil + if in.TrueClientIPHeader != nil { + in, out := &in.TrueClientIPHeader, &out.TrueClientIPHeader + *out = new(string) + **out = **in } - out := new(SettingsMinifyParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SettingsMobileRedirectObservation) DeepCopyInto(out *SettingsMobileRedirectObservation) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsMobileRedirectObservation. -func (in *SettingsMobileRedirectObservation) DeepCopy() *SettingsMobileRedirectObservation { - if in == nil { - return nil + if in.UniversalSSL != nil { + in, out := &in.UniversalSSL, &out.UniversalSSL + *out = new(string) + **out = **in } - out := new(SettingsMobileRedirectObservation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SettingsMobileRedirectParameters) DeepCopyInto(out *SettingsMobileRedirectParameters) { - *out = *in - if in.MobileSubdomain != nil { - in, out := &in.MobileSubdomain, &out.MobileSubdomain + if in.VisitorIP != nil { + in, out := &in.VisitorIP, &out.VisitorIP *out = new(string) **out = **in } - if in.Status != nil { - in, out := &in.Status, &out.Status + if in.Waf != nil { + in, out := &in.Waf, &out.Waf *out = new(string) **out = **in } - if in.StripURI != nil { - in, out := &in.StripURI, &out.StripURI - *out = new(bool) + if in.Webp != nil { + in, out := &in.Webp, &out.Webp + *out = new(string) **out = **in } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsMobileRedirectParameters. -func (in *SettingsMobileRedirectParameters) DeepCopy() *SettingsMobileRedirectParameters { - if in == nil { - return nil + if in.Websockets != nil { + in, out := &in.Websockets, &out.Websockets + *out = new(string) + **out = **in + } + if in.ZeroRtt != nil { + in, out := &in.ZeroRtt, &out.ZeroRtt + *out = new(string) + **out = **in } - out := new(SettingsMobileRedirectParameters) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SettingsObservation) DeepCopyInto(out *SettingsObservation) { - *out = *in } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsObservation. @@ -2024,6 +3777,43 @@ func (in *SettingsOverride) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SettingsOverrideInitParameters) DeepCopyInto(out *SettingsOverrideInitParameters) { + *out = *in + if in.Settings != nil { + in, out := &in.Settings, &out.Settings + *out = make([]SettingsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsOverrideInitParameters. +func (in *SettingsOverrideInitParameters) DeepCopy() *SettingsOverrideInitParameters { + if in == nil { + return nil + } + out := new(SettingsOverrideInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SettingsOverrideList) DeepCopyInto(out *SettingsOverrideList) { *out = *in @@ -2087,6 +3877,18 @@ func (in *SettingsOverrideObservation) DeepCopyInto(out *SettingsOverrideObserva } } } + if in.Settings != nil { + in, out := &in.Settings, &out.Settings + *out = make([]SettingsObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } if in.ZoneStatus != nil { in, out := &in.ZoneStatus, &out.ZoneStatus *out = new(string) @@ -2151,6 +3953,7 @@ func (in *SettingsOverrideSpec) DeepCopyInto(out *SettingsOverrideSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsOverrideSpec. @@ -2482,9 +4285,74 @@ func (in *SettingsParameters) DeepCopy() *SettingsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SettingsSecurityHeaderInitParameters) DeepCopyInto(out *SettingsSecurityHeaderInitParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.IncludeSubdomains != nil { + in, out := &in.IncludeSubdomains, &out.IncludeSubdomains + *out = new(bool) + **out = **in + } + if in.MaxAge != nil { + in, out := &in.MaxAge, &out.MaxAge + *out = new(float64) + **out = **in + } + if in.Nosniff != nil { + in, out := &in.Nosniff, &out.Nosniff + *out = new(bool) + **out = **in + } + if in.Preload != nil { + in, out := &in.Preload, &out.Preload + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsSecurityHeaderInitParameters. +func (in *SettingsSecurityHeaderInitParameters) DeepCopy() *SettingsSecurityHeaderInitParameters { + if in == nil { + return nil + } + out := new(SettingsSecurityHeaderInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SettingsSecurityHeaderObservation) DeepCopyInto(out *SettingsSecurityHeaderObservation) { *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.IncludeSubdomains != nil { + in, out := &in.IncludeSubdomains, &out.IncludeSubdomains + *out = new(bool) + **out = **in + } + if in.MaxAge != nil { + in, out := &in.MaxAge, &out.MaxAge + *out = new(float64) + **out = **in + } + if in.Nosniff != nil { + in, out := &in.Nosniff, &out.Nosniff + *out = new(bool) + **out = **in + } + if in.Preload != nil { + in, out := &in.Preload, &out.Preload + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SettingsSecurityHeaderObservation. @@ -2564,6 +4432,41 @@ func (in *TieredCache) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TieredCacheInitParameters) DeepCopyInto(out *TieredCacheInitParameters) { + *out = *in + if in.CacheType != nil { + in, out := &in.CacheType, &out.CacheType + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TieredCacheInitParameters. +func (in *TieredCacheInitParameters) DeepCopy() *TieredCacheInitParameters { + if in == nil { + return nil + } + out := new(TieredCacheInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TieredCacheList) DeepCopyInto(out *TieredCacheList) { *out = *in @@ -2599,11 +4502,21 @@ func (in *TieredCacheList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TieredCacheObservation) DeepCopyInto(out *TieredCacheObservation) { *out = *in + if in.CacheType != nil { + in, out := &in.CacheType, &out.CacheType + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TieredCacheObservation. @@ -2656,6 +4569,7 @@ func (in *TieredCacheSpec) DeepCopyInto(out *TieredCacheSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TieredCacheSpec. @@ -2712,6 +4626,46 @@ func (in *TotalTLS) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TotalTLSInitParameters) DeepCopyInto(out *TotalTLSInitParameters) { + *out = *in + if in.CertificateAuthority != nil { + in, out := &in.CertificateAuthority, &out.CertificateAuthority + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TotalTLSInitParameters. +func (in *TotalTLSInitParameters) DeepCopy() *TotalTLSInitParameters { + if in == nil { + return nil + } + out := new(TotalTLSInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TotalTLSList) DeepCopyInto(out *TotalTLSList) { *out = *in @@ -2747,11 +4701,26 @@ func (in *TotalTLSList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TotalTLSObservation) DeepCopyInto(out *TotalTLSObservation) { *out = *in + if in.CertificateAuthority != nil { + in, out := &in.CertificateAuthority, &out.CertificateAuthority + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TotalTLSObservation. @@ -2809,6 +4778,7 @@ func (in *TotalTLSSpec) DeepCopyInto(out *TotalTLSSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TotalTLSSpec. @@ -2865,6 +4835,46 @@ func (in *URLNormalizationSettings) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *URLNormalizationSettingsInitParameters) DeepCopyInto(out *URLNormalizationSettingsInitParameters) { + *out = *in + if in.Scope != nil { + in, out := &in.Scope, &out.Scope + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new URLNormalizationSettingsInitParameters. +func (in *URLNormalizationSettingsInitParameters) DeepCopy() *URLNormalizationSettingsInitParameters { + if in == nil { + return nil + } + out := new(URLNormalizationSettingsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *URLNormalizationSettingsList) DeepCopyInto(out *URLNormalizationSettingsList) { *out = *in @@ -2905,6 +4915,21 @@ func (in *URLNormalizationSettingsObservation) DeepCopyInto(out *URLNormalizatio *out = new(string) **out = **in } + if in.Scope != nil { + in, out := &in.Scope, &out.Scope + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new URLNormalizationSettingsObservation. @@ -2962,6 +4987,7 @@ func (in *URLNormalizationSettingsSpec) DeepCopyInto(out *URLNormalizationSettin *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new URLNormalizationSettingsSpec. @@ -3018,6 +5044,58 @@ func (in *UserAgentBlockingRule) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserAgentBlockingRuleInitParameters) DeepCopyInto(out *UserAgentBlockingRuleInitParameters) { + *out = *in + if in.Configuration != nil { + in, out := &in.Configuration, &out.Configuration + *out = make([]ConfigurationInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.Paused != nil { + in, out := &in.Paused, &out.Paused + *out = new(bool) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } + if in.ZoneIDRef != nil { + in, out := &in.ZoneIDRef, &out.ZoneIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.ZoneIDSelector != nil { + in, out := &in.ZoneIDSelector, &out.ZoneIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserAgentBlockingRuleInitParameters. +func (in *UserAgentBlockingRuleInitParameters) DeepCopy() *UserAgentBlockingRuleInitParameters { + if in == nil { + return nil + } + out := new(UserAgentBlockingRuleInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UserAgentBlockingRuleList) DeepCopyInto(out *UserAgentBlockingRuleList) { *out = *in @@ -3053,11 +5131,38 @@ func (in *UserAgentBlockingRuleList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UserAgentBlockingRuleObservation) DeepCopyInto(out *UserAgentBlockingRuleObservation) { *out = *in + if in.Configuration != nil { + in, out := &in.Configuration, &out.Configuration + *out = make([]ConfigurationObservation, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.Paused != nil { + in, out := &in.Paused, &out.Paused + *out = new(bool) + **out = **in + } + if in.ZoneID != nil { + in, out := &in.ZoneID, &out.ZoneID + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserAgentBlockingRuleObservation. @@ -3127,6 +5232,7 @@ func (in *UserAgentBlockingRuleSpec) DeepCopyInto(out *UserAgentBlockingRuleSpec *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserAgentBlockingRuleSpec. @@ -3183,6 +5289,61 @@ func (in *Zone) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ZoneInitParameters) DeepCopyInto(out *ZoneInitParameters) { + *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } + if in.AccountIDRef != nil { + in, out := &in.AccountIDRef, &out.AccountIDRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.AccountIDSelector != nil { + in, out := &in.AccountIDSelector, &out.AccountIDSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.JumpStart != nil { + in, out := &in.JumpStart, &out.JumpStart + *out = new(bool) + **out = **in + } + if in.Paused != nil { + in, out := &in.Paused, &out.Paused + *out = new(bool) + **out = **in + } + if in.Plan != nil { + in, out := &in.Plan, &out.Plan + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.Zone != nil { + in, out := &in.Zone, &out.Zone + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ZoneInitParameters. +func (in *ZoneInitParameters) DeepCopy() *ZoneInitParameters { + if in == nil { + return nil + } + out := new(ZoneInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ZoneList) DeepCopyInto(out *ZoneList) { *out = *in @@ -3218,11 +5379,21 @@ func (in *ZoneList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ZoneObservation) DeepCopyInto(out *ZoneObservation) { *out = *in + if in.AccountID != nil { + in, out := &in.AccountID, &out.AccountID + *out = new(string) + **out = **in + } if in.ID != nil { in, out := &in.ID, &out.ID *out = new(string) **out = **in } + if in.JumpStart != nil { + in, out := &in.JumpStart, &out.JumpStart + *out = new(bool) + **out = **in + } if in.Meta != nil { in, out := &in.Meta, &out.Meta *out = make(map[string]*bool, len(*in)) @@ -3231,7 +5402,8 @@ func (in *ZoneObservation) DeepCopyInto(out *ZoneObservation) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = new(bool) **out = **in } @@ -3249,11 +5421,26 @@ func (in *ZoneObservation) DeepCopyInto(out *ZoneObservation) { } } } + if in.Paused != nil { + in, out := &in.Paused, &out.Paused + *out = new(bool) + **out = **in + } + if in.Plan != nil { + in, out := &in.Plan, &out.Plan + *out = new(string) + **out = **in + } if in.Status != nil { in, out := &in.Status, &out.Status *out = new(string) **out = **in } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } if in.VanityNameServers != nil { in, out := &in.VanityNameServers, &out.VanityNameServers *out = make([]*string, len(*in)) @@ -3270,6 +5457,11 @@ func (in *ZoneObservation) DeepCopyInto(out *ZoneObservation) { *out = new(string) **out = **in } + if in.Zone != nil { + in, out := &in.Zone, &out.Zone + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ZoneObservation. @@ -3342,6 +5534,7 @@ func (in *ZoneSpec) DeepCopyInto(out *ZoneSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ZoneSpec. diff --git a/apis/zone/v1alpha1/zz_generated.managed.go b/apis/zone/v1alpha1/zz_generated.managed.go index 8aa74b6..c998cc0 100644 --- a/apis/zone/v1alpha1/zz_generated.managed.go +++ b/apis/zone/v1alpha1/zz_generated.managed.go @@ -17,19 +17,16 @@ func (mg *DNSSEC) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this DNSSEC. +func (mg *DNSSEC) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this DNSSEC. func (mg *DNSSEC) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this DNSSEC. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *DNSSEC) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this DNSSEC. func (mg *DNSSEC) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -50,19 +47,16 @@ func (mg *DNSSEC) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this DNSSEC. +func (mg *DNSSEC) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this DNSSEC. func (mg *DNSSEC) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this DNSSEC. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *DNSSEC) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this DNSSEC. func (mg *DNSSEC) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -83,19 +77,16 @@ func (mg *Healthcheck) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Healthcheck. +func (mg *Healthcheck) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Healthcheck. func (mg *Healthcheck) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Healthcheck. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Healthcheck) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Healthcheck. func (mg *Healthcheck) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -116,19 +107,16 @@ func (mg *Healthcheck) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Healthcheck. +func (mg *Healthcheck) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Healthcheck. func (mg *Healthcheck) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Healthcheck. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Healthcheck) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Healthcheck. func (mg *Healthcheck) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -149,19 +137,16 @@ func (mg *LogpullRetention) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this LogpullRetention. +func (mg *LogpullRetention) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this LogpullRetention. func (mg *LogpullRetention) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this LogpullRetention. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *LogpullRetention) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this LogpullRetention. func (mg *LogpullRetention) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -182,19 +167,16 @@ func (mg *LogpullRetention) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this LogpullRetention. +func (mg *LogpullRetention) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this LogpullRetention. func (mg *LogpullRetention) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this LogpullRetention. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *LogpullRetention) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this LogpullRetention. func (mg *LogpullRetention) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -215,19 +197,16 @@ func (mg *ManagedHeaders) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this ManagedHeaders. +func (mg *ManagedHeaders) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this ManagedHeaders. func (mg *ManagedHeaders) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this ManagedHeaders. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *ManagedHeaders) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this ManagedHeaders. func (mg *ManagedHeaders) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -248,19 +227,16 @@ func (mg *ManagedHeaders) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this ManagedHeaders. +func (mg *ManagedHeaders) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this ManagedHeaders. func (mg *ManagedHeaders) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this ManagedHeaders. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *ManagedHeaders) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this ManagedHeaders. func (mg *ManagedHeaders) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -281,19 +257,16 @@ func (mg *RateLimit) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this RateLimit. +func (mg *RateLimit) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this RateLimit. func (mg *RateLimit) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this RateLimit. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *RateLimit) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this RateLimit. func (mg *RateLimit) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -314,19 +287,16 @@ func (mg *RateLimit) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this RateLimit. +func (mg *RateLimit) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this RateLimit. func (mg *RateLimit) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this RateLimit. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *RateLimit) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this RateLimit. func (mg *RateLimit) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -347,19 +317,16 @@ func (mg *SettingsOverride) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this SettingsOverride. +func (mg *SettingsOverride) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this SettingsOverride. func (mg *SettingsOverride) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this SettingsOverride. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *SettingsOverride) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this SettingsOverride. func (mg *SettingsOverride) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -380,19 +347,16 @@ func (mg *SettingsOverride) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this SettingsOverride. +func (mg *SettingsOverride) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this SettingsOverride. func (mg *SettingsOverride) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this SettingsOverride. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *SettingsOverride) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this SettingsOverride. func (mg *SettingsOverride) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -413,19 +377,16 @@ func (mg *TieredCache) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this TieredCache. +func (mg *TieredCache) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this TieredCache. func (mg *TieredCache) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this TieredCache. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *TieredCache) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this TieredCache. func (mg *TieredCache) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -446,19 +407,16 @@ func (mg *TieredCache) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this TieredCache. +func (mg *TieredCache) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this TieredCache. func (mg *TieredCache) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this TieredCache. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *TieredCache) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this TieredCache. func (mg *TieredCache) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -479,19 +437,16 @@ func (mg *TotalTLS) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this TotalTLS. +func (mg *TotalTLS) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this TotalTLS. func (mg *TotalTLS) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this TotalTLS. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *TotalTLS) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this TotalTLS. func (mg *TotalTLS) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -512,19 +467,16 @@ func (mg *TotalTLS) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this TotalTLS. +func (mg *TotalTLS) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this TotalTLS. func (mg *TotalTLS) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this TotalTLS. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *TotalTLS) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this TotalTLS. func (mg *TotalTLS) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -545,19 +497,16 @@ func (mg *URLNormalizationSettings) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this URLNormalizationSettings. +func (mg *URLNormalizationSettings) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this URLNormalizationSettings. func (mg *URLNormalizationSettings) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this URLNormalizationSettings. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *URLNormalizationSettings) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this URLNormalizationSettings. func (mg *URLNormalizationSettings) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -578,19 +527,16 @@ func (mg *URLNormalizationSettings) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this URLNormalizationSettings. +func (mg *URLNormalizationSettings) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this URLNormalizationSettings. func (mg *URLNormalizationSettings) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this URLNormalizationSettings. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *URLNormalizationSettings) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this URLNormalizationSettings. func (mg *URLNormalizationSettings) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -611,19 +557,16 @@ func (mg *UserAgentBlockingRule) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this UserAgentBlockingRule. +func (mg *UserAgentBlockingRule) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this UserAgentBlockingRule. func (mg *UserAgentBlockingRule) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this UserAgentBlockingRule. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *UserAgentBlockingRule) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this UserAgentBlockingRule. func (mg *UserAgentBlockingRule) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -644,19 +587,16 @@ func (mg *UserAgentBlockingRule) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this UserAgentBlockingRule. +func (mg *UserAgentBlockingRule) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this UserAgentBlockingRule. func (mg *UserAgentBlockingRule) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this UserAgentBlockingRule. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *UserAgentBlockingRule) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this UserAgentBlockingRule. func (mg *UserAgentBlockingRule) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r @@ -677,19 +617,16 @@ func (mg *Zone) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } +// GetManagementPolicies of this Zone. +func (mg *Zone) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies +} + // GetProviderConfigReference of this Zone. func (mg *Zone) GetProviderConfigReference() *xpv1.Reference { return mg.Spec.ProviderConfigReference } -/* -GetProviderReference of this Zone. -Deprecated: Use GetProviderConfigReference. -*/ -func (mg *Zone) GetProviderReference() *xpv1.Reference { - return mg.Spec.ProviderReference -} - // GetPublishConnectionDetailsTo of this Zone. func (mg *Zone) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { return mg.Spec.PublishConnectionDetailsTo @@ -710,19 +647,16 @@ func (mg *Zone) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } +// SetManagementPolicies of this Zone. +func (mg *Zone) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r +} + // SetProviderConfigReference of this Zone. func (mg *Zone) SetProviderConfigReference(r *xpv1.Reference) { mg.Spec.ProviderConfigReference = r } -/* -SetProviderReference of this Zone. -Deprecated: Use SetProviderConfigReference. -*/ -func (mg *Zone) SetProviderReference(r *xpv1.Reference) { - mg.Spec.ProviderReference = r -} - // SetPublishConnectionDetailsTo of this Zone. func (mg *Zone) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { mg.Spec.PublishConnectionDetailsTo = r diff --git a/apis/zone/v1alpha1/zz_generated.resolvers.go b/apis/zone/v1alpha1/zz_generated.resolvers.go index e61d496..77a57bb 100644 --- a/apis/zone/v1alpha1/zz_generated.resolvers.go +++ b/apis/zone/v1alpha1/zz_generated.resolvers.go @@ -36,6 +36,22 @@ func (mg *DNSSEC) ResolveReferences(ctx context.Context, c client.Reader) error mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &ZoneList{}, + Managed: &Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -62,6 +78,22 @@ func (mg *Healthcheck) ResolveReferences(ctx context.Context, c client.Reader) e mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &ZoneList{}, + Managed: &Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -88,6 +120,22 @@ func (mg *LogpullRetention) ResolveReferences(ctx context.Context, c client.Read mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &ZoneList{}, + Managed: &Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -114,6 +162,22 @@ func (mg *ManagedHeaders) ResolveReferences(ctx context.Context, c client.Reader mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &ZoneList{}, + Managed: &Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -140,6 +204,22 @@ func (mg *RateLimit) ResolveReferences(ctx context.Context, c client.Reader) err mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &ZoneList{}, + Managed: &Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -166,6 +246,22 @@ func (mg *SettingsOverride) ResolveReferences(ctx context.Context, c client.Read mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &ZoneList{}, + Managed: &Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -192,6 +288,22 @@ func (mg *TieredCache) ResolveReferences(ctx context.Context, c client.Reader) e mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &ZoneList{}, + Managed: &Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -218,6 +330,22 @@ func (mg *TotalTLS) ResolveReferences(ctx context.Context, c client.Reader) erro mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &ZoneList{}, + Managed: &Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -244,6 +372,22 @@ func (mg *URLNormalizationSettings) ResolveReferences(ctx context.Context, c cli mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &ZoneList{}, + Managed: &Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -270,6 +414,22 @@ func (mg *UserAgentBlockingRule) ResolveReferences(ctx context.Context, c client mg.Spec.ForProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ZoneIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.ZoneID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.ZoneIDRef, + Selector: mg.Spec.InitProvider.ZoneIDSelector, + To: reference.To{ + List: &ZoneList{}, + Managed: &Zone{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ZoneID") + } + mg.Spec.InitProvider.ZoneID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.ZoneIDRef = rsp.ResolvedReference + return nil } @@ -296,5 +456,21 @@ func (mg *Zone) ResolveReferences(ctx context.Context, c client.Reader) error { mg.Spec.ForProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.AccountIDRef = rsp.ResolvedReference + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.InitProvider.AccountID), + Extract: reference.ExternalName(), + Reference: mg.Spec.InitProvider.AccountIDRef, + Selector: mg.Spec.InitProvider.AccountIDSelector, + To: reference.To{ + List: &v1alpha1.AccountList{}, + Managed: &v1alpha1.Account{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.AccountID") + } + mg.Spec.InitProvider.AccountID = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.InitProvider.AccountIDRef = rsp.ResolvedReference + return nil } diff --git a/apis/zone/v1alpha1/zz_generated_terraformed.go b/apis/zone/v1alpha1/zz_generated_terraformed.go deleted file mode 100755 index e9ed61a..0000000 --- a/apis/zone/v1alpha1/zz_generated_terraformed.go +++ /dev/null @@ -1,828 +0,0 @@ -/* -Copyright 2022 Upbound Inc. -*/ - -// Code generated by upjet. DO NOT EDIT. - -package v1alpha1 - -import ( - "github.com/pkg/errors" - - "github.com/upbound/upjet/pkg/resource" - "github.com/upbound/upjet/pkg/resource/json" -) - -// GetTerraformResourceType returns Terraform resource type for this Healthcheck -func (mg *Healthcheck) GetTerraformResourceType() string { - return "cloudflare_healthcheck" -} - -// GetConnectionDetailsMapping for this Healthcheck -func (tr *Healthcheck) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Healthcheck -func (tr *Healthcheck) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Healthcheck -func (tr *Healthcheck) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Healthcheck -func (tr *Healthcheck) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Healthcheck -func (tr *Healthcheck) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Healthcheck -func (tr *Healthcheck) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Healthcheck using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Healthcheck) LateInitialize(attrs []byte) (bool, error) { - params := &HealthcheckParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Healthcheck) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this LogpullRetention -func (mg *LogpullRetention) GetTerraformResourceType() string { - return "cloudflare_logpull_retention" -} - -// GetConnectionDetailsMapping for this LogpullRetention -func (tr *LogpullRetention) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this LogpullRetention -func (tr *LogpullRetention) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this LogpullRetention -func (tr *LogpullRetention) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this LogpullRetention -func (tr *LogpullRetention) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this LogpullRetention -func (tr *LogpullRetention) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this LogpullRetention -func (tr *LogpullRetention) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this LogpullRetention using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *LogpullRetention) LateInitialize(attrs []byte) (bool, error) { - params := &LogpullRetentionParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *LogpullRetention) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this ManagedHeaders -func (mg *ManagedHeaders) GetTerraformResourceType() string { - return "cloudflare_managed_headers" -} - -// GetConnectionDetailsMapping for this ManagedHeaders -func (tr *ManagedHeaders) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this ManagedHeaders -func (tr *ManagedHeaders) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this ManagedHeaders -func (tr *ManagedHeaders) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this ManagedHeaders -func (tr *ManagedHeaders) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this ManagedHeaders -func (tr *ManagedHeaders) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this ManagedHeaders -func (tr *ManagedHeaders) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this ManagedHeaders using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *ManagedHeaders) LateInitialize(attrs []byte) (bool, error) { - params := &ManagedHeadersParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *ManagedHeaders) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this RateLimit -func (mg *RateLimit) GetTerraformResourceType() string { - return "cloudflare_rate_limit" -} - -// GetConnectionDetailsMapping for this RateLimit -func (tr *RateLimit) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this RateLimit -func (tr *RateLimit) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this RateLimit -func (tr *RateLimit) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this RateLimit -func (tr *RateLimit) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this RateLimit -func (tr *RateLimit) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this RateLimit -func (tr *RateLimit) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this RateLimit using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *RateLimit) LateInitialize(attrs []byte) (bool, error) { - params := &RateLimitParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *RateLimit) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this TieredCache -func (mg *TieredCache) GetTerraformResourceType() string { - return "cloudflare_tiered_cache" -} - -// GetConnectionDetailsMapping for this TieredCache -func (tr *TieredCache) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this TieredCache -func (tr *TieredCache) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this TieredCache -func (tr *TieredCache) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this TieredCache -func (tr *TieredCache) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this TieredCache -func (tr *TieredCache) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this TieredCache -func (tr *TieredCache) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this TieredCache using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *TieredCache) LateInitialize(attrs []byte) (bool, error) { - params := &TieredCacheParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *TieredCache) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this TotalTLS -func (mg *TotalTLS) GetTerraformResourceType() string { - return "cloudflare_total_tls" -} - -// GetConnectionDetailsMapping for this TotalTLS -func (tr *TotalTLS) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this TotalTLS -func (tr *TotalTLS) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this TotalTLS -func (tr *TotalTLS) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this TotalTLS -func (tr *TotalTLS) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this TotalTLS -func (tr *TotalTLS) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this TotalTLS -func (tr *TotalTLS) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this TotalTLS using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *TotalTLS) LateInitialize(attrs []byte) (bool, error) { - params := &TotalTLSParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *TotalTLS) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this URLNormalizationSettings -func (mg *URLNormalizationSettings) GetTerraformResourceType() string { - return "cloudflare_url_normalization_settings" -} - -// GetConnectionDetailsMapping for this URLNormalizationSettings -func (tr *URLNormalizationSettings) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this URLNormalizationSettings -func (tr *URLNormalizationSettings) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this URLNormalizationSettings -func (tr *URLNormalizationSettings) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this URLNormalizationSettings -func (tr *URLNormalizationSettings) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this URLNormalizationSettings -func (tr *URLNormalizationSettings) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this URLNormalizationSettings -func (tr *URLNormalizationSettings) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this URLNormalizationSettings using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *URLNormalizationSettings) LateInitialize(attrs []byte) (bool, error) { - params := &URLNormalizationSettingsParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *URLNormalizationSettings) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this UserAgentBlockingRule -func (mg *UserAgentBlockingRule) GetTerraformResourceType() string { - return "cloudflare_user_agent_blocking_rule" -} - -// GetConnectionDetailsMapping for this UserAgentBlockingRule -func (tr *UserAgentBlockingRule) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this UserAgentBlockingRule -func (tr *UserAgentBlockingRule) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this UserAgentBlockingRule -func (tr *UserAgentBlockingRule) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this UserAgentBlockingRule -func (tr *UserAgentBlockingRule) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this UserAgentBlockingRule -func (tr *UserAgentBlockingRule) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this UserAgentBlockingRule -func (tr *UserAgentBlockingRule) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this UserAgentBlockingRule using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *UserAgentBlockingRule) LateInitialize(attrs []byte) (bool, error) { - params := &UserAgentBlockingRuleParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *UserAgentBlockingRule) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this Zone -func (mg *Zone) GetTerraformResourceType() string { - return "cloudflare_zone" -} - -// GetConnectionDetailsMapping for this Zone -func (tr *Zone) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this Zone -func (tr *Zone) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this Zone -func (tr *Zone) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this Zone -func (tr *Zone) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this Zone -func (tr *Zone) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this Zone -func (tr *Zone) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this Zone using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *Zone) LateInitialize(attrs []byte) (bool, error) { - params := &ZoneParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *Zone) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this DNSSEC -func (mg *DNSSEC) GetTerraformResourceType() string { - return "cloudflare_zone_dnssec" -} - -// GetConnectionDetailsMapping for this DNSSEC -func (tr *DNSSEC) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this DNSSEC -func (tr *DNSSEC) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this DNSSEC -func (tr *DNSSEC) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this DNSSEC -func (tr *DNSSEC) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this DNSSEC -func (tr *DNSSEC) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this DNSSEC -func (tr *DNSSEC) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this DNSSEC using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *DNSSEC) LateInitialize(attrs []byte) (bool, error) { - params := &DNSSECParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *DNSSEC) GetTerraformSchemaVersion() int { - return 0 -} - -// GetTerraformResourceType returns Terraform resource type for this SettingsOverride -func (mg *SettingsOverride) GetTerraformResourceType() string { - return "cloudflare_zone_settings_override" -} - -// GetConnectionDetailsMapping for this SettingsOverride -func (tr *SettingsOverride) GetConnectionDetailsMapping() map[string]string { - return nil -} - -// GetObservation of this SettingsOverride -func (tr *SettingsOverride) GetObservation() (map[string]any, error) { - o, err := json.TFParser.Marshal(tr.Status.AtProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(o, &base) -} - -// SetObservation for this SettingsOverride -func (tr *SettingsOverride) SetObservation(obs map[string]any) error { - p, err := json.TFParser.Marshal(obs) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) -} - -// GetID returns ID of underlying Terraform resource of this SettingsOverride -func (tr *SettingsOverride) GetID() string { - if tr.Status.AtProvider.ID == nil { - return "" - } - return *tr.Status.AtProvider.ID -} - -// GetParameters of this SettingsOverride -func (tr *SettingsOverride) GetParameters() (map[string]any, error) { - p, err := json.TFParser.Marshal(tr.Spec.ForProvider) - if err != nil { - return nil, err - } - base := map[string]any{} - return base, json.TFParser.Unmarshal(p, &base) -} - -// SetParameters for this SettingsOverride -func (tr *SettingsOverride) SetParameters(params map[string]any) error { - p, err := json.TFParser.Marshal(params) - if err != nil { - return err - } - return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) -} - -// LateInitialize this SettingsOverride using its observed tfState. -// returns True if there are any spec changes for the resource. -func (tr *SettingsOverride) LateInitialize(attrs []byte) (bool, error) { - params := &SettingsOverrideParameters{} - if err := json.TFParser.Unmarshal(attrs, params); err != nil { - return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") - } - opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} - - li := resource.NewGenericLateInitializer(opts...) - return li.LateInitialize(&tr.Spec.ForProvider, params) -} - -// GetTerraformSchemaVersion returns the associated Terraform schema version -func (tr *SettingsOverride) GetTerraformSchemaVersion() int { - return 0 -} diff --git a/apis/zone/v1alpha1/zz_groupversion_info.go b/apis/zone/v1alpha1/zz_groupversion_info.go index f1154be..3ac2cc1 100755 --- a/apis/zone/v1alpha1/zz_groupversion_info.go +++ b/apis/zone/v1alpha1/zz_groupversion_info.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/apis/zone/v1alpha1/zz_healthcheck_terraformed.go b/apis/zone/v1alpha1/zz_healthcheck_terraformed.go new file mode 100755 index 0000000..45eeeff --- /dev/null +++ b/apis/zone/v1alpha1/zz_healthcheck_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Healthcheck +func (mg *Healthcheck) GetTerraformResourceType() string { + return "cloudflare_healthcheck" +} + +// GetConnectionDetailsMapping for this Healthcheck +func (tr *Healthcheck) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Healthcheck +func (tr *Healthcheck) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Healthcheck +func (tr *Healthcheck) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Healthcheck +func (tr *Healthcheck) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Healthcheck +func (tr *Healthcheck) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Healthcheck +func (tr *Healthcheck) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Healthcheck +func (tr *Healthcheck) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Healthcheck +func (tr *Healthcheck) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Healthcheck using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Healthcheck) LateInitialize(attrs []byte) (bool, error) { + params := &HealthcheckParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Healthcheck) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/zone/v1alpha1/zz_healthcheck_types.go b/apis/zone/v1alpha1/zz_healthcheck_types.go index 0e746b3..07e1705 100755 --- a/apis/zone/v1alpha1/zz_healthcheck_types.go +++ b/apis/zone/v1alpha1/zz_healthcheck_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,109 +17,328 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type HeaderInitParameters struct { + + // Agent header cannot be overridden. (see below for nested schema) + // The header name. + Header *string `json:"header,omitempty" tf:"header,omitempty"` + + // (Set of String) A list of string values for the header. + // A list of string values for the header. + // +listType=set + Values []*string `json:"values,omitempty" tf:"values,omitempty"` +} + type HeaderObservation struct { + + // Agent header cannot be overridden. (see below for nested schema) + // The header name. + Header *string `json:"header,omitempty" tf:"header,omitempty"` + + // (Set of String) A list of string values for the header. + // A list of string values for the header. + // +listType=set + Values []*string `json:"values,omitempty" tf:"values,omitempty"` } type HeaderParameters struct { + // Agent header cannot be overridden. (see below for nested schema) // The header name. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Header *string `json:"header" tf:"header,omitempty"` + // (Set of String) A list of string values for the header. // A list of string values for the header. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional + // +listType=set Values []*string `json:"values" tf:"values,omitempty"` } +type HealthcheckInitParameters struct { + + // (String) The hostname or IP address of the origin server to run health checks on. + // The hostname or IP address of the origin server to run health checks on. + Address *string `json:"address,omitempty" tf:"address,omitempty"` + + // (Boolean) Do not validate the certificate when the health check uses HTTPS. Defaults to false. + // Do not validate the certificate when the health check uses HTTPS. Defaults to `false`. + AllowInsecure *bool `json:"allowInsecure,omitempty" tf:"allow_insecure,omitempty"` + + // (List of String) A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: WNAM, ENAM, WEU, EEU, NSAM, SSAM, OC, ME, NAF, SAF, IN, SEAS, NEAS, ALL_REGIONS. + // A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: `WNAM`, `ENAM`, `WEU`, `EEU`, `NSAM`, `SSAM`, `OC`, `ME`, `NAF`, `SAF`, `IN`, `SEAS`, `NEAS`, `ALL_REGIONS`. + CheckRegions []*string `json:"checkRegions,omitempty" tf:"check_regions,omitempty"` + + // (Number) The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to 1. + // The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to `1`. + ConsecutiveFails *float64 `json:"consecutiveFails,omitempty" tf:"consecutive_fails,omitempty"` + + // (Number) The number of consecutive successes required from a health check before changing the health to healthy. Defaults to 1. + // The number of consecutive successes required from a health check before changing the health to healthy. Defaults to `1`. + ConsecutiveSuccesses *float64 `json:"consecutiveSuccesses,omitempty" tf:"consecutive_successes,omitempty"` + + // readable description of the health check. + // A human-readable description of the health check. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. + // A case-insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. + ExpectedBody *string `json:"expectedBody,omitempty" tf:"expected_body,omitempty"` + + // (List of String) The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. + // The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. + ExpectedCodes []*string `json:"expectedCodes,omitempty" tf:"expected_codes,omitempty"` + + // (Boolean) Follow redirects if the origin returns a 3xx status code. Defaults to false. + // Follow redirects if the origin returns a 3xx status code. Defaults to `false`. + FollowRedirects *bool `json:"followRedirects,omitempty" tf:"follow_redirects,omitempty"` + + // Agent header cannot be overridden. (see below for nested schema) + // The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. + Header []HeaderInitParameters `json:"header,omitempty" tf:"header,omitempty"` + + // (Number) The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to 60. + // The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to `60`. + Interval *float64 `json:"interval,omitempty" tf:"interval,omitempty"` + + // (String) The HTTP method to use for the health check. Available values: connection_established, GET, HEAD. + // The HTTP method to use for the health check. Available values: `connection_established`, `GET`, `HEAD`. + Method *string `json:"method,omitempty" tf:"method,omitempty"` + + // (String) A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. + // A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The endpoint path to health check against. Defaults to /. + // The endpoint path to health check against. Defaults to `/`. + Path *string `json:"path,omitempty" tf:"path,omitempty"` + + // (Number) Port number to connect to for the health check. Defaults to 80. + // Port number to connect to for the health check. Defaults to `80`. + Port *float64 `json:"port,omitempty" tf:"port,omitempty"` + + // (Number) The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to 2. + // The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to `2`. + Retries *float64 `json:"retries,omitempty" tf:"retries,omitempty"` + + // (Boolean) If suspended, no health checks are sent to the origin. Defaults to false. + // If suspended, no health checks are sent to the origin. Defaults to `false`. + Suspended *bool `json:"suspended,omitempty" tf:"suspended,omitempty"` + + // (Number) The timeout (in seconds) before marking the health check as failed. Defaults to 5. + // The timeout (in seconds) before marking the health check as failed. Defaults to `5`. + Timeout *float64 `json:"timeout,omitempty" tf:"timeout,omitempty"` + + // (String) The protocol to use for the health check. Available values: TCP, HTTP, HTTPS. + // The protocol to use for the health check. Available values: `TCP`, `HTTP`, `HTTPS`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type HealthcheckObservation struct { + // (String) The hostname or IP address of the origin server to run health checks on. + // The hostname or IP address of the origin server to run health checks on. + Address *string `json:"address,omitempty" tf:"address,omitempty"` + + // (Boolean) Do not validate the certificate when the health check uses HTTPS. Defaults to false. + // Do not validate the certificate when the health check uses HTTPS. Defaults to `false`. + AllowInsecure *bool `json:"allowInsecure,omitempty" tf:"allow_insecure,omitempty"` + + // (List of String) A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: WNAM, ENAM, WEU, EEU, NSAM, SSAM, OC, ME, NAF, SAF, IN, SEAS, NEAS, ALL_REGIONS. + // A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: `WNAM`, `ENAM`, `WEU`, `EEU`, `NSAM`, `SSAM`, `OC`, `ME`, `NAF`, `SAF`, `IN`, `SEAS`, `NEAS`, `ALL_REGIONS`. + CheckRegions []*string `json:"checkRegions,omitempty" tf:"check_regions,omitempty"` + + // (Number) The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to 1. + // The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to `1`. + ConsecutiveFails *float64 `json:"consecutiveFails,omitempty" tf:"consecutive_fails,omitempty"` + + // (Number) The number of consecutive successes required from a health check before changing the health to healthy. Defaults to 1. + // The number of consecutive successes required from a health check before changing the health to healthy. Defaults to `1`. + ConsecutiveSuccesses *float64 `json:"consecutiveSuccesses,omitempty" tf:"consecutive_successes,omitempty"` + + // (String) Creation time. // Creation time. CreatedOn *string `json:"createdOn,omitempty" tf:"created_on,omitempty"` + // readable description of the health check. + // A human-readable description of the health check. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. + // A case-insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. + ExpectedBody *string `json:"expectedBody,omitempty" tf:"expected_body,omitempty"` + + // (List of String) The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. + // The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. + ExpectedCodes []*string `json:"expectedCodes,omitempty" tf:"expected_codes,omitempty"` + + // (Boolean) Follow redirects if the origin returns a 3xx status code. Defaults to false. + // Follow redirects if the origin returns a 3xx status code. Defaults to `false`. + FollowRedirects *bool `json:"followRedirects,omitempty" tf:"follow_redirects,omitempty"` + + // Agent header cannot be overridden. (see below for nested schema) + // The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. + Header []HeaderObservation `json:"header,omitempty" tf:"header,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (Number) The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to 60. + // The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to `60`. + Interval *float64 `json:"interval,omitempty" tf:"interval,omitempty"` + + // (String) The HTTP method to use for the health check. Available values: connection_established, GET, HEAD. + // The HTTP method to use for the health check. Available values: `connection_established`, `GET`, `HEAD`. + Method *string `json:"method,omitempty" tf:"method,omitempty"` + + // (String) Last modified time. // Last modified time. ModifiedOn *string `json:"modifiedOn,omitempty" tf:"modified_on,omitempty"` + + // (String) A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. + // A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // (String) The endpoint path to health check against. Defaults to /. + // The endpoint path to health check against. Defaults to `/`. + Path *string `json:"path,omitempty" tf:"path,omitempty"` + + // (Number) Port number to connect to for the health check. Defaults to 80. + // Port number to connect to for the health check. Defaults to `80`. + Port *float64 `json:"port,omitempty" tf:"port,omitempty"` + + // (Number) The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to 2. + // The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to `2`. + Retries *float64 `json:"retries,omitempty" tf:"retries,omitempty"` + + // (Boolean) If suspended, no health checks are sent to the origin. Defaults to false. + // If suspended, no health checks are sent to the origin. Defaults to `false`. + Suspended *bool `json:"suspended,omitempty" tf:"suspended,omitempty"` + + // (Number) The timeout (in seconds) before marking the health check as failed. Defaults to 5. + // The timeout (in seconds) before marking the health check as failed. Defaults to `5`. + Timeout *float64 `json:"timeout,omitempty" tf:"timeout,omitempty"` + + // (String) The protocol to use for the health check. Available values: TCP, HTTP, HTTPS. + // The protocol to use for the health check. Available values: `TCP`, `HTTP`, `HTTPS`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type HealthcheckParameters struct { + // (String) The hostname or IP address of the origin server to run health checks on. // The hostname or IP address of the origin server to run health checks on. - // +kubebuilder:validation:Required - Address *string `json:"address" tf:"address,omitempty"` + // +kubebuilder:validation:Optional + Address *string `json:"address,omitempty" tf:"address,omitempty"` + // (Boolean) Do not validate the certificate when the health check uses HTTPS. Defaults to false. // Do not validate the certificate when the health check uses HTTPS. Defaults to `false`. // +kubebuilder:validation:Optional AllowInsecure *bool `json:"allowInsecure,omitempty" tf:"allow_insecure,omitempty"` + // (List of String) A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: WNAM, ENAM, WEU, EEU, NSAM, SSAM, OC, ME, NAF, SAF, IN, SEAS, NEAS, ALL_REGIONS. // A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: `WNAM`, `ENAM`, `WEU`, `EEU`, `NSAM`, `SSAM`, `OC`, `ME`, `NAF`, `SAF`, `IN`, `SEAS`, `NEAS`, `ALL_REGIONS`. // +kubebuilder:validation:Optional CheckRegions []*string `json:"checkRegions,omitempty" tf:"check_regions,omitempty"` + // (Number) The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to 1. // The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to `1`. // +kubebuilder:validation:Optional ConsecutiveFails *float64 `json:"consecutiveFails,omitempty" tf:"consecutive_fails,omitempty"` + // (Number) The number of consecutive successes required from a health check before changing the health to healthy. Defaults to 1. // The number of consecutive successes required from a health check before changing the health to healthy. Defaults to `1`. // +kubebuilder:validation:Optional ConsecutiveSuccesses *float64 `json:"consecutiveSuccesses,omitempty" tf:"consecutive_successes,omitempty"` + // readable description of the health check. // A human-readable description of the health check. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. // A case-insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. // +kubebuilder:validation:Optional ExpectedBody *string `json:"expectedBody,omitempty" tf:"expected_body,omitempty"` + // (List of String) The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. // The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. // +kubebuilder:validation:Optional ExpectedCodes []*string `json:"expectedCodes,omitempty" tf:"expected_codes,omitempty"` + // (Boolean) Follow redirects if the origin returns a 3xx status code. Defaults to false. // Follow redirects if the origin returns a 3xx status code. Defaults to `false`. // +kubebuilder:validation:Optional FollowRedirects *bool `json:"followRedirects,omitempty" tf:"follow_redirects,omitempty"` + // Agent header cannot be overridden. (see below for nested schema) // The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. // +kubebuilder:validation:Optional Header []HeaderParameters `json:"header,omitempty" tf:"header,omitempty"` + // (Number) The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to 60. // The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to `60`. // +kubebuilder:validation:Optional Interval *float64 `json:"interval,omitempty" tf:"interval,omitempty"` + // (String) The HTTP method to use for the health check. Available values: connection_established, GET, HEAD. // The HTTP method to use for the health check. Available values: `connection_established`, `GET`, `HEAD`. // +kubebuilder:validation:Optional Method *string `json:"method,omitempty" tf:"method,omitempty"` + // (String) A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. // A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` + // (String) The endpoint path to health check against. Defaults to /. // The endpoint path to health check against. Defaults to `/`. // +kubebuilder:validation:Optional Path *string `json:"path,omitempty" tf:"path,omitempty"` + // (Number) Port number to connect to for the health check. Defaults to 80. // Port number to connect to for the health check. Defaults to `80`. // +kubebuilder:validation:Optional Port *float64 `json:"port,omitempty" tf:"port,omitempty"` + // (Number) The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to 2. // The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to `2`. // +kubebuilder:validation:Optional Retries *float64 `json:"retries,omitempty" tf:"retries,omitempty"` + // (Boolean) If suspended, no health checks are sent to the origin. Defaults to false. // If suspended, no health checks are sent to the origin. Defaults to `false`. // +kubebuilder:validation:Optional Suspended *bool `json:"suspended,omitempty" tf:"suspended,omitempty"` + // (Number) The timeout (in seconds) before marking the health check as failed. Defaults to 5. // The timeout (in seconds) before marking the health check as failed. Defaults to `5`. // +kubebuilder:validation:Optional Timeout *float64 `json:"timeout,omitempty" tf:"timeout,omitempty"` + // (String) The protocol to use for the health check. Available values: TCP, HTTP, HTTPS. // The protocol to use for the health check. Available values: `TCP`, `HTTP`, `HTTPS`. - // +kubebuilder:validation:Required - Type *string `json:"type" tf:"type,omitempty"` + // +kubebuilder:validation:Optional + Type *string `json:"type,omitempty" tf:"type,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=Zone // +kubebuilder:validation:Optional @@ -134,6 +357,17 @@ type HealthcheckParameters struct { type HealthcheckSpec struct { v1.ResourceSpec `json:",inline"` ForProvider HealthcheckParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider HealthcheckInitParameters `json:"initProvider,omitempty"` } // HealthcheckStatus defines the observed state of Healthcheck. @@ -143,19 +377,23 @@ type HealthcheckStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Healthcheck is the Schema for the Healthchecks API. +// Healthcheck is the Schema for the Healthchecks API. Standalone Health Checks provide a way to monitor origin servers without needing a Cloudflare Load Balancer. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Healthcheck struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec HealthcheckSpec `json:"spec"` - Status HealthcheckStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.address) || (has(self.initProvider) && has(self.initProvider.address))",message="spec.forProvider.address is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.type) || (has(self.initProvider) && has(self.initProvider.type))",message="spec.forProvider.type is a required parameter" + Spec HealthcheckSpec `json:"spec"` + Status HealthcheckStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/zone/v1alpha1/zz_logpullretention_terraformed.go b/apis/zone/v1alpha1/zz_logpullretention_terraformed.go new file mode 100755 index 0000000..94ff30f --- /dev/null +++ b/apis/zone/v1alpha1/zz_logpullretention_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this LogpullRetention +func (mg *LogpullRetention) GetTerraformResourceType() string { + return "cloudflare_logpull_retention" +} + +// GetConnectionDetailsMapping for this LogpullRetention +func (tr *LogpullRetention) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this LogpullRetention +func (tr *LogpullRetention) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this LogpullRetention +func (tr *LogpullRetention) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this LogpullRetention +func (tr *LogpullRetention) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this LogpullRetention +func (tr *LogpullRetention) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this LogpullRetention +func (tr *LogpullRetention) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this LogpullRetention +func (tr *LogpullRetention) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this LogpullRetention +func (tr *LogpullRetention) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this LogpullRetention using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *LogpullRetention) LateInitialize(attrs []byte) (bool, error) { + params := &LogpullRetentionParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *LogpullRetention) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/zone/v1alpha1/zz_logpullretention_types.go b/apis/zone/v1alpha1/zz_logpullretention_types.go index 4bdacda..9bcc102 100755 --- a/apis/zone/v1alpha1/zz_logpullretention_types.go +++ b/apis/zone/v1alpha1/zz_logpullretention_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,15 +17,44 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type LogpullRetentionInitParameters struct { + + // Whether you wish to retain logs or not. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // The zone ID to apply the log retention to. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type LogpullRetentionObservation struct { + + // Whether you wish to retain logs or not. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // The zone ID to apply the log retention to. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type LogpullRetentionParameters struct { - // +kubebuilder:validation:Required - Enabled *bool `json:"enabled" tf:"enabled,omitempty"` + // Whether you wish to retain logs or not. + // +kubebuilder:validation:Optional + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // The zone ID to apply the log retention to. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=Zone // +kubebuilder:validation:Optional @@ -40,6 +73,17 @@ type LogpullRetentionParameters struct { type LogpullRetentionSpec struct { v1.ResourceSpec `json:",inline"` ForProvider LogpullRetentionParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider LogpullRetentionInitParameters `json:"initProvider,omitempty"` } // LogpullRetentionStatus defines the observed state of LogpullRetention. @@ -49,19 +93,21 @@ type LogpullRetentionStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// LogpullRetention is the Schema for the LogpullRetentions API. +// LogpullRetention is the Schema for the LogpullRetentions API. Allows management of the Logpull Retention settings used to control whether or not to retain HTTP request logs. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type LogpullRetention struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec LogpullRetentionSpec `json:"spec"` - Status LogpullRetentionStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.enabled) || (has(self.initProvider) && has(self.initProvider.enabled))",message="spec.forProvider.enabled is a required parameter" + Spec LogpullRetentionSpec `json:"spec"` + Status LogpullRetentionStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/zone/v1alpha1/zz_managedheaders_terraformed.go b/apis/zone/v1alpha1/zz_managedheaders_terraformed.go new file mode 100755 index 0000000..9695ae9 --- /dev/null +++ b/apis/zone/v1alpha1/zz_managedheaders_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this ManagedHeaders +func (mg *ManagedHeaders) GetTerraformResourceType() string { + return "cloudflare_managed_headers" +} + +// GetConnectionDetailsMapping for this ManagedHeaders +func (tr *ManagedHeaders) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this ManagedHeaders +func (tr *ManagedHeaders) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this ManagedHeaders +func (tr *ManagedHeaders) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this ManagedHeaders +func (tr *ManagedHeaders) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this ManagedHeaders +func (tr *ManagedHeaders) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this ManagedHeaders +func (tr *ManagedHeaders) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this ManagedHeaders +func (tr *ManagedHeaders) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this ManagedHeaders +func (tr *ManagedHeaders) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this ManagedHeaders using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *ManagedHeaders) LateInitialize(attrs []byte) (bool, error) { + params := &ManagedHeadersParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *ManagedHeaders) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/zone/v1alpha1/zz_managedheaders_types.go b/apis/zone/v1alpha1/zz_managedheaders_types.go index 59b9212..8ccd3b9 100755 --- a/apis/zone/v1alpha1/zz_managedheaders_types.go +++ b/apis/zone/v1alpha1/zz_managedheaders_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,20 +17,61 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ManagedHeadersInitParameters struct { + + // (Block Set) The list of managed request headers. (see below for nested schema) + // The list of managed request headers. + ManagedRequestHeaders []ManagedRequestHeadersInitParameters `json:"managedRequestHeaders,omitempty" tf:"managed_request_headers,omitempty"` + + // (Block Set) The list of managed response headers. (see below for nested schema) + // The list of managed response headers. + ManagedResponseHeaders []ManagedResponseHeadersInitParameters `json:"managedResponseHeaders,omitempty" tf:"managed_response_headers,omitempty"` + + // (String) The zone identifier to target for the resource. + // The zone identifier to target for the resource. + // +crossplane:generate:reference:type=Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type ManagedHeadersObservation struct { + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (Block Set) The list of managed request headers. (see below for nested schema) + // The list of managed request headers. + ManagedRequestHeaders []ManagedRequestHeadersObservation `json:"managedRequestHeaders,omitempty" tf:"managed_request_headers,omitempty"` + + // (Block Set) The list of managed response headers. (see below for nested schema) + // The list of managed response headers. + ManagedResponseHeaders []ManagedResponseHeadersObservation `json:"managedResponseHeaders,omitempty" tf:"managed_response_headers,omitempty"` + + // (String) The zone identifier to target for the resource. + // The zone identifier to target for the resource. + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type ManagedHeadersParameters struct { + // (Block Set) The list of managed request headers. (see below for nested schema) // The list of managed request headers. // +kubebuilder:validation:Optional ManagedRequestHeaders []ManagedRequestHeadersParameters `json:"managedRequestHeaders,omitempty" tf:"managed_request_headers,omitempty"` + // (Block Set) The list of managed response headers. (see below for nested schema) // The list of managed response headers. // +kubebuilder:validation:Optional ManagedResponseHeaders []ManagedResponseHeadersParameters `json:"managedResponseHeaders,omitempty" tf:"managed_response_headers,omitempty"` + // (String) The zone identifier to target for the resource. // The zone identifier to target for the resource. // +crossplane:generate:reference:type=Zone // +kubebuilder:validation:Optional @@ -41,31 +86,73 @@ type ManagedHeadersParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type ManagedRequestHeadersInitParameters struct { + + // (Boolean) Whether the headers rule is active. + // Whether the headers rule is active. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The ID of this resource. + // Unique headers rule identifier. + ID *string `json:"id,omitempty" tf:"id,omitempty"` +} + type ManagedRequestHeadersObservation struct { + + // (Boolean) Whether the headers rule is active. + // Whether the headers rule is active. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The ID of this resource. + // Unique headers rule identifier. + ID *string `json:"id,omitempty" tf:"id,omitempty"` } type ManagedRequestHeadersParameters struct { + // (Boolean) Whether the headers rule is active. // Whether the headers rule is active. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Enabled *bool `json:"enabled" tf:"enabled,omitempty"` + // (String) The ID of this resource. // Unique headers rule identifier. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional ID *string `json:"id" tf:"id,omitempty"` } +type ManagedResponseHeadersInitParameters struct { + + // (Boolean) Whether the headers rule is active. + // Whether the headers rule is active. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The ID of this resource. + // Unique headers rule identifier. + ID *string `json:"id,omitempty" tf:"id,omitempty"` +} + type ManagedResponseHeadersObservation struct { + + // (Boolean) Whether the headers rule is active. + // Whether the headers rule is active. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The ID of this resource. + // Unique headers rule identifier. + ID *string `json:"id,omitempty" tf:"id,omitempty"` } type ManagedResponseHeadersParameters struct { + // (Boolean) Whether the headers rule is active. // Whether the headers rule is active. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Enabled *bool `json:"enabled" tf:"enabled,omitempty"` + // (String) The ID of this resource. // Unique headers rule identifier. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional ID *string `json:"id" tf:"id,omitempty"` } @@ -73,6 +160,17 @@ type ManagedResponseHeadersParameters struct { type ManagedHeadersSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ManagedHeadersParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ManagedHeadersInitParameters `json:"initProvider,omitempty"` } // ManagedHeadersStatus defines the observed state of ManagedHeaders. @@ -82,13 +180,14 @@ type ManagedHeadersStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// ManagedHeaders is the Schema for the ManagedHeaderss API. +// ManagedHeaders is the Schema for the ManagedHeaderss API. The Cloudflare Managed Headers https://developers.cloudflare.com/rules/transform/managed-transforms/ allows you to add or remove some predefined headers to one's requests or origin responses. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type ManagedHeaders struct { metav1.TypeMeta `json:",inline"` diff --git a/apis/zone/v1alpha1/zz_ratelimit_terraformed.go b/apis/zone/v1alpha1/zz_ratelimit_terraformed.go new file mode 100755 index 0000000..d47f56d --- /dev/null +++ b/apis/zone/v1alpha1/zz_ratelimit_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this RateLimit +func (mg *RateLimit) GetTerraformResourceType() string { + return "cloudflare_rate_limit" +} + +// GetConnectionDetailsMapping for this RateLimit +func (tr *RateLimit) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this RateLimit +func (tr *RateLimit) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this RateLimit +func (tr *RateLimit) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this RateLimit +func (tr *RateLimit) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this RateLimit +func (tr *RateLimit) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this RateLimit +func (tr *RateLimit) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this RateLimit +func (tr *RateLimit) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this RateLimit +func (tr *RateLimit) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this RateLimit using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *RateLimit) LateInitialize(attrs []byte) (bool, error) { + params := &RateLimitParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *RateLimit) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/zone/v1alpha1/zz_ratelimit_types.go b/apis/zone/v1alpha1/zz_ratelimit_types.go index 1f831f9..7c5265d 100755 --- a/apis/zone/v1alpha1/zz_ratelimit_types.go +++ b/apis/zone/v1alpha1/zz_ratelimit_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,88 +17,250 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ActionInitParameters struct { + + // The type of action to perform. Allowable values are 'simulate', 'ban', 'challenge', 'js_challenge' and 'managed_challenge'. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage. This field is not required. + Response []ResponseInitParameters `json:"response,omitempty" tf:"response,omitempty"` + + // The time in seconds as an integer to perform the mitigation action. This field is required if the mode is either simulate or ban. Must be the same or greater than the period (min: 1, max: 86400). + Timeout *float64 `json:"timeout,omitempty" tf:"timeout,omitempty"` +} + type ActionObservation struct { + + // The type of action to perform. Allowable values are 'simulate', 'ban', 'challenge', 'js_challenge' and 'managed_challenge'. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage. This field is not required. + Response []ResponseObservation `json:"response,omitempty" tf:"response,omitempty"` + + // The time in seconds as an integer to perform the mitigation action. This field is required if the mode is either simulate or ban. Must be the same or greater than the period (min: 1, max: 86400). + Timeout *float64 `json:"timeout,omitempty" tf:"timeout,omitempty"` } type ActionParameters struct { - // +kubebuilder:validation:Required + // The type of action to perform. Allowable values are 'simulate', 'ban', 'challenge', 'js_challenge' and 'managed_challenge'. + // +kubebuilder:validation:Optional Mode *string `json:"mode" tf:"mode,omitempty"` + // Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage. This field is not required. // +kubebuilder:validation:Optional Response []ResponseParameters `json:"response,omitempty" tf:"response,omitempty"` + // The time in seconds as an integer to perform the mitigation action. This field is required if the mode is either simulate or ban. Must be the same or greater than the period (min: 1, max: 86400). // +kubebuilder:validation:Optional Timeout *float64 `json:"timeout,omitempty" tf:"timeout,omitempty"` } +type CorrelateInitParameters struct { + + // If set to 'nat', NAT support will be enabled for rate limiting. + By *string `json:"by,omitempty" tf:"by,omitempty"` +} + type CorrelateObservation struct { + + // If set to 'nat', NAT support will be enabled for rate limiting. + By *string `json:"by,omitempty" tf:"by,omitempty"` } type CorrelateParameters struct { + // If set to 'nat', NAT support will be enabled for rate limiting. // +kubebuilder:validation:Optional By *string `json:"by,omitempty" tf:"by,omitempty"` } +type MatchInitParameters struct { + + // Matches HTTP requests (from the client to Cloudflare). See definition below. + Request []RequestInitParameters `json:"request,omitempty" tf:"request,omitempty"` + + // Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage. This field is not required. + Response []MatchResponseInitParameters `json:"response,omitempty" tf:"response,omitempty"` +} + type MatchObservation struct { + + // Matches HTTP requests (from the client to Cloudflare). See definition below. + Request []RequestObservation `json:"request,omitempty" tf:"request,omitempty"` + + // Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage. This field is not required. + Response []MatchResponseObservation `json:"response,omitempty" tf:"response,omitempty"` } type MatchParameters struct { + // Matches HTTP requests (from the client to Cloudflare). See definition below. // +kubebuilder:validation:Optional Request []RequestParameters `json:"request,omitempty" tf:"request,omitempty"` + // Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage. This field is not required. // +kubebuilder:validation:Optional Response []MatchResponseParameters `json:"response,omitempty" tf:"response,omitempty"` } +type MatchResponseInitParameters struct { + + // block is a list of maps with the following attributes: + Headers []map[string]*string `json:"headers,omitempty" tf:"headers,omitempty"` + + // Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting. Default: true. + OriginTraffic *bool `json:"originTraffic,omitempty" tf:"origin_traffic,omitempty"` + + // HTTP Status codes, can be one [403], many [401,403] or indicate all by not providing this value. + // +listType=set + Statuses []*float64 `json:"statuses,omitempty" tf:"statuses,omitempty"` +} + type MatchResponseObservation struct { + + // block is a list of maps with the following attributes: + Headers []map[string]*string `json:"headers,omitempty" tf:"headers,omitempty"` + + // Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting. Default: true. + OriginTraffic *bool `json:"originTraffic,omitempty" tf:"origin_traffic,omitempty"` + + // HTTP Status codes, can be one [403], many [401,403] or indicate all by not providing this value. + // +listType=set + Statuses []*float64 `json:"statuses,omitempty" tf:"statuses,omitempty"` } type MatchResponseParameters struct { + // block is a list of maps with the following attributes: // +kubebuilder:validation:Optional Headers []map[string]*string `json:"headers,omitempty" tf:"headers,omitempty"` + // Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting. Default: true. // +kubebuilder:validation:Optional OriginTraffic *bool `json:"originTraffic,omitempty" tf:"origin_traffic,omitempty"` + // HTTP Status codes, can be one [403], many [401,403] or indicate all by not providing this value. // +kubebuilder:validation:Optional + // +listType=set Statuses []*float64 `json:"statuses,omitempty" tf:"statuses,omitempty"` } +type RateLimitInitParameters struct { + + // The action to be performed when the threshold of matched traffic within the period defined is exceeded. + Action []ActionInitParameters `json:"action,omitempty" tf:"action,omitempty"` + + // URLs matching the patterns specified here will be excluded from rate limiting. + // +listType=set + BypassURLPatterns []*string `json:"bypassUrlPatterns,omitempty" tf:"bypass_url_patterns,omitempty"` + + // Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address. + Correlate []CorrelateInitParameters `json:"correlate,omitempty" tf:"correlate,omitempty"` + + // A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // Whether this ratelimit is currently disabled. Default: false. + // Defaults to `false`. + Disabled *bool `json:"disabled,omitempty" tf:"disabled,omitempty"` + + // Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone. See definition below. + Match []MatchInitParameters `json:"match,omitempty" tf:"match,omitempty"` + + // The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed (min: 1, max: 86,400). + Period *float64 `json:"period,omitempty" tf:"period,omitempty"` + + // The threshold that triggers the rate limit mitigations, combine with period. i.e. threshold per period (min: 2, max: 1,000,000). + Threshold *float64 `json:"threshold,omitempty" tf:"threshold,omitempty"` + + // The DNS zone ID to apply rate limiting to. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type RateLimitObservation struct { + + // The action to be performed when the threshold of matched traffic within the period defined is exceeded. + Action []ActionObservation `json:"action,omitempty" tf:"action,omitempty"` + + // URLs matching the patterns specified here will be excluded from rate limiting. + // +listType=set + BypassURLPatterns []*string `json:"bypassUrlPatterns,omitempty" tf:"bypass_url_patterns,omitempty"` + + // Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address. + Correlate []CorrelateObservation `json:"correlate,omitempty" tf:"correlate,omitempty"` + + // A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // Whether this ratelimit is currently disabled. Default: false. + // Defaults to `false`. + Disabled *bool `json:"disabled,omitempty" tf:"disabled,omitempty"` + + // The Rate limit ID. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone. See definition below. + Match []MatchObservation `json:"match,omitempty" tf:"match,omitempty"` + + // The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed (min: 1, max: 86,400). + Period *float64 `json:"period,omitempty" tf:"period,omitempty"` + + // The threshold that triggers the rate limit mitigations, combine with period. i.e. threshold per period (min: 2, max: 1,000,000). + Threshold *float64 `json:"threshold,omitempty" tf:"threshold,omitempty"` + + // The DNS zone ID to apply rate limiting to. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type RateLimitParameters struct { - // +kubebuilder:validation:Required - Action []ActionParameters `json:"action" tf:"action,omitempty"` + // The action to be performed when the threshold of matched traffic within the period defined is exceeded. + // +kubebuilder:validation:Optional + Action []ActionParameters `json:"action,omitempty" tf:"action,omitempty"` + // URLs matching the patterns specified here will be excluded from rate limiting. // +kubebuilder:validation:Optional + // +listType=set BypassURLPatterns []*string `json:"bypassUrlPatterns,omitempty" tf:"bypass_url_patterns,omitempty"` + // Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address. // +kubebuilder:validation:Optional Correlate []CorrelateParameters `json:"correlate,omitempty" tf:"correlate,omitempty"` + // A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` + // Whether this ratelimit is currently disabled. Default: false. // Defaults to `false`. // +kubebuilder:validation:Optional Disabled *bool `json:"disabled,omitempty" tf:"disabled,omitempty"` + // Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone. See definition below. // +kubebuilder:validation:Optional Match []MatchParameters `json:"match,omitempty" tf:"match,omitempty"` - // +kubebuilder:validation:Required - Period *float64 `json:"period" tf:"period,omitempty"` + // The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed (min: 1, max: 86,400). + // +kubebuilder:validation:Optional + Period *float64 `json:"period,omitempty" tf:"period,omitempty"` - // +kubebuilder:validation:Required - Threshold *float64 `json:"threshold" tf:"threshold,omitempty"` + // The threshold that triggers the rate limit mitigations, combine with period. i.e. threshold per period (min: 2, max: 1,000,000). + // +kubebuilder:validation:Optional + Threshold *float64 `json:"threshold,omitempty" tf:"threshold,omitempty"` + // The DNS zone ID to apply rate limiting to. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=Zone // +kubebuilder:validation:Optional @@ -109,30 +275,77 @@ type RateLimitParameters struct { ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } +type RequestInitParameters struct { + + // HTTP Methods, can be a subset ['POST','PUT'] or all ['_ALL_']. Default: ['_ALL_']. + // +listType=set + Methods []*string `json:"methods,omitempty" tf:"methods,omitempty"` + + // HTTP Schemes, can be one ['HTTPS'], both ['HTTP','HTTPS'] or all ['_ALL_']. Default: ['_ALL_']. + // +listType=set + Schemes []*string `json:"schemes,omitempty" tf:"schemes,omitempty"` + + // The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use _ for all traffic to your zone. Default: '_'. + URLPattern *string `json:"urlPattern,omitempty" tf:"url_pattern,omitempty"` +} + type RequestObservation struct { + + // HTTP Methods, can be a subset ['POST','PUT'] or all ['_ALL_']. Default: ['_ALL_']. + // +listType=set + Methods []*string `json:"methods,omitempty" tf:"methods,omitempty"` + + // HTTP Schemes, can be one ['HTTPS'], both ['HTTP','HTTPS'] or all ['_ALL_']. Default: ['_ALL_']. + // +listType=set + Schemes []*string `json:"schemes,omitempty" tf:"schemes,omitempty"` + + // The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use _ for all traffic to your zone. Default: '_'. + URLPattern *string `json:"urlPattern,omitempty" tf:"url_pattern,omitempty"` } type RequestParameters struct { + // HTTP Methods, can be a subset ['POST','PUT'] or all ['_ALL_']. Default: ['_ALL_']. // +kubebuilder:validation:Optional + // +listType=set Methods []*string `json:"methods,omitempty" tf:"methods,omitempty"` + // HTTP Schemes, can be one ['HTTPS'], both ['HTTP','HTTPS'] or all ['_ALL_']. Default: ['_ALL_']. // +kubebuilder:validation:Optional + // +listType=set Schemes []*string `json:"schemes,omitempty" tf:"schemes,omitempty"` + // The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use _ for all traffic to your zone. Default: '_'. // +kubebuilder:validation:Optional URLPattern *string `json:"urlPattern,omitempty" tf:"url_pattern,omitempty"` } +type ResponseInitParameters struct { + + // The body to return, the content here should conform to the content_type. + Body *string `json:"body,omitempty" tf:"body,omitempty"` + + // The content-type of the body, must be one of: 'text/plain', 'text/xml', 'application/json'. + ContentType *string `json:"contentType,omitempty" tf:"content_type,omitempty"` +} + type ResponseObservation struct { + + // The body to return, the content here should conform to the content_type. + Body *string `json:"body,omitempty" tf:"body,omitempty"` + + // The content-type of the body, must be one of: 'text/plain', 'text/xml', 'application/json'. + ContentType *string `json:"contentType,omitempty" tf:"content_type,omitempty"` } type ResponseParameters struct { - // +kubebuilder:validation:Required + // The body to return, the content here should conform to the content_type. + // +kubebuilder:validation:Optional Body *string `json:"body" tf:"body,omitempty"` - // +kubebuilder:validation:Required + // The content-type of the body, must be one of: 'text/plain', 'text/xml', 'application/json'. + // +kubebuilder:validation:Optional ContentType *string `json:"contentType" tf:"content_type,omitempty"` } @@ -140,6 +353,17 @@ type ResponseParameters struct { type RateLimitSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RateLimitParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RateLimitInitParameters `json:"initProvider,omitempty"` } // RateLimitStatus defines the observed state of RateLimit. @@ -149,19 +373,23 @@ type RateLimitStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// RateLimit is the Schema for the RateLimits API. +// RateLimit is the Schema for the RateLimits API. Provides a Cloudflare rate limit resource for a particular zone. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type RateLimit struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RateLimitSpec `json:"spec"` - Status RateLimitStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.action) || (has(self.initProvider) && has(self.initProvider.action))",message="spec.forProvider.action is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.period) || (has(self.initProvider) && has(self.initProvider.period))",message="spec.forProvider.period is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.threshold) || (has(self.initProvider) && has(self.initProvider.threshold))",message="spec.forProvider.threshold is a required parameter" + Spec RateLimitSpec `json:"spec"` + Status RateLimitStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/zone/v1alpha1/zz_settingsoverride_terraformed.go b/apis/zone/v1alpha1/zz_settingsoverride_terraformed.go new file mode 100755 index 0000000..69d6708 --- /dev/null +++ b/apis/zone/v1alpha1/zz_settingsoverride_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this SettingsOverride +func (mg *SettingsOverride) GetTerraformResourceType() string { + return "cloudflare_zone_settings_override" +} + +// GetConnectionDetailsMapping for this SettingsOverride +func (tr *SettingsOverride) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this SettingsOverride +func (tr *SettingsOverride) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this SettingsOverride +func (tr *SettingsOverride) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this SettingsOverride +func (tr *SettingsOverride) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this SettingsOverride +func (tr *SettingsOverride) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this SettingsOverride +func (tr *SettingsOverride) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this SettingsOverride +func (tr *SettingsOverride) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this SettingsOverride +func (tr *SettingsOverride) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this SettingsOverride using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *SettingsOverride) LateInitialize(attrs []byte) (bool, error) { + params := &SettingsOverrideParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *SettingsOverride) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/zone/v1alpha1/zz_settingsoverride_types.go b/apis/zone/v1alpha1/zz_settingsoverride_types.go index cb1096a..7cf9202 100755 --- a/apis/zone/v1alpha1/zz_settingsoverride_types.go +++ b/apis/zone/v1alpha1/zz_settingsoverride_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,210 +17,696 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type InitialSettingsInitParameters struct { +} + type InitialSettingsObservation struct { + + // (default: on) AlwaysOnline *string `json:"alwaysOnline,omitempty" tf:"always_online,omitempty"` + // (default: off) AlwaysUseHTTPS *string `json:"alwaysUseHttps,omitempty" tf:"always_use_https,omitempty"` + // (default value depends on the zone's plan level) AutomaticHTTPSRewrites *string `json:"automaticHttpsRewrites,omitempty" tf:"automatic_https_rewrites,omitempty"` + // (default: off) BinaryAst *string `json:"binaryAst,omitempty" tf:"binary_ast,omitempty"` + // (default: off) Brotli *string `json:"brotli,omitempty" tf:"brotli,omitempty"` + // (default: 14400) BrowserCacheTTL *float64 `json:"browserCacheTtl,omitempty" tf:"browser_cache_ttl,omitempty"` + // (default: on) BrowserCheck *string `json:"browserCheck,omitempty" tf:"browser_check,omitempty"` + // Allowed values: "aggressive" (default) - delivers a different resource each time the query string changes, "basic" - delivers resources from cache when there is no query string, "simplified" - delivers the same resource to everyone independent of the query string. CacheLevel *string `json:"cacheLevel,omitempty" tf:"cache_level,omitempty"` + // (default: 1800) ChallengeTTL *float64 `json:"challengeTtl,omitempty" tf:"challenge_ttl,omitempty"` + // An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format. Ciphers []*string `json:"ciphers,omitempty" tf:"ciphers,omitempty"` + // Allowed values: "flatten_at_root" (default), "flatten_all", "flatten_none". CnameFlattening *string `json:"cnameFlattening,omitempty" tf:"cname_flattening,omitempty"` + // (default: off) DevelopmentMode *string `json:"developmentMode,omitempty" tf:"development_mode,omitempty"` + // (default: off) EarlyHints *string `json:"earlyHints,omitempty" tf:"early_hints,omitempty"` + // (default: on) EmailObfuscation *string `json:"emailObfuscation,omitempty" tf:"email_obfuscation,omitempty"` + // (default: off) FilterLogsToCloudflare *string `json:"filterLogsToCloudflare,omitempty" tf:"filter_logs_to_cloudflare,omitempty"` + // Allowed values: "on", "off" (default), "custom". H2Prioritization *string `json:"h2Prioritization,omitempty" tf:"h2_prioritization,omitempty"` + // (default: off) HotlinkProtection *string `json:"hotlinkProtection,omitempty" tf:"hotlink_protection,omitempty"` + // (default: off) Http2 *string `json:"http2,omitempty" tf:"http2,omitempty"` + // (default: off) Http3 *string `json:"http3,omitempty" tf:"http3,omitempty"` + // (default: on) IPGeolocation *string `json:"ipGeolocation,omitempty" tf:"ip_geolocation,omitempty"` + // (default: off) IPv6 *string `json:"ipv6,omitempty" tf:"ipv6,omitempty"` + // Allowed values: "on", "off" (default), "open". ImageResizing *string `json:"imageResizing,omitempty" tf:"image_resizing,omitempty"` + // (default: off) LogToCloudflare *string `json:"logToCloudflare,omitempty" tf:"log_to_cloudflare,omitempty"` + // (default: 100) MaxUpload *float64 `json:"maxUpload,omitempty" tf:"max_upload,omitempty"` + // Allowed values: "1.0" (default), "1.1", "1.2", "1.3". MinTLSVersion *string `json:"minTlsVersion,omitempty" tf:"min_tls_version,omitempty"` Minify []MinifyObservation `json:"minify,omitempty" tf:"minify,omitempty"` + // (default: off) Mirage *string `json:"mirage,omitempty" tf:"mirage,omitempty"` MobileRedirect []MobileRedirectObservation `json:"mobileRedirect,omitempty" tf:"mobile_redirect,omitempty"` + // (default value depends on the zone's plan level) OpportunisticEncryption *string `json:"opportunisticEncryption,omitempty" tf:"opportunistic_encryption,omitempty"` + // (default: off) OpportunisticOnion *string `json:"opportunisticOnion,omitempty" tf:"opportunistic_onion,omitempty"` + // (default: off) OrangeToOrange *string `json:"orangeToOrange,omitempty" tf:"orange_to_orange,omitempty"` + // (default: off) OriginErrorPagePassThru *string `json:"originErrorPagePassThru,omitempty" tf:"origin_error_page_pass_thru,omitempty"` + // Allowed values: "1" (default on Enterprise), "2" (default) OriginMaxHTTPVersion *string `json:"originMaxHttpVersion,omitempty" tf:"origin_max_http_version,omitempty"` + // Allowed values: "off" (default), "lossless", "lossy". Polish *string `json:"polish,omitempty" tf:"polish,omitempty"` + // (default: off) PrefetchPreload *string `json:"prefetchPreload,omitempty" tf:"prefetch_preload,omitempty"` + // (default: on) PrivacyPass *string `json:"privacyPass,omitempty" tf:"privacy_pass,omitempty"` + // (default: "100") ProxyReadTimeout *string `json:"proxyReadTimeout,omitempty" tf:"proxy_read_timeout,omitempty"` + // Allowed values: "off" (default), "add_header", "overwrite_header". PseudoIPv4 *string `json:"pseudoIpv4,omitempty" tf:"pseudo_ipv4,omitempty"` + // (default: off) ResponseBuffering *string `json:"responseBuffering,omitempty" tf:"response_buffering,omitempty"` + // (default: off) RocketLoader *string `json:"rocketLoader,omitempty" tf:"rocket_loader,omitempty"` + // Allowed values: "off" (default), "flexible", "full", "strict", "origin_pull". SSL *string `json:"ssl,omitempty" tf:"ssl,omitempty"` SecurityHeader []SecurityHeaderObservation `json:"securityHeader,omitempty" tf:"security_header,omitempty"` + // Allowed values: "off" (Enterprise only), "essentially_off", "low", "medium" (default), "high", "under_attack". SecurityLevel *string `json:"securityLevel,omitempty" tf:"security_level,omitempty"` + // (default: on) ServerSideExclude *string `json:"serverSideExclude,omitempty" tf:"server_side_exclude,omitempty"` + // (default: off) SortQueryStringForCache *string `json:"sortQueryStringForCache,omitempty" tf:"sort_query_string_for_cache,omitempty"` TLS12Only *string `json:"tls12Only,omitempty" tf:"tls_1_2_only,omitempty"` + // Allowed values: "off" (default), "on", "zrt". TLS13 *string `json:"tls13,omitempty" tf:"tls_1_3,omitempty"` + // (default: on) TLSClientAuth *string `json:"tlsClientAuth,omitempty" tf:"tls_client_auth,omitempty"` + // (default: off) TrueClientIPHeader *string `json:"trueClientIpHeader,omitempty" tf:"true_client_ip_header,omitempty"` + // (default: on) UniversalSSL *string `json:"universalSsl,omitempty" tf:"universal_ssl,omitempty"` + // (default: off) VisitorIP *string `json:"visitorIp,omitempty" tf:"visitor_ip,omitempty"` + // (default: off) Waf *string `json:"waf,omitempty" tf:"waf,omitempty"` + // (default: off). Note that the value specified will be ignored unless polish is turned on (i.e. is "lossless" or "lossy") Webp *string `json:"webp,omitempty" tf:"webp,omitempty"` + // (default: off) Websockets *string `json:"websockets,omitempty" tf:"websockets,omitempty"` + // (default: off) ZeroRtt *string `json:"zeroRtt,omitempty" tf:"zero_rtt,omitempty"` } type InitialSettingsParameters struct { } +type MinifyInitParameters struct { +} + type MinifyObservation struct { + + // "on"/"off" CSS *string `json:"css,omitempty" tf:"css,omitempty"` + // "on"/"off" HTML *string `json:"html,omitempty" tf:"html,omitempty"` + // "on"/"off" Js *string `json:"js,omitempty" tf:"js,omitempty"` } type MinifyParameters struct { } +type MobileRedirectInitParameters struct { +} + type MobileRedirectObservation struct { + + // String value MobileSubdomain *string `json:"mobileSubdomain,omitempty" tf:"mobile_subdomain,omitempty"` + // "on"/"off" Status *string `json:"status,omitempty" tf:"status,omitempty"` + // true/false StripURI *bool `json:"stripUri,omitempty" tf:"strip_uri,omitempty"` } type MobileRedirectParameters struct { } +type SecurityHeaderInitParameters struct { +} + type SecurityHeaderObservation struct { + + // true/false Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // true/false IncludeSubdomains *bool `json:"includeSubdomains,omitempty" tf:"include_subdomains,omitempty"` + // Integer MaxAge *float64 `json:"maxAge,omitempty" tf:"max_age,omitempty"` + // true/false Nosniff *bool `json:"nosniff,omitempty" tf:"nosniff,omitempty"` + // true/false Preload *bool `json:"preload,omitempty" tf:"preload,omitempty"` } type SecurityHeaderParameters struct { } +type SettingsInitParameters struct { + + // (default: on) + AlwaysOnline *string `json:"alwaysOnline,omitempty" tf:"always_online,omitempty"` + + // (default: off) + AlwaysUseHTTPS *string `json:"alwaysUseHttps,omitempty" tf:"always_use_https,omitempty"` + + // (default value depends on the zone's plan level) + AutomaticHTTPSRewrites *string `json:"automaticHttpsRewrites,omitempty" tf:"automatic_https_rewrites,omitempty"` + + // (default: off) + BinaryAst *string `json:"binaryAst,omitempty" tf:"binary_ast,omitempty"` + + // (default: off) + Brotli *string `json:"brotli,omitempty" tf:"brotli,omitempty"` + + // (default: 14400) + BrowserCacheTTL *float64 `json:"browserCacheTtl,omitempty" tf:"browser_cache_ttl,omitempty"` + + // (default: on) + BrowserCheck *string `json:"browserCheck,omitempty" tf:"browser_check,omitempty"` + + // Allowed values: "aggressive" (default) - delivers a different resource each time the query string changes, "basic" - delivers resources from cache when there is no query string, "simplified" - delivers the same resource to everyone independent of the query string. + CacheLevel *string `json:"cacheLevel,omitempty" tf:"cache_level,omitempty"` + + // (default: 1800) + ChallengeTTL *float64 `json:"challengeTtl,omitempty" tf:"challenge_ttl,omitempty"` + + // An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format. + Ciphers []*string `json:"ciphers,omitempty" tf:"ciphers,omitempty"` + + // Allowed values: "flatten_at_root" (default), "flatten_all", "flatten_none". + CnameFlattening *string `json:"cnameFlattening,omitempty" tf:"cname_flattening,omitempty"` + + // (default: off) + DevelopmentMode *string `json:"developmentMode,omitempty" tf:"development_mode,omitempty"` + + // (default: off) + EarlyHints *string `json:"earlyHints,omitempty" tf:"early_hints,omitempty"` + + // (default: on) + EmailObfuscation *string `json:"emailObfuscation,omitempty" tf:"email_obfuscation,omitempty"` + + // (default: off) + FilterLogsToCloudflare *string `json:"filterLogsToCloudflare,omitempty" tf:"filter_logs_to_cloudflare,omitempty"` + + // Allowed values: "on", "off" (default), "custom". + H2Prioritization *string `json:"h2Prioritization,omitempty" tf:"h2_prioritization,omitempty"` + + // (default: off) + HotlinkProtection *string `json:"hotlinkProtection,omitempty" tf:"hotlink_protection,omitempty"` + + // (default: off) + Http2 *string `json:"http2,omitempty" tf:"http2,omitempty"` + + // (default: off) + Http3 *string `json:"http3,omitempty" tf:"http3,omitempty"` + + // (default: on) + IPGeolocation *string `json:"ipGeolocation,omitempty" tf:"ip_geolocation,omitempty"` + + // (default: off) + IPv6 *string `json:"ipv6,omitempty" tf:"ipv6,omitempty"` + + // Allowed values: "on", "off" (default), "open". + ImageResizing *string `json:"imageResizing,omitempty" tf:"image_resizing,omitempty"` + + // (default: off) + LogToCloudflare *string `json:"logToCloudflare,omitempty" tf:"log_to_cloudflare,omitempty"` + + // (default: 100) + MaxUpload *float64 `json:"maxUpload,omitempty" tf:"max_upload,omitempty"` + + // Allowed values: "1.0" (default), "1.1", "1.2", "1.3". + MinTLSVersion *string `json:"minTlsVersion,omitempty" tf:"min_tls_version,omitempty"` + + Minify []SettingsMinifyInitParameters `json:"minify,omitempty" tf:"minify,omitempty"` + + // (default: off) + Mirage *string `json:"mirage,omitempty" tf:"mirage,omitempty"` + + MobileRedirect []SettingsMobileRedirectInitParameters `json:"mobileRedirect,omitempty" tf:"mobile_redirect,omitempty"` + + // (default value depends on the zone's plan level) + OpportunisticEncryption *string `json:"opportunisticEncryption,omitempty" tf:"opportunistic_encryption,omitempty"` + + // (default: off) + OpportunisticOnion *string `json:"opportunisticOnion,omitempty" tf:"opportunistic_onion,omitempty"` + + // (default: off) + OrangeToOrange *string `json:"orangeToOrange,omitempty" tf:"orange_to_orange,omitempty"` + + // (default: off) + OriginErrorPagePassThru *string `json:"originErrorPagePassThru,omitempty" tf:"origin_error_page_pass_thru,omitempty"` + + // Allowed values: "1" (default on Enterprise), "2" (default) + OriginMaxHTTPVersion *string `json:"originMaxHttpVersion,omitempty" tf:"origin_max_http_version,omitempty"` + + // Allowed values: "off" (default), "lossless", "lossy". + Polish *string `json:"polish,omitempty" tf:"polish,omitempty"` + + // (default: off) + PrefetchPreload *string `json:"prefetchPreload,omitempty" tf:"prefetch_preload,omitempty"` + + // (default: on) + PrivacyPass *string `json:"privacyPass,omitempty" tf:"privacy_pass,omitempty"` + + // (default: "100") + ProxyReadTimeout *string `json:"proxyReadTimeout,omitempty" tf:"proxy_read_timeout,omitempty"` + + // Allowed values: "off" (default), "add_header", "overwrite_header". + PseudoIPv4 *string `json:"pseudoIpv4,omitempty" tf:"pseudo_ipv4,omitempty"` + + // (default: off) + ResponseBuffering *string `json:"responseBuffering,omitempty" tf:"response_buffering,omitempty"` + + // (default: off) + RocketLoader *string `json:"rocketLoader,omitempty" tf:"rocket_loader,omitempty"` + + // Allowed values: "off" (default), "flexible", "full", "strict", "origin_pull". + SSL *string `json:"ssl,omitempty" tf:"ssl,omitempty"` + + SecurityHeader []SettingsSecurityHeaderInitParameters `json:"securityHeader,omitempty" tf:"security_header,omitempty"` + + // Allowed values: "off" (Enterprise only), "essentially_off", "low", "medium" (default), "high", "under_attack". + SecurityLevel *string `json:"securityLevel,omitempty" tf:"security_level,omitempty"` + + // (default: on) + ServerSideExclude *string `json:"serverSideExclude,omitempty" tf:"server_side_exclude,omitempty"` + + // (default: off) + SortQueryStringForCache *string `json:"sortQueryStringForCache,omitempty" tf:"sort_query_string_for_cache,omitempty"` + + TLS12Only *string `json:"tls12Only,omitempty" tf:"tls_1_2_only,omitempty"` + + // Allowed values: "off" (default), "on", "zrt". + TLS13 *string `json:"tls13,omitempty" tf:"tls_1_3,omitempty"` + + // (default: on) + TLSClientAuth *string `json:"tlsClientAuth,omitempty" tf:"tls_client_auth,omitempty"` + + // (default: off) + TrueClientIPHeader *string `json:"trueClientIpHeader,omitempty" tf:"true_client_ip_header,omitempty"` + + // (default: on) + UniversalSSL *string `json:"universalSsl,omitempty" tf:"universal_ssl,omitempty"` + + // (default: off) + VisitorIP *string `json:"visitorIp,omitempty" tf:"visitor_ip,omitempty"` + + // (default: off) + Waf *string `json:"waf,omitempty" tf:"waf,omitempty"` + + // (default: off). Note that the value specified will be ignored unless polish is turned on (i.e. is "lossless" or "lossy") + Webp *string `json:"webp,omitempty" tf:"webp,omitempty"` + + // (default: off) + Websockets *string `json:"websockets,omitempty" tf:"websockets,omitempty"` + + // (default: off) + ZeroRtt *string `json:"zeroRtt,omitempty" tf:"zero_rtt,omitempty"` +} + +type SettingsMinifyInitParameters struct { + + // "on"/"off" + CSS *string `json:"css,omitempty" tf:"css,omitempty"` + + // "on"/"off" + HTML *string `json:"html,omitempty" tf:"html,omitempty"` + + // "on"/"off" + Js *string `json:"js,omitempty" tf:"js,omitempty"` +} + type SettingsMinifyObservation struct { + + // "on"/"off" + CSS *string `json:"css,omitempty" tf:"css,omitempty"` + + // "on"/"off" + HTML *string `json:"html,omitempty" tf:"html,omitempty"` + + // "on"/"off" + Js *string `json:"js,omitempty" tf:"js,omitempty"` } type SettingsMinifyParameters struct { - // +kubebuilder:validation:Required + // "on"/"off" + // +kubebuilder:validation:Optional CSS *string `json:"css" tf:"css,omitempty"` - // +kubebuilder:validation:Required + // "on"/"off" + // +kubebuilder:validation:Optional HTML *string `json:"html" tf:"html,omitempty"` - // +kubebuilder:validation:Required + // "on"/"off" + // +kubebuilder:validation:Optional Js *string `json:"js" tf:"js,omitempty"` } +type SettingsMobileRedirectInitParameters struct { + + // String value + MobileSubdomain *string `json:"mobileSubdomain,omitempty" tf:"mobile_subdomain,omitempty"` + + // "on"/"off" + Status *string `json:"status,omitempty" tf:"status,omitempty"` + + // true/false + StripURI *bool `json:"stripUri,omitempty" tf:"strip_uri,omitempty"` +} + type SettingsMobileRedirectObservation struct { + + // String value + MobileSubdomain *string `json:"mobileSubdomain,omitempty" tf:"mobile_subdomain,omitempty"` + + // "on"/"off" + Status *string `json:"status,omitempty" tf:"status,omitempty"` + + // true/false + StripURI *bool `json:"stripUri,omitempty" tf:"strip_uri,omitempty"` } type SettingsMobileRedirectParameters struct { - // +kubebuilder:validation:Required + // String value + // +kubebuilder:validation:Optional MobileSubdomain *string `json:"mobileSubdomain" tf:"mobile_subdomain,omitempty"` - // +kubebuilder:validation:Required + // "on"/"off" + // +kubebuilder:validation:Optional Status *string `json:"status" tf:"status,omitempty"` - // +kubebuilder:validation:Required + // true/false + // +kubebuilder:validation:Optional StripURI *bool `json:"stripUri" tf:"strip_uri,omitempty"` } type SettingsObservation struct { + + // (default: on) + AlwaysOnline *string `json:"alwaysOnline,omitempty" tf:"always_online,omitempty"` + + // (default: off) + AlwaysUseHTTPS *string `json:"alwaysUseHttps,omitempty" tf:"always_use_https,omitempty"` + + // (default value depends on the zone's plan level) + AutomaticHTTPSRewrites *string `json:"automaticHttpsRewrites,omitempty" tf:"automatic_https_rewrites,omitempty"` + + // (default: off) + BinaryAst *string `json:"binaryAst,omitempty" tf:"binary_ast,omitempty"` + + // (default: off) + Brotli *string `json:"brotli,omitempty" tf:"brotli,omitempty"` + + // (default: 14400) + BrowserCacheTTL *float64 `json:"browserCacheTtl,omitempty" tf:"browser_cache_ttl,omitempty"` + + // (default: on) + BrowserCheck *string `json:"browserCheck,omitempty" tf:"browser_check,omitempty"` + + // Allowed values: "aggressive" (default) - delivers a different resource each time the query string changes, "basic" - delivers resources from cache when there is no query string, "simplified" - delivers the same resource to everyone independent of the query string. + CacheLevel *string `json:"cacheLevel,omitempty" tf:"cache_level,omitempty"` + + // (default: 1800) + ChallengeTTL *float64 `json:"challengeTtl,omitempty" tf:"challenge_ttl,omitempty"` + + // An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format. + Ciphers []*string `json:"ciphers,omitempty" tf:"ciphers,omitempty"` + + // Allowed values: "flatten_at_root" (default), "flatten_all", "flatten_none". + CnameFlattening *string `json:"cnameFlattening,omitempty" tf:"cname_flattening,omitempty"` + + // (default: off) + DevelopmentMode *string `json:"developmentMode,omitempty" tf:"development_mode,omitempty"` + + // (default: off) + EarlyHints *string `json:"earlyHints,omitempty" tf:"early_hints,omitempty"` + + // (default: on) + EmailObfuscation *string `json:"emailObfuscation,omitempty" tf:"email_obfuscation,omitempty"` + + // (default: off) + FilterLogsToCloudflare *string `json:"filterLogsToCloudflare,omitempty" tf:"filter_logs_to_cloudflare,omitempty"` + + // Allowed values: "on", "off" (default), "custom". + H2Prioritization *string `json:"h2Prioritization,omitempty" tf:"h2_prioritization,omitempty"` + + // (default: off) + HotlinkProtection *string `json:"hotlinkProtection,omitempty" tf:"hotlink_protection,omitempty"` + + // (default: off) + Http2 *string `json:"http2,omitempty" tf:"http2,omitempty"` + + // (default: off) + Http3 *string `json:"http3,omitempty" tf:"http3,omitempty"` + + // (default: on) + IPGeolocation *string `json:"ipGeolocation,omitempty" tf:"ip_geolocation,omitempty"` + + // (default: off) + IPv6 *string `json:"ipv6,omitempty" tf:"ipv6,omitempty"` + + // Allowed values: "on", "off" (default), "open". + ImageResizing *string `json:"imageResizing,omitempty" tf:"image_resizing,omitempty"` + + // (default: off) + LogToCloudflare *string `json:"logToCloudflare,omitempty" tf:"log_to_cloudflare,omitempty"` + + // (default: 100) + MaxUpload *float64 `json:"maxUpload,omitempty" tf:"max_upload,omitempty"` + + // Allowed values: "1.0" (default), "1.1", "1.2", "1.3". + MinTLSVersion *string `json:"minTlsVersion,omitempty" tf:"min_tls_version,omitempty"` + + Minify []SettingsMinifyObservation `json:"minify,omitempty" tf:"minify,omitempty"` + + // (default: off) + Mirage *string `json:"mirage,omitempty" tf:"mirage,omitempty"` + + MobileRedirect []SettingsMobileRedirectObservation `json:"mobileRedirect,omitempty" tf:"mobile_redirect,omitempty"` + + // (default value depends on the zone's plan level) + OpportunisticEncryption *string `json:"opportunisticEncryption,omitempty" tf:"opportunistic_encryption,omitempty"` + + // (default: off) + OpportunisticOnion *string `json:"opportunisticOnion,omitempty" tf:"opportunistic_onion,omitempty"` + + // (default: off) + OrangeToOrange *string `json:"orangeToOrange,omitempty" tf:"orange_to_orange,omitempty"` + + // (default: off) + OriginErrorPagePassThru *string `json:"originErrorPagePassThru,omitempty" tf:"origin_error_page_pass_thru,omitempty"` + + // Allowed values: "1" (default on Enterprise), "2" (default) + OriginMaxHTTPVersion *string `json:"originMaxHttpVersion,omitempty" tf:"origin_max_http_version,omitempty"` + + // Allowed values: "off" (default), "lossless", "lossy". + Polish *string `json:"polish,omitempty" tf:"polish,omitempty"` + + // (default: off) + PrefetchPreload *string `json:"prefetchPreload,omitempty" tf:"prefetch_preload,omitempty"` + + // (default: on) + PrivacyPass *string `json:"privacyPass,omitempty" tf:"privacy_pass,omitempty"` + + // (default: "100") + ProxyReadTimeout *string `json:"proxyReadTimeout,omitempty" tf:"proxy_read_timeout,omitempty"` + + // Allowed values: "off" (default), "add_header", "overwrite_header". + PseudoIPv4 *string `json:"pseudoIpv4,omitempty" tf:"pseudo_ipv4,omitempty"` + + // (default: off) + ResponseBuffering *string `json:"responseBuffering,omitempty" tf:"response_buffering,omitempty"` + + // (default: off) + RocketLoader *string `json:"rocketLoader,omitempty" tf:"rocket_loader,omitempty"` + + // Allowed values: "off" (default), "flexible", "full", "strict", "origin_pull". + SSL *string `json:"ssl,omitempty" tf:"ssl,omitempty"` + + SecurityHeader []SettingsSecurityHeaderObservation `json:"securityHeader,omitempty" tf:"security_header,omitempty"` + + // Allowed values: "off" (Enterprise only), "essentially_off", "low", "medium" (default), "high", "under_attack". + SecurityLevel *string `json:"securityLevel,omitempty" tf:"security_level,omitempty"` + + // (default: on) + ServerSideExclude *string `json:"serverSideExclude,omitempty" tf:"server_side_exclude,omitempty"` + + // (default: off) + SortQueryStringForCache *string `json:"sortQueryStringForCache,omitempty" tf:"sort_query_string_for_cache,omitempty"` + + TLS12Only *string `json:"tls12Only,omitempty" tf:"tls_1_2_only,omitempty"` + + // Allowed values: "off" (default), "on", "zrt". + TLS13 *string `json:"tls13,omitempty" tf:"tls_1_3,omitempty"` + + // (default: on) + TLSClientAuth *string `json:"tlsClientAuth,omitempty" tf:"tls_client_auth,omitempty"` + + // (default: off) + TrueClientIPHeader *string `json:"trueClientIpHeader,omitempty" tf:"true_client_ip_header,omitempty"` + + // (default: on) + UniversalSSL *string `json:"universalSsl,omitempty" tf:"universal_ssl,omitempty"` + + // (default: off) + VisitorIP *string `json:"visitorIp,omitempty" tf:"visitor_ip,omitempty"` + + // (default: off) + Waf *string `json:"waf,omitempty" tf:"waf,omitempty"` + + // (default: off). Note that the value specified will be ignored unless polish is turned on (i.e. is "lossless" or "lossy") + Webp *string `json:"webp,omitempty" tf:"webp,omitempty"` + + // (default: off) + Websockets *string `json:"websockets,omitempty" tf:"websockets,omitempty"` + + // (default: off) + ZeroRtt *string `json:"zeroRtt,omitempty" tf:"zero_rtt,omitempty"` +} + +type SettingsOverrideInitParameters struct { + + // Settings overrides that will be applied to the zone. If a setting is not specified the existing setting will be used. For a full list of available settings see below. + Settings []SettingsInitParameters `json:"settings,omitempty" tf:"settings,omitempty"` + + // The DNS zone ID to which apply settings. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` } type SettingsOverrideObservation struct { + + // The zone ID. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // Settings present in the zone at the time the resource is created. This will be used to restore the original settings when this resource is destroyed. Shares the same schema as the settings attribute (Above). InitialSettings []InitialSettingsObservation `json:"initialSettings,omitempty" tf:"initial_settings,omitempty"` + // Time when this resource was created and the initial_settings were set. InitialSettingsReadAt *string `json:"initialSettingsReadAt,omitempty" tf:"initial_settings_read_at,omitempty"` + // Which of the current settings are not able to be set by the user. Which settings these are is determined by plan level and user permissions. ReadonlySettings []*string `json:"readonlySettings,omitempty" tf:"readonly_settings,omitempty"` + // Settings overrides that will be applied to the zone. If a setting is not specified the existing setting will be used. For a full list of available settings see below. + Settings []SettingsObservation `json:"settings,omitempty" tf:"settings,omitempty"` + + // The DNS zone ID to which apply settings. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // hosted zone or a CNAME setup. ZoneStatus *string `json:"zoneStatus,omitempty" tf:"zone_status,omitempty"` + // . Status of the zone. Valid values: active, pending, initializing, moved, deleted, deactivated. ZoneType *string `json:"zoneType,omitempty" tf:"zone_type,omitempty"` } type SettingsOverrideParameters struct { + // Settings overrides that will be applied to the zone. If a setting is not specified the existing setting will be used. For a full list of available settings see below. // +kubebuilder:validation:Optional Settings []SettingsParameters `json:"settings,omitempty" tf:"settings,omitempty"` + // The DNS zone ID to which apply settings. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=Zone // +kubebuilder:validation:Optional @@ -233,189 +723,278 @@ type SettingsOverrideParameters struct { type SettingsParameters struct { + // (default: on) // +kubebuilder:validation:Optional AlwaysOnline *string `json:"alwaysOnline,omitempty" tf:"always_online,omitempty"` + // (default: off) // +kubebuilder:validation:Optional AlwaysUseHTTPS *string `json:"alwaysUseHttps,omitempty" tf:"always_use_https,omitempty"` + // (default value depends on the zone's plan level) // +kubebuilder:validation:Optional AutomaticHTTPSRewrites *string `json:"automaticHttpsRewrites,omitempty" tf:"automatic_https_rewrites,omitempty"` + // (default: off) // +kubebuilder:validation:Optional BinaryAst *string `json:"binaryAst,omitempty" tf:"binary_ast,omitempty"` + // (default: off) // +kubebuilder:validation:Optional Brotli *string `json:"brotli,omitempty" tf:"brotli,omitempty"` + // (default: 14400) // +kubebuilder:validation:Optional BrowserCacheTTL *float64 `json:"browserCacheTtl,omitempty" tf:"browser_cache_ttl,omitempty"` + // (default: on) // +kubebuilder:validation:Optional BrowserCheck *string `json:"browserCheck,omitempty" tf:"browser_check,omitempty"` + // Allowed values: "aggressive" (default) - delivers a different resource each time the query string changes, "basic" - delivers resources from cache when there is no query string, "simplified" - delivers the same resource to everyone independent of the query string. // +kubebuilder:validation:Optional CacheLevel *string `json:"cacheLevel,omitempty" tf:"cache_level,omitempty"` + // (default: 1800) // +kubebuilder:validation:Optional ChallengeTTL *float64 `json:"challengeTtl,omitempty" tf:"challenge_ttl,omitempty"` + // An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format. // +kubebuilder:validation:Optional Ciphers []*string `json:"ciphers,omitempty" tf:"ciphers,omitempty"` + // Allowed values: "flatten_at_root" (default), "flatten_all", "flatten_none". // +kubebuilder:validation:Optional CnameFlattening *string `json:"cnameFlattening,omitempty" tf:"cname_flattening,omitempty"` + // (default: off) // +kubebuilder:validation:Optional DevelopmentMode *string `json:"developmentMode,omitempty" tf:"development_mode,omitempty"` + // (default: off) // +kubebuilder:validation:Optional EarlyHints *string `json:"earlyHints,omitempty" tf:"early_hints,omitempty"` + // (default: on) // +kubebuilder:validation:Optional EmailObfuscation *string `json:"emailObfuscation,omitempty" tf:"email_obfuscation,omitempty"` + // (default: off) // +kubebuilder:validation:Optional FilterLogsToCloudflare *string `json:"filterLogsToCloudflare,omitempty" tf:"filter_logs_to_cloudflare,omitempty"` + // Allowed values: "on", "off" (default), "custom". // +kubebuilder:validation:Optional H2Prioritization *string `json:"h2Prioritization,omitempty" tf:"h2_prioritization,omitempty"` + // (default: off) // +kubebuilder:validation:Optional HotlinkProtection *string `json:"hotlinkProtection,omitempty" tf:"hotlink_protection,omitempty"` + // (default: off) // +kubebuilder:validation:Optional Http2 *string `json:"http2,omitempty" tf:"http2,omitempty"` + // (default: off) // +kubebuilder:validation:Optional Http3 *string `json:"http3,omitempty" tf:"http3,omitempty"` + // (default: on) // +kubebuilder:validation:Optional IPGeolocation *string `json:"ipGeolocation,omitempty" tf:"ip_geolocation,omitempty"` + // (default: off) // +kubebuilder:validation:Optional IPv6 *string `json:"ipv6,omitempty" tf:"ipv6,omitempty"` + // Allowed values: "on", "off" (default), "open". // +kubebuilder:validation:Optional ImageResizing *string `json:"imageResizing,omitempty" tf:"image_resizing,omitempty"` + // (default: off) // +kubebuilder:validation:Optional LogToCloudflare *string `json:"logToCloudflare,omitempty" tf:"log_to_cloudflare,omitempty"` + // (default: 100) // +kubebuilder:validation:Optional MaxUpload *float64 `json:"maxUpload,omitempty" tf:"max_upload,omitempty"` + // Allowed values: "1.0" (default), "1.1", "1.2", "1.3". // +kubebuilder:validation:Optional MinTLSVersion *string `json:"minTlsVersion,omitempty" tf:"min_tls_version,omitempty"` // +kubebuilder:validation:Optional Minify []SettingsMinifyParameters `json:"minify,omitempty" tf:"minify,omitempty"` + // (default: off) // +kubebuilder:validation:Optional Mirage *string `json:"mirage,omitempty" tf:"mirage,omitempty"` // +kubebuilder:validation:Optional MobileRedirect []SettingsMobileRedirectParameters `json:"mobileRedirect,omitempty" tf:"mobile_redirect,omitempty"` + // (default value depends on the zone's plan level) // +kubebuilder:validation:Optional OpportunisticEncryption *string `json:"opportunisticEncryption,omitempty" tf:"opportunistic_encryption,omitempty"` + // (default: off) // +kubebuilder:validation:Optional OpportunisticOnion *string `json:"opportunisticOnion,omitempty" tf:"opportunistic_onion,omitempty"` + // (default: off) // +kubebuilder:validation:Optional OrangeToOrange *string `json:"orangeToOrange,omitempty" tf:"orange_to_orange,omitempty"` + // (default: off) // +kubebuilder:validation:Optional OriginErrorPagePassThru *string `json:"originErrorPagePassThru,omitempty" tf:"origin_error_page_pass_thru,omitempty"` + // Allowed values: "1" (default on Enterprise), "2" (default) // +kubebuilder:validation:Optional OriginMaxHTTPVersion *string `json:"originMaxHttpVersion,omitempty" tf:"origin_max_http_version,omitempty"` + // Allowed values: "off" (default), "lossless", "lossy". // +kubebuilder:validation:Optional Polish *string `json:"polish,omitempty" tf:"polish,omitempty"` + // (default: off) // +kubebuilder:validation:Optional PrefetchPreload *string `json:"prefetchPreload,omitempty" tf:"prefetch_preload,omitempty"` + // (default: on) // +kubebuilder:validation:Optional PrivacyPass *string `json:"privacyPass,omitempty" tf:"privacy_pass,omitempty"` + // (default: "100") // +kubebuilder:validation:Optional ProxyReadTimeout *string `json:"proxyReadTimeout,omitempty" tf:"proxy_read_timeout,omitempty"` + // Allowed values: "off" (default), "add_header", "overwrite_header". // +kubebuilder:validation:Optional PseudoIPv4 *string `json:"pseudoIpv4,omitempty" tf:"pseudo_ipv4,omitempty"` + // (default: off) // +kubebuilder:validation:Optional ResponseBuffering *string `json:"responseBuffering,omitempty" tf:"response_buffering,omitempty"` + // (default: off) // +kubebuilder:validation:Optional RocketLoader *string `json:"rocketLoader,omitempty" tf:"rocket_loader,omitempty"` + // Allowed values: "off" (default), "flexible", "full", "strict", "origin_pull". // +kubebuilder:validation:Optional SSL *string `json:"ssl,omitempty" tf:"ssl,omitempty"` // +kubebuilder:validation:Optional SecurityHeader []SettingsSecurityHeaderParameters `json:"securityHeader,omitempty" tf:"security_header,omitempty"` + // Allowed values: "off" (Enterprise only), "essentially_off", "low", "medium" (default), "high", "under_attack". // +kubebuilder:validation:Optional SecurityLevel *string `json:"securityLevel,omitempty" tf:"security_level,omitempty"` + // (default: on) // +kubebuilder:validation:Optional ServerSideExclude *string `json:"serverSideExclude,omitempty" tf:"server_side_exclude,omitempty"` + // (default: off) // +kubebuilder:validation:Optional SortQueryStringForCache *string `json:"sortQueryStringForCache,omitempty" tf:"sort_query_string_for_cache,omitempty"` // +kubebuilder:validation:Optional TLS12Only *string `json:"tls12Only,omitempty" tf:"tls_1_2_only,omitempty"` + // Allowed values: "off" (default), "on", "zrt". // +kubebuilder:validation:Optional TLS13 *string `json:"tls13,omitempty" tf:"tls_1_3,omitempty"` + // (default: on) // +kubebuilder:validation:Optional TLSClientAuth *string `json:"tlsClientAuth,omitempty" tf:"tls_client_auth,omitempty"` + // (default: off) // +kubebuilder:validation:Optional TrueClientIPHeader *string `json:"trueClientIpHeader,omitempty" tf:"true_client_ip_header,omitempty"` + // (default: on) // +kubebuilder:validation:Optional UniversalSSL *string `json:"universalSsl,omitempty" tf:"universal_ssl,omitempty"` + // (default: off) // +kubebuilder:validation:Optional VisitorIP *string `json:"visitorIp,omitempty" tf:"visitor_ip,omitempty"` + // (default: off) // +kubebuilder:validation:Optional Waf *string `json:"waf,omitempty" tf:"waf,omitempty"` + // (default: off). Note that the value specified will be ignored unless polish is turned on (i.e. is "lossless" or "lossy") // +kubebuilder:validation:Optional Webp *string `json:"webp,omitempty" tf:"webp,omitempty"` + // (default: off) // +kubebuilder:validation:Optional Websockets *string `json:"websockets,omitempty" tf:"websockets,omitempty"` + // (default: off) // +kubebuilder:validation:Optional ZeroRtt *string `json:"zeroRtt,omitempty" tf:"zero_rtt,omitempty"` } +type SettingsSecurityHeaderInitParameters struct { + + // true/false + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // true/false + IncludeSubdomains *bool `json:"includeSubdomains,omitempty" tf:"include_subdomains,omitempty"` + + // Integer + MaxAge *float64 `json:"maxAge,omitempty" tf:"max_age,omitempty"` + + // true/false + Nosniff *bool `json:"nosniff,omitempty" tf:"nosniff,omitempty"` + + // true/false + Preload *bool `json:"preload,omitempty" tf:"preload,omitempty"` +} + type SettingsSecurityHeaderObservation struct { + + // true/false + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // true/false + IncludeSubdomains *bool `json:"includeSubdomains,omitempty" tf:"include_subdomains,omitempty"` + + // Integer + MaxAge *float64 `json:"maxAge,omitempty" tf:"max_age,omitempty"` + + // true/false + Nosniff *bool `json:"nosniff,omitempty" tf:"nosniff,omitempty"` + + // true/false + Preload *bool `json:"preload,omitempty" tf:"preload,omitempty"` } type SettingsSecurityHeaderParameters struct { + // true/false // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // true/false // +kubebuilder:validation:Optional IncludeSubdomains *bool `json:"includeSubdomains,omitempty" tf:"include_subdomains,omitempty"` + // Integer // +kubebuilder:validation:Optional MaxAge *float64 `json:"maxAge,omitempty" tf:"max_age,omitempty"` + // true/false // +kubebuilder:validation:Optional Nosniff *bool `json:"nosniff,omitempty" tf:"nosniff,omitempty"` + // true/false // +kubebuilder:validation:Optional Preload *bool `json:"preload,omitempty" tf:"preload,omitempty"` } @@ -424,6 +1003,17 @@ type SettingsSecurityHeaderParameters struct { type SettingsOverrideSpec struct { v1.ResourceSpec `json:",inline"` ForProvider SettingsOverrideParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider SettingsOverrideInitParameters `json:"initProvider,omitempty"` } // SettingsOverrideStatus defines the observed state of SettingsOverride. @@ -433,13 +1023,14 @@ type SettingsOverrideStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// SettingsOverride is the Schema for the SettingsOverrides API. +// SettingsOverride is the Schema for the SettingsOverrides API. Provides a resource which customizes Cloudflare zone settings. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type SettingsOverride struct { metav1.TypeMeta `json:",inline"` diff --git a/apis/zone/v1alpha1/zz_tieredcache_terraformed.go b/apis/zone/v1alpha1/zz_tieredcache_terraformed.go new file mode 100755 index 0000000..5d63da2 --- /dev/null +++ b/apis/zone/v1alpha1/zz_tieredcache_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this TieredCache +func (mg *TieredCache) GetTerraformResourceType() string { + return "cloudflare_tiered_cache" +} + +// GetConnectionDetailsMapping for this TieredCache +func (tr *TieredCache) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this TieredCache +func (tr *TieredCache) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this TieredCache +func (tr *TieredCache) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this TieredCache +func (tr *TieredCache) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this TieredCache +func (tr *TieredCache) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this TieredCache +func (tr *TieredCache) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this TieredCache +func (tr *TieredCache) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this TieredCache +func (tr *TieredCache) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this TieredCache using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *TieredCache) LateInitialize(attrs []byte) (bool, error) { + params := &TieredCacheParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *TieredCache) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/zone/v1alpha1/zz_tieredcache_types.go b/apis/zone/v1alpha1/zz_tieredcache_types.go index 6e56b5d..68dbd3c 100755 --- a/apis/zone/v1alpha1/zz_tieredcache_types.go +++ b/apis/zone/v1alpha1/zz_tieredcache_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,16 +17,48 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type TieredCacheInitParameters struct { + + // (String) The typed of tiered cache to utilize on the zone. Available values: generic, smart, off. + // The typed of tiered cache to utilize on the zone. Available values: `generic`, `smart`, `off`. + CacheType *string `json:"cacheType,omitempty" tf:"cache_type,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type TieredCacheObservation struct { + + // (String) The typed of tiered cache to utilize on the zone. Available values: generic, smart, off. + // The typed of tiered cache to utilize on the zone. Available values: `generic`, `smart`, `off`. + CacheType *string `json:"cacheType,omitempty" tf:"cache_type,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type TieredCacheParameters struct { + // (String) The typed of tiered cache to utilize on the zone. Available values: generic, smart, off. // The typed of tiered cache to utilize on the zone. Available values: `generic`, `smart`, `off`. - // +kubebuilder:validation:Required - CacheType *string `json:"cacheType" tf:"cache_type,omitempty"` + // +kubebuilder:validation:Optional + CacheType *string `json:"cacheType,omitempty" tf:"cache_type,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=Zone // +kubebuilder:validation:Optional @@ -41,6 +77,17 @@ type TieredCacheParameters struct { type TieredCacheSpec struct { v1.ResourceSpec `json:",inline"` ForProvider TieredCacheParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider TieredCacheInitParameters `json:"initProvider,omitempty"` } // TieredCacheStatus defines the observed state of TieredCache. @@ -50,19 +97,21 @@ type TieredCacheStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// TieredCache is the Schema for the TieredCaches API. +// TieredCache is the Schema for the TieredCaches API. Provides a resource, that manages Cloudflare Tiered Cache settings. This allows you to adjust topologies for your zone. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type TieredCache struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec TieredCacheSpec `json:"spec"` - Status TieredCacheStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.cacheType) || (has(self.initProvider) && has(self.initProvider.cacheType))",message="spec.forProvider.cacheType is a required parameter" + Spec TieredCacheSpec `json:"spec"` + Status TieredCacheStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/zone/v1alpha1/zz_totaltls_terraformed.go b/apis/zone/v1alpha1/zz_totaltls_terraformed.go new file mode 100755 index 0000000..5227b9a --- /dev/null +++ b/apis/zone/v1alpha1/zz_totaltls_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this TotalTLS +func (mg *TotalTLS) GetTerraformResourceType() string { + return "cloudflare_total_tls" +} + +// GetConnectionDetailsMapping for this TotalTLS +func (tr *TotalTLS) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this TotalTLS +func (tr *TotalTLS) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this TotalTLS +func (tr *TotalTLS) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this TotalTLS +func (tr *TotalTLS) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this TotalTLS +func (tr *TotalTLS) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this TotalTLS +func (tr *TotalTLS) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this TotalTLS +func (tr *TotalTLS) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this TotalTLS +func (tr *TotalTLS) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this TotalTLS using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *TotalTLS) LateInitialize(attrs []byte) (bool, error) { + params := &TotalTLSParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *TotalTLS) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/zone/v1alpha1/zz_totaltls_types.go b/apis/zone/v1alpha1/zz_totaltls_types.go index 8417344..a453477 100755 --- a/apis/zone/v1alpha1/zz_totaltls_types.go +++ b/apis/zone/v1alpha1/zz_totaltls_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,20 +17,61 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type TotalTLSInitParameters struct { + + // (String) The Certificate Authority that Total TLS certificates will be issued through. Available values: google, lets_encrypt. + // The Certificate Authority that Total TLS certificates will be issued through. Available values: `google`, `lets_encrypt`. + CertificateAuthority *string `json:"certificateAuthority,omitempty" tf:"certificate_authority,omitempty"` + + // (Boolean) Enable Total TLS for the zone. + // Enable Total TLS for the zone. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type TotalTLSObservation struct { + + // (String) The Certificate Authority that Total TLS certificates will be issued through. Available values: google, lets_encrypt. + // The Certificate Authority that Total TLS certificates will be issued through. Available values: `google`, `lets_encrypt`. + CertificateAuthority *string `json:"certificateAuthority,omitempty" tf:"certificate_authority,omitempty"` + + // (Boolean) Enable Total TLS for the zone. + // Enable Total TLS for the zone. + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type TotalTLSParameters struct { + // (String) The Certificate Authority that Total TLS certificates will be issued through. Available values: google, lets_encrypt. // The Certificate Authority that Total TLS certificates will be issued through. Available values: `google`, `lets_encrypt`. // +kubebuilder:validation:Optional CertificateAuthority *string `json:"certificateAuthority,omitempty" tf:"certificate_authority,omitempty"` + // (Boolean) Enable Total TLS for the zone. // Enable Total TLS for the zone. - // +kubebuilder:validation:Required - Enabled *bool `json:"enabled" tf:"enabled,omitempty"` + // +kubebuilder:validation:Optional + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=Zone // +kubebuilder:validation:Optional @@ -45,6 +90,17 @@ type TotalTLSParameters struct { type TotalTLSSpec struct { v1.ResourceSpec `json:",inline"` ForProvider TotalTLSParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider TotalTLSInitParameters `json:"initProvider,omitempty"` } // TotalTLSStatus defines the observed state of TotalTLS. @@ -54,19 +110,21 @@ type TotalTLSStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// TotalTLS is the Schema for the TotalTLSs API. +// TotalTLS is the Schema for the TotalTLSs API. Provides a resource which manages Total TLS for a zone. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type TotalTLS struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec TotalTLSSpec `json:"spec"` - Status TotalTLSStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.enabled) || (has(self.initProvider) && has(self.initProvider.enabled))",message="spec.forProvider.enabled is a required parameter" + Spec TotalTLSSpec `json:"spec"` + Status TotalTLSStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/zone/v1alpha1/zz_urlnormalizationsettings_terraformed.go b/apis/zone/v1alpha1/zz_urlnormalizationsettings_terraformed.go new file mode 100755 index 0000000..8ec7807 --- /dev/null +++ b/apis/zone/v1alpha1/zz_urlnormalizationsettings_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this URLNormalizationSettings +func (mg *URLNormalizationSettings) GetTerraformResourceType() string { + return "cloudflare_url_normalization_settings" +} + +// GetConnectionDetailsMapping for this URLNormalizationSettings +func (tr *URLNormalizationSettings) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this URLNormalizationSettings +func (tr *URLNormalizationSettings) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this URLNormalizationSettings +func (tr *URLNormalizationSettings) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this URLNormalizationSettings +func (tr *URLNormalizationSettings) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this URLNormalizationSettings +func (tr *URLNormalizationSettings) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this URLNormalizationSettings +func (tr *URLNormalizationSettings) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this URLNormalizationSettings +func (tr *URLNormalizationSettings) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this URLNormalizationSettings +func (tr *URLNormalizationSettings) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this URLNormalizationSettings using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *URLNormalizationSettings) LateInitialize(attrs []byte) (bool, error) { + params := &URLNormalizationSettingsParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *URLNormalizationSettings) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/zone/v1alpha1/zz_urlnormalizationsettings_types.go b/apis/zone/v1alpha1/zz_urlnormalizationsettings_types.go index 9ca6498..ea9149a 100755 --- a/apis/zone/v1alpha1/zz_urlnormalizationsettings_types.go +++ b/apis/zone/v1alpha1/zz_urlnormalizationsettings_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,20 +17,61 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type URLNormalizationSettingsInitParameters struct { + + // (String) The scope of the URL normalization. + // The scope of the URL normalization. + Scope *string `json:"scope,omitempty" tf:"scope,omitempty"` + + // (String) The type of URL normalization performed by Cloudflare. + // The type of URL normalization performed by Cloudflare. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type URLNormalizationSettingsObservation struct { + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The scope of the URL normalization. + // The scope of the URL normalization. + Scope *string `json:"scope,omitempty" tf:"scope,omitempty"` + + // (String) The type of URL normalization performed by Cloudflare. + // The type of URL normalization performed by Cloudflare. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type URLNormalizationSettingsParameters struct { + // (String) The scope of the URL normalization. // The scope of the URL normalization. - // +kubebuilder:validation:Required - Scope *string `json:"scope" tf:"scope,omitempty"` + // +kubebuilder:validation:Optional + Scope *string `json:"scope,omitempty" tf:"scope,omitempty"` + // (String) The type of URL normalization performed by Cloudflare. // The type of URL normalization performed by Cloudflare. - // +kubebuilder:validation:Required - Type *string `json:"type" tf:"type,omitempty"` + // +kubebuilder:validation:Optional + Type *string `json:"type,omitempty" tf:"type,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=Zone // +kubebuilder:validation:Optional @@ -45,6 +90,17 @@ type URLNormalizationSettingsParameters struct { type URLNormalizationSettingsSpec struct { v1.ResourceSpec `json:",inline"` ForProvider URLNormalizationSettingsParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider URLNormalizationSettingsInitParameters `json:"initProvider,omitempty"` } // URLNormalizationSettingsStatus defines the observed state of URLNormalizationSettings. @@ -54,19 +110,22 @@ type URLNormalizationSettingsStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// URLNormalizationSettings is the Schema for the URLNormalizationSettingss API. +// URLNormalizationSettings is the Schema for the URLNormalizationSettingss API. Provides a resource to manage URL Normalization Settings. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type URLNormalizationSettings struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec URLNormalizationSettingsSpec `json:"spec"` - Status URLNormalizationSettingsStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.scope) || (has(self.initProvider) && has(self.initProvider.scope))",message="spec.forProvider.scope is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.type) || (has(self.initProvider) && has(self.initProvider.type))",message="spec.forProvider.type is a required parameter" + Spec URLNormalizationSettingsSpec `json:"spec"` + Status URLNormalizationSettingsStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/zone/v1alpha1/zz_useragentblockingrule_terraformed.go b/apis/zone/v1alpha1/zz_useragentblockingrule_terraformed.go new file mode 100755 index 0000000..a2d339a --- /dev/null +++ b/apis/zone/v1alpha1/zz_useragentblockingrule_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this UserAgentBlockingRule +func (mg *UserAgentBlockingRule) GetTerraformResourceType() string { + return "cloudflare_user_agent_blocking_rule" +} + +// GetConnectionDetailsMapping for this UserAgentBlockingRule +func (tr *UserAgentBlockingRule) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this UserAgentBlockingRule +func (tr *UserAgentBlockingRule) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this UserAgentBlockingRule +func (tr *UserAgentBlockingRule) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this UserAgentBlockingRule +func (tr *UserAgentBlockingRule) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this UserAgentBlockingRule +func (tr *UserAgentBlockingRule) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this UserAgentBlockingRule +func (tr *UserAgentBlockingRule) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this UserAgentBlockingRule +func (tr *UserAgentBlockingRule) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this UserAgentBlockingRule +func (tr *UserAgentBlockingRule) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this UserAgentBlockingRule using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *UserAgentBlockingRule) LateInitialize(attrs []byte) (bool, error) { + params := &UserAgentBlockingRuleParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *UserAgentBlockingRule) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/zone/v1alpha1/zz_useragentblockingrule_types.go b/apis/zone/v1alpha1/zz_useragentblockingrule_types.go index 9afda39..1e96c73 100755 --- a/apis/zone/v1alpha1/zz_useragentblockingrule_types.go +++ b/apis/zone/v1alpha1/zz_useragentblockingrule_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,42 +17,122 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ConfigurationInitParameters struct { + + // (String) The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. + // The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. + Target *string `json:"target,omitempty" tf:"target,omitempty"` + + // Agent HTTP header value. + // The exact user agent string to match. This value will be compared to the received User-Agent HTTP header value. + Value *string `json:"value,omitempty" tf:"value,omitempty"` +} + type ConfigurationObservation struct { + + // (String) The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. + // The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. + Target *string `json:"target,omitempty" tf:"target,omitempty"` + + // Agent HTTP header value. + // The exact user agent string to match. This value will be compared to the received User-Agent HTTP header value. + Value *string `json:"value,omitempty" tf:"value,omitempty"` } type ConfigurationParameters struct { + // (String) The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. // The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Target *string `json:"target" tf:"target,omitempty"` + // Agent HTTP header value. // The exact user agent string to match. This value will be compared to the received User-Agent HTTP header value. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional Value *string `json:"value" tf:"value,omitempty"` } +type UserAgentBlockingRuleInitParameters struct { + + // (Block List, Min: 1, Max: 1) The configuration object for the current rule. (see below for nested schema) + // The configuration object for the current rule. + Configuration []ConfigurationInitParameters `json:"configuration,omitempty" tf:"configuration,omitempty"` + + // (String) An informative summary of the rule. + // An informative summary of the rule. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The action to apply to a matched request. Available values: block, challenge, js_challenge, managed_challenge. + // The action to apply to a matched request. Available values: `block`, `challenge`, `js_challenge`, `managed_challenge`. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // (Boolean) When true, indicates that the rule is currently paused. + // When true, indicates that the rule is currently paused. + Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + // +crossplane:generate:reference:type=Zone + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` + + // Reference to a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDRef *v1.Reference `json:"zoneIdRef,omitempty" tf:"-"` + + // Selector for a Zone to populate zoneId. + // +kubebuilder:validation:Optional + ZoneIDSelector *v1.Selector `json:"zoneIdSelector,omitempty" tf:"-"` +} + type UserAgentBlockingRuleObservation struct { + + // (Block List, Min: 1, Max: 1) The configuration object for the current rule. (see below for nested schema) + // The configuration object for the current rule. + Configuration []ConfigurationObservation `json:"configuration,omitempty" tf:"configuration,omitempty"` + + // (String) An informative summary of the rule. + // An informative summary of the rule. + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // (String) The action to apply to a matched request. Available values: block, challenge, js_challenge, managed_challenge. + // The action to apply to a matched request. Available values: `block`, `challenge`, `js_challenge`, `managed_challenge`. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // (Boolean) When true, indicates that the rule is currently paused. + // When true, indicates that the rule is currently paused. + Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + ZoneID *string `json:"zoneId,omitempty" tf:"zone_id,omitempty"` } type UserAgentBlockingRuleParameters struct { + // (Block List, Min: 1, Max: 1) The configuration object for the current rule. (see below for nested schema) // The configuration object for the current rule. - // +kubebuilder:validation:Required - Configuration []ConfigurationParameters `json:"configuration" tf:"configuration,omitempty"` + // +kubebuilder:validation:Optional + Configuration []ConfigurationParameters `json:"configuration,omitempty" tf:"configuration,omitempty"` + // (String) An informative summary of the rule. // An informative summary of the rule. - // +kubebuilder:validation:Required - Description *string `json:"description" tf:"description,omitempty"` + // +kubebuilder:validation:Optional + Description *string `json:"description,omitempty" tf:"description,omitempty"` + // (String) The action to apply to a matched request. Available values: block, challenge, js_challenge, managed_challenge. // The action to apply to a matched request. Available values: `block`, `challenge`, `js_challenge`, `managed_challenge`. - // +kubebuilder:validation:Required - Mode *string `json:"mode" tf:"mode,omitempty"` + // +kubebuilder:validation:Optional + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + // (Boolean) When true, indicates that the rule is currently paused. // When true, indicates that the rule is currently paused. - // +kubebuilder:validation:Required - Paused *bool `json:"paused" tf:"paused,omitempty"` + // +kubebuilder:validation:Optional + Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + // (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. // The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** // +crossplane:generate:reference:type=Zone // +kubebuilder:validation:Optional @@ -67,6 +151,17 @@ type UserAgentBlockingRuleParameters struct { type UserAgentBlockingRuleSpec struct { v1.ResourceSpec `json:",inline"` ForProvider UserAgentBlockingRuleParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider UserAgentBlockingRuleInitParameters `json:"initProvider,omitempty"` } // UserAgentBlockingRuleStatus defines the observed state of UserAgentBlockingRule. @@ -76,19 +171,24 @@ type UserAgentBlockingRuleStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// UserAgentBlockingRule is the Schema for the UserAgentBlockingRules API. +// UserAgentBlockingRule is the Schema for the UserAgentBlockingRules API. Provides a resource to manage User Agent Blocking Rules. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type UserAgentBlockingRule struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec UserAgentBlockingRuleSpec `json:"spec"` - Status UserAgentBlockingRuleStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.configuration) || (has(self.initProvider) && has(self.initProvider.configuration))",message="spec.forProvider.configuration is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.description) || (has(self.initProvider) && has(self.initProvider.description))",message="spec.forProvider.description is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.mode) || (has(self.initProvider) && has(self.initProvider.mode))",message="spec.forProvider.mode is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.paused) || (has(self.initProvider) && has(self.initProvider.paused))",message="spec.forProvider.paused is a required parameter" + Spec UserAgentBlockingRuleSpec `json:"spec"` + Status UserAgentBlockingRuleStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/zone/v1alpha1/zz_zone_terraformed.go b/apis/zone/v1alpha1/zz_zone_terraformed.go new file mode 100755 index 0000000..ea57489 --- /dev/null +++ b/apis/zone/v1alpha1/zz_zone_terraformed.go @@ -0,0 +1,133 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1alpha1 + +import ( + "dario.cat/mergo" + "github.com/pkg/errors" + + "github.com/crossplane/upjet/pkg/resource" + "github.com/crossplane/upjet/pkg/resource/json" +) + +// GetTerraformResourceType returns Terraform resource type for this Zone +func (mg *Zone) GetTerraformResourceType() string { + return "cloudflare_zone" +} + +// GetConnectionDetailsMapping for this Zone +func (tr *Zone) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this Zone +func (tr *Zone) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this Zone +func (tr *Zone) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this Zone +func (tr *Zone) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this Zone +func (tr *Zone) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this Zone +func (tr *Zone) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// GetInitParameters of this Zone +func (tr *Zone) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// GetInitParameters of this Zone +func (tr *Zone) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error) { + params, err := tr.GetParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get parameters for resource '%q'", tr.GetName()) + } + if !shouldMergeInitProvider { + return params, nil + } + + initParams, err := tr.GetInitParameters() + if err != nil { + return nil, errors.Wrapf(err, "cannot get init parameters for resource '%q'", tr.GetName()) + } + + // Note(lsviben): mergo.WithSliceDeepCopy is needed to merge the + // slices from the initProvider to forProvider. As it also sets + // overwrite to true, we need to set it back to false, we don't + // want to overwrite the forProvider fields with the initProvider + // fields. + err = mergo.Merge(¶ms, initParams, mergo.WithSliceDeepCopy, func(c *mergo.Config) { + c.Overwrite = false + }) + if err != nil { + return nil, errors.Wrapf(err, "cannot merge spec.initProvider and spec.forProvider parameters for resource '%q'", tr.GetName()) + } + + return params, nil +} + +// LateInitialize this Zone using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *Zone) LateInitialize(attrs []byte) (bool, error) { + params := &ZoneParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *Zone) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/apis/zone/v1alpha1/zz_zone_types.go b/apis/zone/v1alpha1/zz_zone_types.go index 0ed4862..e7b7fa5 100755 --- a/apis/zone/v1alpha1/zz_zone_types.go +++ b/apis/zone/v1alpha1/zz_zone_types.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -13,26 +17,95 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ZoneInitParameters struct { + + // (String) Account ID to manage the zone resource in. + // Account ID to manage the zone resource in. + // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // Reference to a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDRef *v1.Reference `json:"accountIdRef,omitempty" tf:"-"` + + // Selector for a Account in account to populate accountId. + // +kubebuilder:validation:Optional + AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + + // (Boolean) Whether to scan for DNS records on creation. Ignored after zone is created. + // Whether to scan for DNS records on creation. Ignored after zone is created. + JumpStart *bool `json:"jumpStart,omitempty" tf:"jump_start,omitempty"` + + // (Boolean) Whether this zone is paused (traffic bypasses Cloudflare). Defaults to false. + // Whether this zone is paused (traffic bypasses Cloudflare). Defaults to `false`. + Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + + // (String) The name of the commercial plan to apply to the zone. Available values: free, lite, pro, pro_plus, business, enterprise, partners_free, partners_pro, partners_business, partners_enterprise. + // The name of the commercial plan to apply to the zone. Available values: `free`, `lite`, `pro`, `pro_plus`, `business`, `enterprise`, `partners_free`, `partners_pro`, `partners_business`, `partners_enterprise`. + Plan *string `json:"plan,omitempty" tf:"plan,omitempty"` + + // hosted zone or a CNAME setup. Available values: full, partial. Defaults to full. + // A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. Available values: `full`, `partial`. Defaults to `full`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (String) The DNS zone name which will be added. Modifying this attribute will force creation of a new resource. + // The DNS zone name which will be added. **Modifying this attribute will force creation of a new resource.** + Zone *string `json:"zone,omitempty" tf:"zone,omitempty"` +} + type ZoneObservation struct { + + // (String) Account ID to manage the zone resource in. + // Account ID to manage the zone resource in. + AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"` + + // (String) The ID of this resource. ID *string `json:"id,omitempty" tf:"id,omitempty"` + // (Boolean) Whether to scan for DNS records on creation. Ignored after zone is created. + // Whether to scan for DNS records on creation. Ignored after zone is created. + JumpStart *bool `json:"jumpStart,omitempty" tf:"jump_start,omitempty"` + + // (Map of Boolean) + // +mapType=granular Meta map[string]*bool `json:"meta,omitempty" tf:"meta,omitempty"` + // assigned name servers. This is only populated for zones that use Cloudflare DNS. // Cloudflare-assigned name servers. This is only populated for zones that use Cloudflare DNS. NameServers []*string `json:"nameServers,omitempty" tf:"name_servers,omitempty"` + // (Boolean) Whether this zone is paused (traffic bypasses Cloudflare). Defaults to false. + // Whether this zone is paused (traffic bypasses Cloudflare). Defaults to `false`. + Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + + // (String) The name of the commercial plan to apply to the zone. Available values: free, lite, pro, pro_plus, business, enterprise, partners_free, partners_pro, partners_business, partners_enterprise. + // The name of the commercial plan to apply to the zone. Available values: `free`, `lite`, `pro`, `pro_plus`, `business`, `enterprise`, `partners_free`, `partners_pro`, `partners_business`, `partners_enterprise`. + Plan *string `json:"plan,omitempty" tf:"plan,omitempty"` + + // (String) Status of the zone. Available values: active, pending, initializing, moved, deleted, deactivated. // Status of the zone. Available values: `active`, `pending`, `initializing`, `moved`, `deleted`, `deactivated`. Status *string `json:"status,omitempty" tf:"status,omitempty"` + // hosted zone or a CNAME setup. Available values: full, partial. Defaults to full. + // A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. Available values: `full`, `partial`. Defaults to `full`. + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // (List of String) List of Vanity Nameservers (if set). // List of Vanity Nameservers (if set). VanityNameServers []*string `json:"vanityNameServers,omitempty" tf:"vanity_name_servers,omitempty"` + // (String) Contains the TXT record value to validate domain ownership. This is only populated for zones of type partial. // Contains the TXT record value to validate domain ownership. This is only populated for zones of type `partial`. VerificationKey *string `json:"verificationKey,omitempty" tf:"verification_key,omitempty"` + + // (String) The DNS zone name which will be added. Modifying this attribute will force creation of a new resource. + // The DNS zone name which will be added. **Modifying this attribute will force creation of a new resource.** + Zone *string `json:"zone,omitempty" tf:"zone,omitempty"` } type ZoneParameters struct { + // (String) Account ID to manage the zone resource in. // Account ID to manage the zone resource in. // +crossplane:generate:reference:type=github.com/cdloh/provider-cloudflare/apis/account/v1alpha1.Account // +kubebuilder:validation:Optional @@ -46,31 +119,47 @@ type ZoneParameters struct { // +kubebuilder:validation:Optional AccountIDSelector *v1.Selector `json:"accountIdSelector,omitempty" tf:"-"` + // (Boolean) Whether to scan for DNS records on creation. Ignored after zone is created. // Whether to scan for DNS records on creation. Ignored after zone is created. // +kubebuilder:validation:Optional JumpStart *bool `json:"jumpStart,omitempty" tf:"jump_start,omitempty"` + // (Boolean) Whether this zone is paused (traffic bypasses Cloudflare). Defaults to false. // Whether this zone is paused (traffic bypasses Cloudflare). Defaults to `false`. // +kubebuilder:validation:Optional Paused *bool `json:"paused,omitempty" tf:"paused,omitempty"` + // (String) The name of the commercial plan to apply to the zone. Available values: free, lite, pro, pro_plus, business, enterprise, partners_free, partners_pro, partners_business, partners_enterprise. // The name of the commercial plan to apply to the zone. Available values: `free`, `lite`, `pro`, `pro_plus`, `business`, `enterprise`, `partners_free`, `partners_pro`, `partners_business`, `partners_enterprise`. // +kubebuilder:validation:Optional Plan *string `json:"plan,omitempty" tf:"plan,omitempty"` + // hosted zone or a CNAME setup. Available values: full, partial. Defaults to full. // A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. Available values: `full`, `partial`. Defaults to `full`. // +kubebuilder:validation:Optional Type *string `json:"type,omitempty" tf:"type,omitempty"` + // (String) The DNS zone name which will be added. Modifying this attribute will force creation of a new resource. // The DNS zone name which will be added. **Modifying this attribute will force creation of a new resource.** - // +kubebuilder:validation:Required - Zone *string `json:"zone" tf:"zone,omitempty"` + // +kubebuilder:validation:Optional + Zone *string `json:"zone,omitempty" tf:"zone,omitempty"` } // ZoneSpec defines the desired state of Zone type ZoneSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ZoneParameters `json:"forProvider"` + // THIS IS A BETA FIELD. It will be honored + // unless the Management Policies feature flag is disabled. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ZoneInitParameters `json:"initProvider,omitempty"` } // ZoneStatus defines the observed state of Zone. @@ -80,19 +169,21 @@ type ZoneStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status +// +kubebuilder:storageversion -// Zone is the Schema for the Zones API. +// Zone is the Schema for the Zones API. Provides a Cloudflare Zone resource. Zone is the basic resource for working with Cloudflare and is roughly equivalent to a domain name that the user purchases. // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" // +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" -// +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,cloudflare} type Zone struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec ZoneSpec `json:"spec"` - Status ZoneStatus `json:"status,omitempty"` + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.zone) || (has(self.initProvider) && has(self.initProvider.zone))",message="spec.forProvider.zone is a required parameter" + Spec ZoneSpec `json:"spec"` + Status ZoneStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/zz_register.go b/apis/zz_register.go index 9aa677f..441b1c1 100755 --- a/apis/zz_register.go +++ b/apis/zz_register.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ diff --git a/build b/build index 0d8822d..17a1cb7 160000 --- a/build +++ b/build @@ -1 +1 @@ -Subproject commit 0d8822d9deb275245b0500874fee9e5a2e37d814 +Subproject commit 17a1cb7ec77bfa843c5c97b04fa91281324ceee7 diff --git a/cmd/generator/main.go b/cmd/generator/main.go index 1b03669..154fe1c 100644 --- a/cmd/generator/main.go +++ b/cmd/generator/main.go @@ -9,7 +9,7 @@ import ( "os" "path/filepath" - "github.com/upbound/upjet/pkg/pipeline" + "github.com/crossplane/upjet/pkg/pipeline" "github.com/cdloh/provider-cloudflare/config" ) diff --git a/cmd/provider/main.go b/cmd/provider/main.go index 9af7413..cab268b 100644 --- a/cmd/provider/main.go +++ b/cmd/provider/main.go @@ -12,16 +12,18 @@ import ( xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1" xpcontroller "github.com/crossplane/crossplane-runtime/pkg/controller" + "github.com/crossplane/crossplane-runtime/pkg/feature" "github.com/crossplane/crossplane-runtime/pkg/logging" "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/terraform" "gopkg.in/alecthomas/kingpin.v2" kerrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/tools/leaderelection/resourcelock" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/cache" "sigs.k8s.io/controller-runtime/pkg/log/zap" "github.com/cdloh/provider-cloudflare/apis" @@ -37,14 +39,17 @@ func main() { app = kingpin.New(filepath.Base(os.Args[0]), "Terraform based Crossplane provider for Cloudflare").DefaultEnvars() debug = app.Flag("debug", "Run with debug logging.").Short('d').Bool() syncPeriod = app.Flag("sync", "Controller manager sync period such as 300ms, 1.5h, or 2h45m").Short('s').Default("1h").Duration() + pollInterval = app.Flag("poll", "Poll interval controls how often an individual resource should be checked for drift.").Default("10m").Duration() leaderElection = app.Flag("leader-election", "Use leader election for the controller manager.").Short('l').Default("false").OverrideDefaultFromEnvar("LEADER_ELECTION").Bool() + maxReconcileRate = app.Flag("max-reconcile-rate", "The global maximum rate per second at which resources may be checked for drift from the desired state.").Default("10").Int() + terraformVersion = app.Flag("terraform-version", "Terraform version.").Required().Envar("TERRAFORM_VERSION").String() providerSource = app.Flag("terraform-provider-source", "Terraform provider source.").Required().Envar("TERRAFORM_PROVIDER_SOURCE").String() providerVersion = app.Flag("terraform-provider-version", "Terraform provider version.").Required().Envar("TERRAFORM_PROVIDER_VERSION").String() - maxReconcileRate = app.Flag("max-reconcile-rate", "The global maximum rate per second at which resources may checked for drift from the desired state.").Default("10").Int() namespace = app.Flag("namespace", "Namespace used to set as default scope in default secret store config.").Default("crossplane-system").Envar("POD_NAMESPACE").String() enableExternalSecretStores = app.Flag("enable-external-secret-stores", "Enable support for ExternalSecretStores.").Default("false").Envar("ENABLE_EXTERNAL_SECRET_STORES").Bool() + enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for Management Policies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool() ) kingpin.MustParse(app.Parse(os.Args[1:])) @@ -58,27 +63,30 @@ func main() { ctrl.SetLogger(zl) } - log.Debug("Starting", "sync-period", syncPeriod.String()) + log.Debug("Starting", "sync-period", syncPeriod.String(), "poll-interval", pollInterval.String(), "max-reconcile-rate", *maxReconcileRate) cfg, err := ctrl.GetConfig() kingpin.FatalIfError(err, "Cannot get API server rest config") mgr, err := ctrl.NewManager(cfg, ctrl.Options{ - LeaderElection: *leaderElection, - LeaderElectionID: "crossplane-leader-election-provider-cloudflare", - SyncPeriod: syncPeriod, + LeaderElection: *leaderElection, + LeaderElectionID: "crossplane-leader-election-provider-cloudflare", + Cache: cache.Options{ + SyncPeriod: syncPeriod, + }, LeaderElectionResourceLock: resourcelock.LeasesResourceLock, LeaseDuration: func() *time.Duration { d := 60 * time.Second; return &d }(), RenewDeadline: func() *time.Duration { d := 50 * time.Second; return &d }(), }) kingpin.FatalIfError(err, "Cannot create controller manager") - kingpin.FatalIfError(apis.AddToScheme(mgr.GetScheme()), "Cannot add Cloudflare APIs to scheme") + kingpin.FatalIfError(apis.AddToScheme(mgr.GetScheme()), "Cannot add Template APIs to scheme") o := tjcontroller.Options{ Options: xpcontroller.Options{ Logger: log, GlobalRateLimiter: ratelimiter.NewGlobal(*maxReconcileRate), - PollInterval: 1 * time.Minute, - MaxConcurrentReconciles: 1, + PollInterval: *pollInterval, + MaxConcurrentReconciles: *maxReconcileRate, + Features: &feature.Flags{}, }, Provider: config.GetProvider(), // use the following WorkspaceStoreOption to enable the shared gRPC mode @@ -106,6 +114,11 @@ func main() { })), "cannot create default store config") } + if *enableManagementPolicies { + o.Features.Enable(features.EnableBetaManagementPolicies) + log.Info("Beta feature enabled", "flag", features.EnableBetaManagementPolicies) + } + kingpin.FatalIfError(controller.Setup(mgr, o), "Cannot setup Cloudflare controllers") kingpin.FatalIfError(mgr.Start(ctrl.SetupSignalHandler()), "Cannot start controller manager") } diff --git a/config/access/config.go b/config/access/config.go index f7b57fb..0aeb695 100644 --- a/config/access/config.go +++ b/config/access/config.go @@ -1,6 +1,6 @@ package access -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for access group. func Configure(p *config.Provider) { diff --git a/config/account/config.go b/config/account/config.go index 58da693..76dba96 100644 --- a/config/account/config.go +++ b/config/account/config.go @@ -1,6 +1,6 @@ package account -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for account group. func Configure(p *config.Provider) { diff --git a/config/apishield/config.go b/config/apishield/config.go index 41ac959..29a42bf 100644 --- a/config/apishield/config.go +++ b/config/apishield/config.go @@ -1,6 +1,6 @@ package apishield -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for apishield group. func Configure(p *config.Provider) { diff --git a/config/argo/config.go b/config/argo/config.go index 5661f7d..fc5f53b 100644 --- a/config/argo/config.go +++ b/config/argo/config.go @@ -1,6 +1,6 @@ package argo -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" const ( shortGroupName = "Argo" diff --git a/config/authenticatedoriginpulls/config.go b/config/authenticatedoriginpulls/config.go index 8237d2a..91391c3 100644 --- a/config/authenticatedoriginpulls/config.go +++ b/config/authenticatedoriginpulls/config.go @@ -1,6 +1,6 @@ package authenticatedoriginpulls -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for authenticatedorigins group. func Configure(p *config.Provider) { diff --git a/config/byoip/config.go b/config/byoip/config.go index fdc2b27..129b04f 100644 --- a/config/byoip/config.go +++ b/config/byoip/config.go @@ -1,6 +1,6 @@ package byoip -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for byoip group. func Configure(p *config.Provider) { diff --git a/config/certificate/config.go b/config/certificate/config.go index efeb13a..ddc08a5 100644 --- a/config/certificate/config.go +++ b/config/certificate/config.go @@ -1,6 +1,6 @@ package certificate -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for certificate group. func Configure(p *config.Provider) { diff --git a/config/custom/config.go b/config/custom/config.go index ca3c53d..07d79c8 100644 --- a/config/custom/config.go +++ b/config/custom/config.go @@ -1,6 +1,6 @@ package custom -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for custom group. func Configure(p *config.Provider) { diff --git a/config/customhostname/config.go b/config/customhostname/config.go index 2b3169a..8c2085e 100644 --- a/config/customhostname/config.go +++ b/config/customhostname/config.go @@ -1,6 +1,6 @@ package customhostname -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for customhostname group. func Configure(p *config.Provider) { diff --git a/config/dlp/config.go b/config/dlp/config.go index 97fd303..5e645b8 100644 --- a/config/dlp/config.go +++ b/config/dlp/config.go @@ -1,6 +1,6 @@ package dlp -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for dlp group. func Configure(p *config.Provider) { diff --git a/config/dns/config.go b/config/dns/config.go index 993b7f3..b5d1bef 100644 --- a/config/dns/config.go +++ b/config/dns/config.go @@ -1,6 +1,6 @@ package dns -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for dns group. func Configure(p *config.Provider) { diff --git a/config/emailrouting/config.go b/config/emailrouting/config.go index 274ade1..7eb1cdb 100644 --- a/config/emailrouting/config.go +++ b/config/emailrouting/config.go @@ -1,6 +1,6 @@ package emailrouting -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for emailrouting group. func Configure(p *config.Provider) { diff --git a/config/external_name.go b/config/external_name.go index 7d61ff3..3073320 100644 --- a/config/external_name.go +++ b/config/external_name.go @@ -4,7 +4,7 @@ Copyright 2022 Upbound Inc. package config -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // ExternalNameConfigs contains all external name configurations for this // provider. diff --git a/config/filters/config.go b/config/filters/config.go index cc207ed..9f23e98 100644 --- a/config/filters/config.go +++ b/config/filters/config.go @@ -1,6 +1,6 @@ package filters -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for filters group. func Configure(p *config.Provider) { diff --git a/config/firewall/config.go b/config/firewall/config.go index 1677b39..1b05b8a 100644 --- a/config/firewall/config.go +++ b/config/firewall/config.go @@ -1,6 +1,6 @@ package firewall -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for firewall group. func Configure(p *config.Provider) { diff --git a/config/lists/config.go b/config/lists/config.go index d65691b..6538f58 100644 --- a/config/lists/config.go +++ b/config/lists/config.go @@ -1,6 +1,6 @@ package lists -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for lists group. func Configure(p *config.Provider) { diff --git a/config/loadbalancer/config.go b/config/loadbalancer/config.go index cfda591..d85f928 100644 --- a/config/loadbalancer/config.go +++ b/config/loadbalancer/config.go @@ -1,6 +1,6 @@ package loadbalancer -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" const ( shortGroupName = "loadbalancer" diff --git a/config/logpush/config.go b/config/logpush/config.go index 829f83e..2cd7af3 100644 --- a/config/logpush/config.go +++ b/config/logpush/config.go @@ -1,6 +1,6 @@ package logpush -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for logpush group. func Configure(p *config.Provider) { diff --git a/config/magic/config.go b/config/magic/config.go index c0bb49d..360fd68 100644 --- a/config/magic/config.go +++ b/config/magic/config.go @@ -1,6 +1,6 @@ package magic -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" const ( shortGroupName = "Magic" diff --git a/config/notification/config.go b/config/notification/config.go index a6a84ee..dda91d2 100644 --- a/config/notification/config.go +++ b/config/notification/config.go @@ -1,6 +1,6 @@ package notification -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for notification group. func Configure(p *config.Provider) { diff --git a/config/originca/config.go b/config/originca/config.go index 39d924e..c0f288f 100644 --- a/config/originca/config.go +++ b/config/originca/config.go @@ -1,6 +1,6 @@ package originca -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for originca group. func Configure(p *config.Provider) { diff --git a/config/page/config.go b/config/page/config.go index c956682..bd6b9b8 100644 --- a/config/page/config.go +++ b/config/page/config.go @@ -1,6 +1,6 @@ package page -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for page group. func Configure(p *config.Provider) { diff --git a/config/pages/config.go b/config/pages/config.go index f7209ca..f9f2c04 100644 --- a/config/pages/config.go +++ b/config/pages/config.go @@ -1,6 +1,6 @@ package pages -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for pages group. func Configure(p *config.Provider) { diff --git a/config/provider-metadata.yaml b/config/provider-metadata.yaml index 6c3b5d4..3406519 100644 --- a/config/provider-metadata.yaml +++ b/config/provider-metadata.yaml @@ -1,2 +1,5210 @@ name: cloudflare/cloudflare -resources: {} +resources: + cloudflare_access_application: + subCategory: "" + description: Provides a Cloudflare Access Application resource. Access Applications are used to restrict access to a whole application using an authorisation gateway managed by Cloudflare. + name: cloudflare_access_application + title: cloudflare_access_application Resource - Cloudflare + examples: + - name: staging_app + manifest: |- + { + "auto_redirect_to_identity": false, + "domain": "staging.example.com", + "name": "staging application", + "session_duration": "24h", + "type": "self_hosted", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: staging_app + manifest: |- + { + "cors_headers": [ + { + "allow_credentials": true, + "allowed_methods": [ + "GET", + "POST", + "OPTIONS" + ], + "allowed_origins": [ + "https://example.com" + ], + "max_age": 10 + } + ], + "domain": "staging.example.com", + "name": "staging application", + "session_duration": "24h", + "type": "self_hosted", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Conflicts with zone_id. + allow_all_headers: (Boolean) Value to determine whether all HTTP headers are exposed. + allow_all_methods: (Boolean) Value to determine whether all methods are exposed. + allow_all_origins: (Boolean) Value to determine whether all origins are permitted to make CORS requests. + allow_credentials: (Boolean) Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. + allowed_headers: (Set of String) List of HTTP headers to expose via CORS. + allowed_idps: (Set of String) The identity providers selected for the application. + allowed_methods: (Set of String) List of methods to expose via CORS. + allowed_origins: (Set of String) List of origins permitted to make CORS requests. + app_launcher_visible: (Boolean) Option to show/hide applications in App Launcher. Defaults to true. + aud: (String) Application Audience (AUD) Tag of the application. + auto_redirect_to_identity: (Boolean) Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false. + consumer_service_url: (String) The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. + cors_headers: (Block List) CORS configuration for the Access Application. See below for reference structure. (see below for nested schema) + custom_deny_message: (String) Option that returns a custom error message when a user is denied access to the application. + custom_deny_url: (String) Option that redirects to a custom URL when a user is denied access to the application. + domain: (String) The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. + enable_binding_cookie: (Boolean) Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false. + http_only_cookie_attribute: (Boolean) Option to add the HttpOnly cookie flag to access tokens. + id: (String) The ID of this resource. + logo_url: (String) Image URL for the logo shown in the app launcher dashboard. + max_age: (Number) The maximum time a preflight request will be cached. + name: (String) Friendly name of the Access Application. + name_id_format: (String) The format of the name identifier sent to the SaaS application. Defaults to email. + saas_app: '(Block List, Max: 1) SaaS configuration for the Access Application. (see below for nested schema)' + same_site_cookie_attribute: '(String) Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.' + service_auth_401_redirect: (Boolean) Option to return a 401 status code in service authentication rules on failed requests. Defaults to false. + session_duration: (String) How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h. + skip_interstitial: (Boolean) Option to skip the authorization interstitial when using the CLI. Defaults to false. + sp_entity_id: (String) A globally unique name for an identity or service provider. + type: '(String) The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.' + zone_id: (String) The zone identifier to target for the resource. Conflicts with account_id. + importStatements: + - $ terraform import cloudflare_access_application.example / + cloudflare_access_bookmark: + subCategory: "" + description: Provides a Cloudflare Access Bookmark resource. Access Bookmark applications are not protected behind Access but are displayed in the App Launcher. + name: cloudflare_access_bookmark + title: cloudflare_access_bookmark Resource - Cloudflare + examples: + - name: my_bookmark_app + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "app_launcher_visible": true, + "domain": "example.com", + "logo_url": "https://example.com/example.png", + "name": "My Bookmark App" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Conflicts with zone_id. + app_launcher_visible: (Boolean) Option to show/hide the bookmark in the app launcher. Defaults to true. + domain: (String) The domain of the bookmark application. Can include subdomains, paths, or both. + id: (String) The ID of this resource. + logo_url: (String) The image URL for the logo shown in the app launcher dashboard. + name: (String) Name of the bookmark application. + zone_id: (String) The zone identifier to target for the resource. Conflicts with account_id. + importStatements: + - $ terraform import cloudflare_access_bookmark.example / + cloudflare_access_ca_certificate: + subCategory: "" + description: Cloudflare Access can replace traditional SSH key models with short-lived certificates issued to your users based on the token generated by their Access login. + name: cloudflare_access_ca_certificate + title: cloudflare_access_ca_certificate Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "application_id": "6cd6cea3-3ef2-4542-9aea-85a0bbcd5414" + } + - name: another_example + manifest: |- + { + "application_id": "fe2be0ff-7f13-4350-8c8e-a9b9795fe3c2", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Conflicts with zone_id. + application_id: (String) The Access Application ID to associate with the CA certificate. + aud: (String) Application Audience (AUD) Tag of the CA certificate. + id: (String) The ID of this resource. + public_key: (String) Cryptographic public key of the generated CA certificate. + zone_id: (String) The zone identifier to target for the resource. Conflicts with account_id. + importStatements: + - |- + # Account level CA certificate import. + $ terraform import cloudflare_access_ca_certificate.example account// + + # Zone level CA certificate import. + $ terraform import cloudflare_access_ca_certificate.example account// + cloudflare_access_group: + subCategory: "" + description: Provides a Cloudflare Access Group resource. Access Groups are used in conjunction with Access Policies to restrict access to a particular resource based on group membership. + name: cloudflare_access_group + title: cloudflare_access_group Resource - Cloudflare + examples: + - name: test_group + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "include": [ + { + "email": [ + "test@example.com" + ] + } + ], + "name": "staging group" + } + - name: test_group + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "include": [ + { + "email": [ + "test@example.com" + ] + } + ], + "name": "staging group", + "require": { + "ip": [ + "${var.office_ip}" + ] + } + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. + any_valid_service_token: (Boolean) + attribute_name: (String) + attribute_value: (String) + auth_method: (String) + azure: (Block List) (see below for nested schema) + certificate: (Boolean) + common_name: (String) + device_posture: (List of String) + email: (List of String) + email_domain: (List of String) + evaluate_url: (String) + everyone: (Boolean) + exclude: (Block List) (see below for nested schema) + external_evaluation: '(Block List, Max: 1) (see below for nested schema)' + geo: (List of String) + github: (Block List) (see below for nested schema) + group: (List of String) + gsuite: (Block List) (see below for nested schema) + id: (String) The ID of this resource. + identity_provider_id: (String) + include: '(Block List, Min: 1) (see below for nested schema)' + ip: (List of String) + keys_url: (String) + login_method: (List of String) + name: (String) + okta: (Block List) (see below for nested schema) + require: (Block List) (see below for nested schema) + saml: (Block List) (see below for nested schema) + service_token: (List of String) + teams: (List of String) + zone_id: (String) The zone identifier to target for the resource. Conflicts with account_id. + importStatements: + - $ terraform import cloudflare_access_group.example / + cloudflare_access_identity_provider: + subCategory: "" + description: Provides a Cloudflare Access Identity Provider resource. Identity Providers are used as an authentication or authorisation source within Access. + name: cloudflare_access_identity_provider + title: cloudflare_access_identity_provider Resource - Cloudflare + examples: + - name: pin_login + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "name": "PIN login", + "type": "onetimepin" + } + - name: github_oauth + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "config": [ + { + "client_id": "example", + "client_secret": "secret_key" + } + ], + "name": "GitHub OAuth", + "type": "github" + } + - name: jumpcloud_saml + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "config": [ + { + "attributes": [ + "email", + "username" + ], + "idp_public_cert": "MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg\nuTnQyuOqPuHbnN83d/2l1NSYKCbHt24o", + "issuer_url": "jumpcloud", + "sign_request": false, + "sso_target_url": "https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess" + } + ], + "name": "JumpCloud SAML", + "type": "saml" + } + - name: okta + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "config": [ + { + "api_token": "okta_api_token", + "client_id": "example", + "client_secret": "secret_key", + "okta_account": "https://example.com" + } + ], + "name": "Okta", + "type": "okta" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. + api_token: (String) + apps_domain: (String) + attributes: (List of String) + auth_url: (String) + centrify_account: (String) + centrify_app_id: (String) + certs_url: (String) + client_id: (String) + client_secret: (String) + config: (Block List) Provider configuration from the developer documentation. (see below for nested schema) + directory_id: (String) + email_attribute_name: (String) + id: (String) The ID of this resource. + idp_public_cert: (String) + issuer_url: (String) + name: (String) Friendly name of the Access Identity Provider configuration. + okta_account: (String) + onelogin_account: (String) + pkce_enabled: (Boolean) + redirect_url: (String) + sign_request: (Boolean) + sso_target_url: (String) + support_groups: (Boolean) + token_url: (String) + type: '(String) The provider type to use. Available values: centrify, facebook, google-apps, oidc, github, google, saml, linkedin, azureAD, okta, onetimepin, onelogin, yandex.' + zone_id: (String) The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource. + importStatements: + - $ terraform import cloudflare_access_identity_provider.example / + cloudflare_access_keys_configuration Resource - Cloudflare: + subCategory: "" + description: Access Keys Configuration defines the rotation policy for the keys that access will use to sign data. + name: cloudflare_access_keys_configuration Resource - Cloudflare + title: cloudflare_access_keys_configuration Resource - Cloudflare + argumentDocs: + account_id: (String) The account identifier to target for the resource. + id: (String) The ID of this resource. + key_rotation_interval_days: (Number) Number of days to trigger a rotation of the keys. + importStatements: [] + cloudflare_access_mutual_tls_certificate: + subCategory: "" + description: Provides a Cloudflare Access Mutual TLS Certificate resource. Mutual TLS authentication ensures that the traffic is secure and trusted in both directions between a client and server and can be used with Access to only allows requests from devices with a corresponding client certificate. + name: cloudflare_access_mutual_tls_certificate + title: cloudflare_access_mutual_tls_certificate Resource - Cloudflare + examples: + - name: my_cert + manifest: |- + { + "associated_hostnames": [ + "staging.example.com" + ], + "certificate": "${var.ca_pem}", + "name": "My Root Cert", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + references: + certificate: var.ca_pem + argumentDocs: + account_id: (String) The account identifier to target for the resource. Conflicts with zone_id. + associated_hostnames: (List of String) The hostnames that will be prompted for this certificate. + certificate: (String) The Root CA for your certificates. + fingerprint: (String) + id: (String) The ID of this resource. + name: (String) The name of the certificate. + zone_id: (String) The zone identifier to target for the resource. Conflicts with account_id. + importStatements: + - |- + # Account level import. + $ terraform import cloudflare_access_mutual_tls_certificate.example account// + + # Zone level import. + $ terraform import cloudflare_access_mutual_tls_certificate.example zone// + cloudflare_access_organization: + subCategory: "" + description: A Zero Trust organization defines the user login experience. + name: cloudflare_access_organization + title: cloudflare_access_organization Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "auth_domain": "example.cloudflareaccess.com", + "is_ui_read_only": false, + "login_design": [ + { + "background_color": "#ffffff", + "footer_text": "My footer text", + "header_text": "My header text", + "logo_path": "https://example.com/logo.png", + "text_color": "#000000" + } + ], + "name": "example.cloudflareaccess.com" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Conflicts with zone_id. + auth_domain: (String) The unique subdomain assigned to your Zero Trust organization. + background_color: (String) The background color on the login page. + footer_text: (String) The text at the bottom of the login page. + header_text: (String) The text at the top of the login page. + id: (String) The ID of this resource. + is_ui_read_only: (Boolean) When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. + login_design: (Block List) (see below for nested schema) + logo_path: (String) The URL of the logo on the login page. + name: (String) The name of your Zero Trust organization. + text_color: (String) The text color on the login page. + zone_id: (String) The zone identifier to target for the resource. Conflicts with account_id. + importStatements: + - $ terraform import cloudflare_access_organization.example + cloudflare_access_policy: + subCategory: "" + description: Provides a Cloudflare Access Policy resource. Access Policies are used in conjunction with Access Applications to restrict access to a particular resource. + name: cloudflare_access_policy + title: cloudflare_access_policy Resource - Cloudflare + examples: + - name: test_policy + manifest: |- + { + "application_id": "cb029e245cfdd66dc8d2e570d5dd3322", + "decision": "allow", + "include": [ + { + "email": [ + "test@example.com" + ] + } + ], + "name": "staging policy", + "precedence": "1", + "require": [ + { + "email": [ + "test@example.com" + ] + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: test_policy + manifest: |- + { + "application_id": "cb029e245cfdd66dc8d2e570d5dd3322", + "decision": "allow", + "include": [ + { + "email": [ + "test@example.com" + ] + } + ], + "name": "staging policy", + "precedence": "1", + "require": [ + { + "ip": [ + "${var.office_ip}" + ] + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Conflicts with zone_id. + any_valid_service_token: (Boolean) + application_id: (String) The ID of the application the policy is associated with. + approval_group: (Block List) (see below for nested schema) + approval_required: (Boolean) + approvals_needed: (Number) Number of approvals needed. + attribute_name: (String) + attribute_value: (String) + auth_method: (String) + azure: (Block List) (see below for nested schema) + certificate: (Boolean) + common_name: (String) + decision: '(String) Defines the action Access will take if the policy matches the user. Available values: allow, deny, non_identity, bypass.' + device_posture: (List of String) + email: (List of String) + email_addresses: (List of String) List of emails to request approval from. + email_domain: (List of String) + email_list_uuid: (String) + evaluate_url: (String) + everyone: (Boolean) + exclude: (Block List) A series of access conditions, see Access Groups. (see below for nested schema) + external_evaluation: '(Block List, Max: 1) (see below for nested schema)' + geo: (List of String) + github: (Block List) (see below for nested schema) + group: (List of String) + gsuite: (Block List) (see below for nested schema) + id: (String) The ID of this resource. + identity_provider_id: (String) + include: '(Block List, Min: 1) A series of access conditions, see Access Groups. (see below for nested schema)' + ip: (List of String) + keys_url: (String) + login_method: (List of String) + name: (String) Friendly name of the Access Policy. + okta: (Block List) (see below for nested schema) + precedence: (Number) The unique precedence for policies on a single application. + purpose_justification_prompt: (String) The prompt to display to the user for a justification for accessing the resource. Required when using purpose_justification_required. + purpose_justification_required: (Boolean) Whether to prompt the user for a justification for accessing the resource. + require: (Block List) A series of access conditions, see Access Groups. (see below for nested schema) + saml: (Block List) (see below for nested schema) + service_token: (List of String) + teams: (List of String) + zone_id: (String) The zone identifier to target for the resource. Conflicts with account_id. + importStatements: + - |- + # Account level import. + $ terraform import cloudflare_access_policy.example account/// + + # Zone level import. + $ terraform import cloudflare_access_policy.example zone/// + cloudflare_access_rule: + subCategory: "" + description: Provides a Cloudflare IP Firewall Access Rule resource. Access control can be applied on basis of IP addresses, IP ranges, AS numbers or countries. + name: cloudflare_access_rule + title: cloudflare_access_rule Resource - Cloudflare + examples: + - name: tor_exit_nodes + manifest: |- + { + "configuration": [ + { + "target": "country", + "value": "T1" + } + ], + "mode": "challenge", + "notes": "Requests coming from known Tor exit nodes", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: antarctica + manifest: |- + { + "configuration": [ + { + "target": "country", + "value": "AQ" + } + ], + "mode": "whitelist", + "notes": "Requests coming from Antarctica", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: office_network + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "configuration": [ + { + "target": "ip_range", + "value": "${element(var.my_office, count.index)}" + } + ], + "count": "${length(var.my_office)}", + "mode": "whitelist", + "notes": "Requests coming from office network" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + configuration: '(Block List, Min: 1, Max: 1) Rule configuration to apply to a matched request. Modifying this attribute will force creation of a new resource. (see below for nested schema)' + id: (String) The ID of this resource. + mode: '(String) The action to apply to a matched request. Available values: block, challenge, whitelist, js_challenge, managed_challenge.' + notes: (String) A personal note about the rule. Typically used as a reminder or explanation for the rule. + target: '(String) The request property to target. Available values: ip, ip6, ip_range, asn, country. Modifying this attribute will force creation of a new resource.' + value: (String) The value to target. Depends on target's type. Modifying this attribute will force creation of a new resource. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: + - |- + # User level access rule import. + $ terraform import cloudflare_access_rule.default user// + + # Zone level access rule import. + $ terraform import cloudflare_access_rule.default zone// + + # Account level access rule import. + $ terraform import cloudflare_access_rule.default account// + cloudflare_access_service_token: + subCategory: "" + description: Access Service Tokens are used for service-to-service communication when an application is behind Cloudflare Access. + name: cloudflare_access_service_token + title: cloudflare_access_service_token Resource - Cloudflare + examples: + - name: my_app + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "name": "CI/CD app" + } + - name: my_app + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "lifecycle": [ + { + "create_before_destroy": true + } + ], + "min_days_for_renewal": 30, + "name": "CI/CD app renewed" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Conflicts with zone_id. + client_id: (String) UUID client ID associated with the Service Token. Modifying this attribute will force creation of a new resource. + client_secret: (String, Sensitive) A secret for interacting with Access protocols. Modifying this attribute will force creation of a new resource. + expires_at: (String) Date when the token expires. + id: (String) The ID of this resource. + min_days_for_renewal: (Number) Refresh the token if terraform is run within the specified amount of days before expiration. Defaults to 0. + name: (String) Friendly name of the token's intent. + zone_id: (String) The zone identifier to target for the resource. Conflicts with account_id. + importStatements: + - |- + # If you are importing an Access Service Token you will not have the + # client_secret available in the state for use. The client_secret is only + # available once, at creation. In most cases, it is better to just create a new + # resource should you need to reference it in other resources. + $ terraform import cloudflare_access_service_token.example / + cloudflare_account: + subCategory: "" + description: Provides a Cloudflare Account resource. Account is the basic resource for working with Cloudflare zones, teams and users. + name: cloudflare_account + title: cloudflare_account Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "enforce_twofactor": true, + "name": "some-enterprise-account", + "type": "enterprise" + } + argumentDocs: + enforce_twofactor: (Boolean) Whether 2FA is enforced on the account. Defaults to false. + id: (String) The ID of this resource. + name: (String) The name of the account that is displayed in the Cloudflare dashboard. + type: '(String) Account type. Available values: enterprise, standard. Defaults to standard. Modifying this attribute will force creation of a new resource.' + importStatements: + - $ terraform import cloudflare_account.example + cloudflare_account_member: + subCategory: "" + description: Provides a resource which manages Cloudflare account members. + name: cloudflare_account_member + title: cloudflare_account_member Resource - Cloudflare + examples: + - name: example_user + manifest: |- + { + "email_address": "user@example.com", + "role_ids": [ + "68b329da9893e34099c7d8ad5cb9c940", + "d784fa8b6d98d27699781bd9a7cf19f0" + ] + } + argumentDocs: + account_id: (String) Account ID to create the account member in. + email_address: (String) The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. + id: (String) The ID of this resource. + role_ids: (Set of String) List of account role IDs that you want to assign to a member. + status: '(String) A member''s status in the account. Available values: accepted, pending.' + importStatements: + - $ terraform import cloudflare_account_member.example / + cloudflare_api_shield: + subCategory: "" + description: Provides a resource to manage API Shield configurations. + name: cloudflare_api_shield + title: cloudflare_api_shield Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "auth_id_characteristics": [ + { + "name": "my-example-header", + "type": "header" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + auth_id_characteristics: (Block List) Characteristics define properties across which auth-ids can be computed in a privacy-preserving manner. (see below for nested schema) + id: (String) The ID of this resource. + name: (String) The name of the characteristic. + type: '(String) The type of characteristic. Available values: header, cookie.' + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: [] + cloudflare_api_token: + subCategory: "" + description: Provides a resource which manages Cloudflare API tokens. Read more about permission groups and their applicable scopes in the developer documentation https://developers.cloudflare.com/api/tokens/create/permissions. + name: cloudflare_api_token + title: cloudflare_api_token Resource - Cloudflare + examples: + - name: api_token_create + manifest: |- + { + "condition": [ + { + "request_ip": [ + { + "in": [ + "192.0.2.1/32" + ], + "not_in": [ + "198.51.100.1/32" + ] + } + ] + } + ], + "name": "api_token_create", + "policy": [ + { + "expires_on": "2020-01-01T00:00:00Z", + "not_before": "2018-07-01T05:20:00Z", + "permission_groups": [ + "${data.cloudflare_api_token_permission_groups.all.permissions[\"API Tokens Write\"]}" + ], + "resources": { + "com.cloudflare.api.user.${var.user_id}": "*" + } + } + ] + } + - name: logs_account_all + manifest: |- + { + "name": "logs_account_all", + "policy": [ + { + "permission_groups": [ + "${data.cloudflare_api_token_permission_groups.all.permissions[\"Access: Audit Logs Read\"]}" + ], + "resources": { + "com.cloudflare.api.account.*": "*" + } + } + ] + } + - name: logs_account + manifest: |- + { + "name": "logs_account", + "policy": [ + { + "permission_groups": [ + "${data.cloudflare_api_token_permission_groups.all.permissions[\"Access: Audit Logs Read\"]}" + ], + "resources": { + "com.cloudflare.api.account.${var.account_id}": "*" + } + } + ] + } + - name: dns_tls_edit + manifest: |- + { + "name": "dns_tls_edit", + "policy": [ + { + "permission_groups": [ + "${data.cloudflare_api_token_permission_groups.all.permissions[\"DNS Write\"]}", + "${data.cloudflare_api_token_permission_groups.all.permissions[\"SSL and Certificates Write\"]}" + ], + "resources": { + "com.cloudflare.api.account.zone.${var.zone_id}": "*" + } + } + ] + } + - name: dns_tls_edit_all_except_one + manifest: |- + { + "name": "dns_tls_edit_all_except_one", + "policy": [ + { + "permission_groups": [ + "${data.cloudflare_api_token_permission_groups.all.permissions[\"DNS Write\"]}" + ], + "resources": { + "com.cloudflare.api.account.zone.*": "*" + } + }, + { + "effect": "deny", + "permission_groups": [ + "${data.cloudflare_api_token_permission_groups.all.permissions[\"DNS Write\"]}" + ], + "resources": { + "com.cloudflare.api.account.zone.${var.zone_id}": "*" + } + } + ] + } + - name: dns_edit_all_account + manifest: |- + { + "name": "dns_edit_all_account", + "policy": [ + { + "permission_groups": [ + "${data.cloudflare_api_token_permission_groups.all.permissions[\"DNS Write\"]}" + ], + "resources": { + "com.cloudflare.api.account.${var.account_id}": "${jsonencode({\n \"com.cloudflare.api.account.zone.*\" = \"*\"\n })}" + } + } + ] + } + argumentDocs: + condition: '(Block List, Max: 1) Conditions under which the token should be considered valid. (see below for nested schema)' + effect: '(String) Effect of the policy. Available values: allow, deny. Defaults to allow.' + expires_on: (String) The expiration time on or after which the token MUST NOT be accepted for processing. + id: (String) The ID of this resource. + in: (Set of String) List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. + issued_on: (String) Timestamp of when the token was issued. + modified_on: (String) Timestamp of when the token was last modified. + name: (String) Name of the API Token. + not_before: (String) The time before which the token MUST NOT be accepted for processing. + not_in: (Set of String) List of IP addresses or CIDR notation where the token should not be used from. + permission_groups: (Set of String) List of permissions groups IDs. See documentation for more information. + policy: '(Block Set, Min: 1) Permissions policy. Multiple policy blocks can be defined. (see below for nested schema)' + request_ip: '(Block List, Max: 1) Request IP related conditions. (see below for nested schema)' + resources: (Map of String) Describes what operations against which resources are allowed or denied. + status: (String) + value: (String, Sensitive) The value of the API Token. + importStatements: [] + cloudflare_argo: + subCategory: "" + description: Cloudflare Argo controls the routing to your origin and tiered caching options to speed up your website browsing experience. + name: cloudflare_argo + title: cloudflare_argo Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "smart_routing": "on", + "tiered_caching": "on", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + id: (String) The ID of this resource. + smart_routing: '(String) Whether smart routing is enabled. Available values: on, off.' + tiered_caching: '(String) Whether tiered caching is enabled. Available values: on, off.' + zone_id: (String) The zone identifier to target for the resource. + importStatements: + - $ terraform import cloudflare_argo.example + cloudflare_argo_tunnel: + subCategory: "" + description: Provides the ability to manage Cloudflare Argo Tunnels. + name: cloudflare_argo_tunnel + title: cloudflare_argo_tunnel + examples: + - name: example + manifest: |- + { + "account_id": "d41d8cd98f00b204e9800998ecf8427e", + "name": "my-tunnel", + "secret": "AQIDBAUGBwgBAgMEBQYHCAECAwQFBgcIAQIDBAUGBwg=" + } + argumentDocs: + account_id: '- (Required) The Cloudflare account ID that you wish to manage the Argo Tunnel on.' + cname: '- Usable CNAME for accessing the Argo Tunnel.' + d41d8cd98f00b204e9800998ecf8427e: is the account ID + fd2455cb-5fcc-4c13-8738-8d8d2605237f: is the Argo Tunnel UUID + name: '- (Required) A user-friendly name chosen when the tunnel is created. Cannot be empty.' + secret: '- (Required) 32 or more bytes, encoded as a base64 string. The Create Argo Tunnel endpoint sets this as the tunnel''s password. Anyone wishing to run the tunnel needs this password.' + tunnel_token: '- Token used by a connector to authenticate and run the tunnel.' + importStatements: [] + cloudflare_authenticated_origin_pulls: + subCategory: "" + description: Provides a Cloudflare Authenticated Origin Pulls resource. + name: cloudflare_authenticated_origin_pulls + title: cloudflare_authenticated_origin_pulls + examples: + - name: my_aop + manifest: |- + { + "enabled": true, + "zone_id": "${var.cloudflare_zone_id}" + } + dependencies: + cloudflare_authenticated_origin_pulls_certificate.my_per_hostname_aop_cert: |- + { + "certificate": "-----INSERT CERTIFICATE-----", + "private_key": "-----INSERT PRIVATE KEY-----", + "type": "per-hostname", + "zone_id": "${var.cloudflare_zone_id}" + } + cloudflare_authenticated_origin_pulls_certificate.my_per_zone_aop_cert: |- + { + "certificate": "-----INSERT CERTIFICATE-----", + "private_key": "-----INSERT PRIVATE KEY-----", + "type": "per-zone", + "zone_id": "${var.cloudflare_zone_id}" + } + - name: my_per_zone_aop + manifest: |- + { + "authenticated_origin_pulls_certificate": "${cloudflare_authenticated_origin_pulls_certificate.my_per_zone_aop_cert.id}", + "enabled": true, + "zone_id": "${var.cloudflare_zone_id}" + } + references: + authenticated_origin_pulls_certificate: cloudflare_authenticated_origin_pulls_certificate.my_per_zone_aop_cert.id + dependencies: + cloudflare_authenticated_origin_pulls_certificate.my_per_hostname_aop_cert: |- + { + "certificate": "-----INSERT CERTIFICATE-----", + "private_key": "-----INSERT PRIVATE KEY-----", + "type": "per-hostname", + "zone_id": "${var.cloudflare_zone_id}" + } + cloudflare_authenticated_origin_pulls_certificate.my_per_zone_aop_cert: |- + { + "certificate": "-----INSERT CERTIFICATE-----", + "private_key": "-----INSERT PRIVATE KEY-----", + "type": "per-zone", + "zone_id": "${var.cloudflare_zone_id}" + } + - name: my_per_hostname_aop + manifest: |- + { + "authenticated_origin_pulls_certificate": "${cloudflare_authenticated_origin_pulls_certificate.my_per_hostname_aop_cert.id}", + "enabled": true, + "hostname": "aop.example.com", + "zone_id": "${var.cloudflare_zone_id}" + } + references: + authenticated_origin_pulls_certificate: cloudflare_authenticated_origin_pulls_certificate.my_per_hostname_aop_cert.id + dependencies: + cloudflare_authenticated_origin_pulls_certificate.my_per_hostname_aop_cert: |- + { + "certificate": "-----INSERT CERTIFICATE-----", + "private_key": "-----INSERT PRIVATE KEY-----", + "type": "per-hostname", + "zone_id": "${var.cloudflare_zone_id}" + } + cloudflare_authenticated_origin_pulls_certificate.my_per_zone_aop_cert: |- + { + "certificate": "-----INSERT CERTIFICATE-----", + "private_key": "-----INSERT PRIVATE KEY-----", + "type": "per-zone", + "zone_id": "${var.cloudflare_zone_id}" + } + argumentDocs: + authenticated_origin_pulls_certificate: '- (Optional) The id of an uploaded Authenticated Origin Pulls certificate. If no hostname is provided, this certificate will be used zone wide as Per-Zone Authenticated Origin Pulls.' + enabled: '- (Required) Whether or not to enable Authenticated Origin Pulls on the given zone or hostname.' + hostname: '- (Optional) Specify a hostname to enable Per-Hostname Authenticated Origin Pulls on, using the provided certificate.' + zone_id: '- (Required) The zone ID to upload the certificate to.' + importStatements: [] + cloudflare_authenticated_origin_pulls_certificate: + subCategory: "" + description: Provides a Cloudflare Authenticated Origin Pulls certificate resource. + name: cloudflare_authenticated_origin_pulls_certificate + title: cloudflare_authenticated_origin_pulls_certificate + examples: + - name: my_per_zone_aop_cert + manifest: |- + { + "certificate": "-----INSERT CERTIFICATE-----", + "private_key": "-----INSERT PRIVATE KEY-----", + "type": "per-zone", + "zone_id": "${var.cloudflare_zone_id}" + } + - name: my_per_hostname_aop_cert + manifest: |- + { + "certificate": "-----INSERT CERTIFICATE-----", + "private_key": "-----INSERT PRIVATE KEY-----", + "type": "per-hostname", + "zone_id": "${var.cloudflare_zone_id}" + } + argumentDocs: + certificate: '- (Required) The public client certificate.' + private_key: '- (Required) The private key of the client certificate.' + type: '- (Required) The form of Authenticated Origin Pulls to upload the certificate to.' + zone_id: '- (Required) The zone ID to upload the certificate to.' + importStatements: [] + cloudflare_byo_ip_prefix: + subCategory: "" + description: Provides the ability to manage Bring-Your-Own-IP prefixes (BYOIP) which are used with or without Magic Transit. + name: cloudflare_byo_ip_prefix + title: cloudflare_byo_ip_prefix Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "advertisement": "on", + "description": "Example IP Prefix", + "prefix_id": "d41d8cd98f00b204e9800998ecf8427e" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. + advertisement: '(String) Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: on, off.' + description: (String) Description of the BYO IP prefix. + id: (String) The ID of this resource. + prefix_id: (String) The assigned Bring-Your-Own-IP prefix ID. Modifying this attribute will force creation of a new resource. + importStatements: + - $ terraform import cloudflare_byo_ip_prefix.example / + cloudflare_certificate_pack: + subCategory: "" + description: Provides a Cloudflare Certificate Pack resource that is used to provision managed TLS certificates. + name: cloudflare_certificate_pack + title: cloudflare_certificate_pack Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "certificate_authority": "digicert", + "cloudflare_branding": false, + "hosts": [ + "example.com", + "sub.example.com" + ], + "type": "advanced", + "validation_method": "txt", + "validity_days": 30, + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: example + manifest: |- + { + "certificate_authority": "lets_encrypt", + "cloudflare_branding": false, + "hosts": [ + "example.com", + "*.example.com" + ], + "type": "advanced", + "validation_method": "http", + "validity_days": 90, + "wait_for_active_status": true, + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + certificate_authority: '(String) Which certificate authority to issue the certificate pack. Available values: digicert, lets_encrypt, google. Modifying this attribute will force creation of a new resource.' + cloudflare_branding: (Boolean) Whether or not to include Cloudflare branding. This will add sni.cloudflaressl.com as the Common Name if set to true. Modifying this attribute will force creation of a new resource. + cname_name: (String) + cname_target: (String) + emails: (List of String) + hosts: '(Set of String) List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let''s Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. Modifying this attribute will force creation of a new resource.' + http_body: (String) + http_url: (String) + id: (String) The ID of this resource. + message: (String) + txt_name: (String) + txt_value: (String) + type: '(String) Certificate pack configuration type. Available values: advanced. Modifying this attribute will force creation of a new resource.' + validation_errors: (Block List) (see below for nested schema) + validation_method: '(String) Which validation method to use in order to prove domain ownership. Available values: txt, http, email. Modifying this attribute will force creation of a new resource.' + validation_records: (Block List) (see below for nested schema) + validity_days: '(Number) How long the certificate is valid for. Note: If using Let''s Encrypt, this value can only be 90 days. Available values: 14, 30, 90, 365. Modifying this attribute will force creation of a new resource.' + wait_for_active_status: (Boolean) Whether or not to wait for a certificate pack to reach status active during creation. Defaults to false. Modifying this attribute will force creation of a new resource. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: + - $ terraform import cloudflare_certificate_pack.example 1d5fdc9e88c8a8c4518b068cd94331fe/8fda82e2-6af9-4eb2-992a-5ab65b792ef1 + cloudflare_custom_hostname: + subCategory: "" + description: Provides a Cloudflare custom hostname (also known as SSL for SaaS) resource. + name: cloudflare_custom_hostname + title: cloudflare_custom_hostname Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "hostname": "hostname.example.com", + "ssl": [ + { + "method": "txt" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + certificate_authority: (String) + ciphers: (Set of String) List of SSL/TLS ciphers to associate with this certificate. + cname_name: (String) + cname_target: (String) + custom_certificate: (String) If a custom uploaded certificate is used. + custom_key: (String) The key for a custom uploaded certificate. + custom_metadata: (Map of String) Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. + custom_origin_server: (String) The custom origin server used for certificates. + custom_origin_sni: (String) The custom origin SNI used for certificates. + early_hints: '(String) Whether early hints should be supported. Available values: on, off.' + emails: (List of String) + hostname: (String) Hostname you intend to request a certificate for. Modifying this attribute will force creation of a new resource. + http_body: (String) + http_url: (String) + http2: '(String) Whether HTTP2 should be supported. Available values: on, off.' + id: (String) The ID of this resource. + message: (String) + method: '(String) Domain control validation (DCV) method used for this hostname. Available values: http, txt, email.' + min_tls_version: '(String) Lowest version of TLS this certificate should support. Available values: 1.0, 1.1, 1.2, 1.3.' + ownership_verification: (Map of String) + ownership_verification_http: (Map of String) + settings: (Block List) SSL/TLS settings for the certificate. (see below for nested schema) + ssl: (Block List) SSL configuration of the certificate. (see below for nested schema) + status: (String) Status of the certificate. + tls13: '(String) Whether TLSv1.3 should be supported. Available values: on, off.' + txt_name: (String) + txt_value: (String) + type: '(String) Level of validation to be used for this hostname. Available values: dv. Defaults to dv.' + validation_errors: (List of Object) (see below for nested schema) + validation_records: (List of Object) (see below for nested schema) + wait_for_ssl_pending_validation: (Boolean) Whether to wait for a custom hostname SSL sub-object to reach status pending_validation during creation. Defaults to false. + wildcard: (Boolean) Indicates whether the certificate covers a wildcard. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: + - $ terraform import cloudflare_custom_hostname.example 1d5fdc9e88c8a8c4518b068cd94331fe/0d89c70d-ad9f-4843-b99f-6cc0252067e9 + cloudflare_custom_hostname_fallback_origin: + subCategory: "" + description: Provides a Cloudflare custom hostname fallback origin resource. + name: cloudflare_custom_hostname_fallback_origin + title: cloudflare_custom_hostname_fallback_origin + examples: + - name: fallback_origin + manifest: |- + { + "origin": "fallback.example.com", + "zone_id": "d41d8cd98f00b204e9800998ecf8427e" + } + argumentDocs: + origin: '- (Required) Hostname you intend to fallback requests to. Origin must be a proxied A/AAAA/CNAME DNS record within Clouldflare.' + status: '- Status of the fallback origin''s activation.' + zone_id: '- (Required) The DNS zone ID where the custom hostname should be assigned.' + importStatements: [] + cloudflare_custom_pages: + subCategory: "" + description: Provides a resource which manages Cloudflare custom pages. + name: cloudflare_custom_pages + title: cloudflare_custom_pages + examples: + - name: basic_challenge + manifest: |- + { + "state": "customized", + "type": "basic_challenge", + "url": "https://example.com/challenge.html", + "zone_id": "d41d8cd98f00b204e9800998ecf8427e" + } + argumentDocs: + account_id: |- + - (Optional) The account ID where the custom pages should be + updated. Either account_id or zone_id must be provided. If + account_id is present, it will override the zone setting. + customPageLevel: '- Either account or zone.' + identifier: '- The ID of the account or zone you intend to manage.' + pageType: '- The value from the type argument.' + state: |- + - (Required) Managed state of the custom page. Must be one of + default, customized. If the value is default it will be removed + from the Terraform state management. + type: |- + - (Required) The type of custom page you wish to update. Must + be one of basic_challenge, waf_challenge, waf_block, + ratelimit_block, country_challenge, ip_block, under_attack, + 500_errors, 1000_errors, always_online, managed_challenge. + url: '- (Required) URL of where the custom page source is located.' + zone_id: |- + - (Optional) The zone ID where the custom pages should be + updated. Either zone_id or account_id must be provided. + importStatements: [] + cloudflare_custom_ssl: + subCategory: "" + description: Provides a Cloudflare custom SSL resource. + name: cloudflare_custom_ssl + title: cloudflare_custom_ssl + examples: + - name: foossl + manifest: |- + { + "custom_ssl_options": [ + {} + ], + "zone_id": "${var.cloudflare_zone_id}" + } + argumentDocs: + bundle_method: '- (Optional) Method of building intermediate certificate chain. A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. Valid values are ubiquitous (default), optimal, force.' + certificate: '- (Required) Certificate certificate and the intermediate(s)' + custom_ssl_options: '- (Required) The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type.' + geo_restrictions: '- (Optional) Specifies the region where your private key can be held locally. Valid values are us, eu, highest_security.' + private_key: '- (Required) Certificate''s private key' + type: '- (Optional) Whether to enable support for legacy clients which do not include SNI in the TLS handshake. Valid values are legacy_custom (default), sni_custom.' + zone_id: '- (Required) The DNS zone id to the custom ssl cert should be added.' + importStatements: [] + cloudflare_device_policy_certificates: + subCategory: "" + description: Provides a Cloudflare Device Policy Certificates resource. + name: cloudflare_device_policy_certificates + title: cloudflare_device_policy_certificates + examples: + - name: example + manifest: |- + { + "enabled": true, + "zone_id": "1d5fdc9e88c8a8c4518b068cd94331fe" + } + argumentDocs: + enabled: '- (Required) True if certificate generation is enabled.' + id: '- ID of the device policy certificates setting.' + zone_id: '- (Required) The zone ID where certificate generation is allowed.' + importStatements: [] + cloudflare_device_posture_integration: + subCategory: "" + description: Provides a Cloudflare Device Posture Integration resource. + name: cloudflare_device_posture_integration + title: cloudflare_device_posture_integration + examples: + - name: third_party_devices_posture_integration + manifest: |- + { + "account_id": "1d5fdc9e88c8a8c4518b068cd94331fe", + "config": [ + { + "api_url": "https://example.com/api", + "auth_url": "https://example.com/connect/token", + "client_id": "client-id", + "client_secret": "client-secret" + } + ], + "interval": "24h", + "name": "Device posture integration", + "type": "workspace_one" + } + argumentDocs: + account_id: '- (Required) The account to which the device posture integration should be added.' + api_url: '- (Required) The third-party API''s URL.' + auth_url: '- (Required) The third-party authorization API URL.' + client_id: '- (Required) The client identifier for authenticating API calls.' + client_key: '- (Required) The client key for authenticating API calls.' + client_secret: '- (Required) The client secret for authenticating API calls.' + config: '- (Required) The device posture integration''s connection authorization parameters.' + customer_id: '- (Required) The customer identifier for authenticating API calls.' + id: '- ID of the device posture integration.' + interval: |- + - (Optional) Indicates the frequency with which to poll the third-party API. + Must be in the format "1h" or "30m". Valid units are h and m. + name: '- (Optional) Name of the device posture integration.' + type: '- (Required) The device posture integration type. Valid values are workspace_one.' + importStatements: [] + cloudflare_device_posture_rule: + subCategory: "" + description: Provides a Cloudflare Device Posture Rule resource. Device posture rules configure security policies for device posture checks. + name: cloudflare_device_posture_rule + title: cloudflare_device_posture_rule Resource - Cloudflare + examples: + - name: eaxmple + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "description": "Device posture rule for corporate devices.", + "expiration": "24h", + "input": [ + { + "id": "${cloudflare_teams_list.corporate_devices.id}", + "operator": "\u003c", + "os_distro_name": "ubuntu", + "os_distro_revision": "1.0.0", + "version": "1.0.0" + } + ], + "match": [ + { + "platform": "linux" + } + ], + "name": "Corporate devices posture rule", + "schedule": "24h", + "type": "os_version" + } + references: + input.id: cloudflare_teams_list.corporate_devices.id + argumentDocs: + account_id: (String) The account identifier to target for the resource. + compliance_status: (String) The workspace one device compliance status. + connection_id: (String) The workspace one connection id. + description: (String) + domain: (String) The domain that the client must join. + enabled: (Boolean) True if the firewall must be enabled. + exists: (Boolean) Checks if the file should exist. + expiration: (String) Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m. + id: (String) The ID of this resource. + input: (Block List) (see below for nested schema) + match: (Block List) The conditions that the client must match to run the rule. (see below for nested schema) + name: (String) Name of the device posture rule. + operator: (String) The version comparison operator. + os_distro_name: (String) The operating system excluding version information. + os_distro_revision: (String) The operating system version excluding OS name information or release name. + path: (String) The path to the file. + platform: '(String) The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.' + require_all: (Boolean) True if all drives must be encrypted. + running: (Boolean) Checks if the application should be running. + schedule: (String) Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m. + sha256: (String) The sha256 hash of the file. + thumbprint: (String) The thumbprint of the file certificate. + type: '(String) The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, workspace_one, unique_client_id.' + version: (String) The operating system semantic version. + importStatements: + - $ terraform import cloudflare_device_posture_rule.example / + cloudflare_device_settings_policy: + subCategory: "" + description: Provides a Cloudflare Device Settings Policy resource. Device policies configure settings applied to WARP devices. + name: cloudflare_device_settings_policy + title: cloudflare_device_settings_policy Resource - Cloudflare + examples: + - name: developer_warp_policy + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "allow_mode_switch": true, + "allow_updates": true, + "allowed_to_leave": true, + "auto_connect": 0, + "captive_portal": 5, + "default": false, + "disable_auto_fallback": true, + "enabled": true, + "match": "any(identity.groups.name[*] in {\"Developers\"})", + "name": "Developers WARP settings policy", + "precedence": 10, + "service_mode_v2_mode": "warp", + "service_mode_v2_port": 3000, + "support_url": "https://cloudflare.com", + "switch_locked": true + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. + allow_mode_switch: (Boolean) Whether to allow mode switch for this policy. + allow_updates: (Boolean) Whether to allow updates under this policy. + allowed_to_leave: (Boolean) Whether to allow devices to leave the organization. Defaults to true. + auto_connect: (Number) The amount of time in minutes to reconnect after having been disabled. + captive_portal: (Number) The captive portal value for this policy. Defaults to 180. + default: (Boolean) Whether the policy refers to the default account policy. + disable_auto_fallback: (Boolean) Whether to disable auto fallback for this policy. + enabled: (Boolean) Whether the policy is enabled (cannot be set for default policies). Defaults to true. + id: (String) The ID of this resource. + match: (String) Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. + name: (String) Name of the policy. + precedence: (Number) The precedence of the policy. Lower values indicate higher precedence. + service_mode_v2_mode: (String) The service mode. Defaults to warp. + service_mode_v2_port: (Number) The port to use for the proxy service mode. Required when using service_mode_v2_mode. + support_url: (String) The support URL that will be opened when sending feedback. + switch_locked: (Boolean) Enablement of the ZT client switch lock. + importStatements: + - |- + # For default device settings policies you must use "default" as the policy ID. + $ terraform import cloudflare_device_settings_policy.example / + cloudflare_dlp_profile: + subCategory: "" + description: Provides a Cloudflare DLP Profile resource. Data Loss Prevention profiles are a set of entries that can be matched in HTTP bodies or files. They are referenced in Zero Trust Gateway rules. + name: cloudflare_dlp_profile + title: cloudflare_dlp_profile Resource - Cloudflare + examples: + - name: example_predefined + manifest: |- + { + "account_id": "0da42c8d2132a9ddaf714f9e7c920711", + "entry": [ + { + "enabled": true, + "name": "Mastercard Card Number" + }, + { + "enabled": false, + "name": "Union Pay Card Number" + } + ], + "name": "Example Predefined Profile", + "type": "predefined" + } + - name: example_custom + manifest: |- + { + "account_id": "0da42c8d2132a9ddaf714f9e7c920711", + "description": "A profile with example entries", + "entry": [ + { + "enabled": true, + "name": "Matches visa credit cards", + "pattern": [ + { + "regex": "4d{3}([-. ])?d{4}([-. ])?d{4}([-. ])?d{4}", + "validation": "luhn" + } + ] + }, + { + "enabled": true, + "name": "Matches diners club card", + "pattern": [ + { + "regex": "(?:0[0-5]|[68][0-9])[0-9]{11}", + "validation": "luhn" + } + ] + } + ], + "name": "Example Custom Profile", + "type": "custom" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + description: (String) Brief summary of the profile and its intended use. + enabled: (Boolean) Whether the entry is active. Defaults to false. + entry: '(Block Set, Min: 1) List of entries to apply to the profile. (see below for nested schema)' + id: (String) The ID of this resource. + name: (String) Name of the profile. Modifying this attribute will force creation of a new resource. + pattern: '(Block List, Max: 1) (see below for nested schema)' + regex: (String) The regex that defines the pattern. + type: '(String) The type of the profile. Available values: custom, predefined. Modifying this attribute will force creation of a new resource.' + validation: (String) The validation algorithm to apply with this pattern. + importStatements: + - $ terraform import cloudflare_dlp_profile.example / + cloudflare_email_routing_address: + subCategory: "" + description: Provides a resource for managing Email Routing Addresses. + name: cloudflare_email_routing_address + title: cloudflare_email_routing_address Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "email": "user@example.com" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + created: (String) The date and time the destination address has been created. + email: (String) The contact email address of the user. Modifying this attribute will force creation of a new resource. + id: (String) The ID of this resource. + modified: (String) The date and time the destination address was last modified. + tag: (String) Destination address identifier. + verified: (String) The date and time the destination address has been verified. Null means not verified yet. + importStatements: [] + cloudflare_email_routing_catch_all: + subCategory: "" + description: Provides a resource for managing Email Routing Addresses catch all behaviour. + name: cloudflare_email_routing_catch_all + title: cloudflare_email_routing_catch_all Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "action": [ + { + "type": "forward", + "value": [ + "destinationaddress@example.net" + ] + } + ], + "enabled": true, + "matcher": [ + { + "type": "all" + } + ], + "name": "example catch all", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + action: '(Block Set, Min: 1) List actions patterns. (see below for nested schema)' + enabled: (Boolean) Routing rule status. + id: (String) The ID of this resource. + matcher: '(Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema)' + name: (String) Routing rule name. + tag: (String) Routing rule identifier. + type: '(String) Type of supported action. Available values: drop, forward, worker.' + value: (List of String) A list with items in the following form. + zone_id: (String) The zone identifier to target for the resource. + importStatements: [] + cloudflare_email_routing_rule: + subCategory: "" + description: Provides a resource for managing Email Routing rules. + name: cloudflare_email_routing_rule + title: cloudflare_email_routing_rule Resource - Cloudflare + examples: + - name: main + manifest: |- + { + "action": [ + { + "type": "forward", + "value": [ + "destinationaddress@example.net" + ] + } + ], + "enabled": true, + "matcher": [ + { + "field": "to", + "type": "literal", + "value": "test@example.com" + } + ], + "name": "terraform rule", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + action: '(Block Set, Min: 1) List actions patterns. (see below for nested schema)' + enabled: (Boolean) Routing rule status. + field: (String) Field for type matcher. + id: (String) The ID of this resource. + matcher: '(Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema)' + name: (String) Routing rule name. + priority: (Number) Priority of the routing rule. + tag: (String) Routing rule identifier. + type: (String) Type of supported action. + value: (List of String) An array with items in the following form. + zone_id: (String) The zone identifier to target for the resource. + importStatements: [] + cloudflare_email_routing_settings: + subCategory: "" + description: Provides a resource for managing Email Routing settings. + name: cloudflare_email_routing_settings + title: cloudflare_email_routing_settings Resource - Cloudflare + examples: + - name: my_zone + manifest: |- + { + "enabled": "true", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + created: (String) The date and time the settings have been created. + enabled: (Boolean) State of the zone settings for Email Routing. Modifying this attribute will force creation of a new resource. + id: (String) The ID of this resource. + modified: (String) The date and time the settings have been modified. + name: (String) Domain of your zone. + skip_wizard: (Boolean) Flag to check if the user skipped the configuration wizard. + status: (String) Show the state of your account, and the type or configuration error. + tag: (String) Email Routing settings identifier. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: [] + cloudflare_fallback_domain: + subCategory: "" + description: Provides a Cloudflare Fallback Domain resource. Fallback domains are used to ignore DNS requests to a given list of domains. These DNS requests will be passed back to other DNS servers configured on existing network interfaces on the device. + name: cloudflare_fallback_domain + title: cloudflare_fallback_domain Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "domains": [ + { + "description": "Example domain", + "dns_server": [ + "192.0.2.0", + "192.0.2.1" + ], + "suffix": "example.com" + } + ] + } + dependencies: + cloudflare_device_settings_policy.developer_warp_policy: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "match": "any(identity.groups.name[*] in {\"Developers\"})", + "name": "Developers", + "precedence": 10, + "switch_locked": true + } + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "domains": [ + { + "description": "Example domain", + "dns_server": [ + "192.0.2.0", + "192.0.2.1" + ], + "suffix": "example.com" + } + ], + "dynamic": { + "domains": [ + { + "content": [ + { + "suffix": "${domains.value}" + } + ], + "for_each": "${toset([\"intranet\", \"internal\", \"private\", \"localdomain\", \"domain\", \"lan\", \"home\", \"host\", \"corp\", \"local\", \"localhost\", \"home.arpa\", \"invalid\", \"test\"])}" + } + ] + } + } + references: + dynamic.content.suffix: domains.value + dependencies: + cloudflare_device_settings_policy.developer_warp_policy: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "match": "any(identity.groups.name[*] in {\"Developers\"})", + "name": "Developers", + "precedence": 10, + "switch_locked": true + } + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "domains": [ + { + "description": "Example domain", + "dns_server": [ + "192.0.2.0", + "192.0.2.1" + ], + "suffix": "example.com" + } + ], + "policy_id": "${cloudflare_device_settings_policy.developer_warp_policy.id}" + } + references: + policy_id: cloudflare_device_settings_policy.developer_warp_policy.id + dependencies: + cloudflare_device_settings_policy.developer_warp_policy: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "match": "any(identity.groups.name[*] in {\"Developers\"})", + "name": "Developers", + "precedence": 10, + "switch_locked": true + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. + description: (String) A description of the fallback domain, displayed in the client UI. + dns_server: (List of String) A list of IP addresses to handle domain resolution. + domains: '(Block Set, Min: 1) (see below for nested schema)' + id: (String) The ID of this resource. + policy_id: (String) The settings policy for which to configure this fallback domain policy. + suffix: (String) The domain suffix to match when resolving locally. + importStatements: + - |- + # Fallback Domains for default device policies must use "default" as the policy ID. + $ terraform import cloudflare_fallback_domain.example / + cloudflare_filter: + subCategory: "" + description: Filter expressions that can be referenced across multiple features, e.g. Firewall Rules. See what is a filter https://developers.cloudflare.com/firewall/api/cf-filters/what-is-a-filter/ for more details and available fields and operators. + name: cloudflare_filter + title: cloudflare_filter Resource - Cloudflare + examples: + - name: wordpress + manifest: |- + { + "description": "Wordpress break-in attempts that are outside of the office", + "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.src ne 192.0.2.1", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + description: (String) A note that you can use to describe the purpose of the filter. + expression: (String) The filter expression to be used. + id: (String) The ID of this resource. + paused: (Boolean) Whether this filter is currently paused. + ref: (String) Short reference tag to quickly select related rules. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: + - $ terraform import cloudflare_filter.example / + cloudflare_firewall_rule: + subCategory: "" + description: Define Firewall rules using filter expressions for more control over how traffic is matched to the rule. A filter expression permits selecting traffic by multiple criteria allowing greater freedom in rule creation. Filter expressions needs to be created first before using Firewall Rule. + name: cloudflare_firewall_rule + title: cloudflare_firewall_rule Resource - Cloudflare + examples: + - name: wordpress + manifest: |- + { + "action": "block", + "description": "Block wordpress break-in attempts", + "filter_id": "${cloudflare_filter.wordpress.id}", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + references: + filter_id: cloudflare_filter.wordpress.id + dependencies: + cloudflare_filter.wordpress: |- + { + "description": "Wordpress break-in attempts that are outside of the office", + "expression": "(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.src ne 192.0.2.1", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + action: '(String) The action to apply to a matched request. Available values: block, challenge, allow, js_challenge, managed_challenge, log, bypass.' + description: (String) A description of the rule to help identify it. + filter_id: (String) The identifier of the Filter to use for determining if the Firewall Rule should be triggered. + id: (String) The ID of this resource. + paused: (Boolean) Whether this filter based firewall rule is currently paused. + priority: (Number) The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. + products: '(Set of String) List of products to bypass for a request when the bypass action is used. Available values: zoneLockdown, uaBlock, bic, hot, securityLevel, rateLimit, waf.' + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: + - $ terraform import cloudflare_firewall_rule.example / + cloudflare_gre_tunnel: + subCategory: "" + description: Provides a resource which manages GRE tunnels for Magic Transit. + name: cloudflare_gre_tunnel + title: cloudflare_gre_tunnel + examples: + - name: example + manifest: |- + { + "account_id": "c4a7362d577a6c3019a474fd6f485821", + "cloudflare_gre_endpoint": "203.0.113.1", + "customer_gre_endpoint": "203.0.113.1", + "description": "Tunnel for ISP X", + "health_check_enabled": true, + "health_check_target": "203.0.113.1", + "health_check_type": "reply", + "interface_address": "192.0.2.0/31", + "mtu": 1476, + "name": "GRE_1", + "ttl": 64 + } + argumentDocs: + account_id: '- (Required) The ID of the account where the tunnel is being created.' + cloudflare_gre_endpoint: '- (Required) The IP address assigned to the Cloudflare side of the GRE tunnel.' + customer_gre_endpoint: '- (Required) The IP address assigned to the customer side of the GRE tunnel.' + description: '- (Optional) An optional description of the GRE tunnel.' + health_check_enabled: '- (Optional) Specifies if ICMP tunnel health checks are enabled Default: true.' + health_check_target: '- (Optional) The IP address of the customer endpoint that will receive tunnel health checks. Default: .' + health_check_type: '- (Optional) Specifies the ICMP echo type for the health check (request or reply) Default: reply.' + interface_address: '- (Required) 31-bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel.' + mtu: '- (Optional) Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. Maximum value 1476 and minimum value 576. Default: 1476.' + name: '- (Required) Name of the GRE tunnel.' + ttl: '- (Optional) Time To Live (TTL) in number of hops of the GRE tunnel. Minimum value 64. Default: 64.' + importStatements: [] + cloudflare_healthcheck: + subCategory: "" + description: Standalone Health Checks provide a way to monitor origin servers without needing a Cloudflare Load Balancer. + name: cloudflare_healthcheck + title: cloudflare_healthcheck Resource - Cloudflare + examples: + - name: http_health_check + manifest: |- + { + "address": "example.com", + "allow_insecure": false, + "check_regions": [ + "WEU", + "EEU" + ], + "consecutive_fails": 3, + "consecutive_successes": 2, + "description": "example http health check", + "expected_body": "alive", + "expected_codes": [ + "2xx", + "301" + ], + "follow_redirects": true, + "header": [ + { + "header": "Host", + "values": [ + "example.com" + ] + } + ], + "interval": 60, + "method": "GET", + "name": "http-health-check", + "path": "/health", + "port": "443", + "retries": 2, + "suspended": false, + "timeout": 10, + "type": "HTTPS", + "zone_id": "${var.cloudflare_zone_id}" + } + references: + zone_id: var.cloudflare_zone_id + - name: tcp_health_check + manifest: |- + { + "address": "example.com", + "check_regions": [ + "WEU", + "EEU" + ], + "consecutive_fails": 3, + "consecutive_successes": 2, + "description": "example tcp health check", + "interval": 60, + "method": "connection_established", + "name": "tcp-health-check", + "port": "22", + "retries": 2, + "suspended": false, + "timeout": 10, + "type": "TCP", + "zone_id": "${var.cloudflare_zone_id}" + } + references: + zone_id: var.cloudflare_zone_id + argumentDocs: + address: (String) The hostname or IP address of the origin server to run health checks on. + allow_insecure: (Boolean) Do not validate the certificate when the health check uses HTTPS. Defaults to false. + check_regions: '(List of String) A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: WNAM, ENAM, WEU, EEU, NSAM, SSAM, OC, ME, NAF, SAF, IN, SEAS, NEAS, ALL_REGIONS.' + consecutive_fails: (Number) The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to 1. + consecutive_successes: (Number) The number of consecutive successes required from a health check before changing the health to healthy. Defaults to 1. + create: (String) + created_on: (String) Creation time. + description: (String) A human-readable description of the health check. + expected_body: (String) A case-insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. + expected_codes: (List of String) The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. + follow_redirects: (Boolean) Follow redirects if the origin returns a 3xx status code. Defaults to false. + header: (Block Set) The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. (see below for nested schema) + id: (String) The ID of this resource. + interval: (Number) The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to 60. + method: '(String) The HTTP method to use for the health check. Available values: connection_established, GET, HEAD.' + modified_on: (String) Last modified time. + name: (String) A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. + path: (String) The endpoint path to health check against. Defaults to /. + port: (Number) Port number to connect to for the health check. Defaults to 80. + retries: (Number) The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to 2. + suspended: (Boolean) If suspended, no health checks are sent to the origin. Defaults to false. + timeout: (Number) The timeout (in seconds) before marking the health check as failed. Defaults to 5. + timeouts: (Block, Optional) (see below for nested schema) + type: '(String) The protocol to use for the health check. Available values: TCP, HTTP, HTTPS.' + values: (Set of String) A list of string values for the header. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: + - |- + # Use the Zone ID and Healthcheck ID to import. + $ terraform import cloudflare_healthcheck.example / + cloudflare_ip_list: + subCategory: "" + description: Provides IP Lists to be used in Firewall Rules across all zones within the same account. + name: cloudflare_ip_list + title: cloudflare_ip_list + examples: + - name: example + manifest: |- + { + "account_id": "d41d8cd98f00b204e9800998ecf8427e", + "description": "list description", + "item": [ + { + "comment": "Office IP", + "value": "192.0.2.1" + }, + { + "comment": "Datacenter range", + "value": "203.0.113.0/24" + } + ], + "kind": "ip", + "name": "example_list" + } + argumentDocs: + account_id: '- (Required) The ID of the account where the IP List is being created.' + comment: '- (Optional) A note that can be used to annotate the item.' + description: '- (Optional) A note that can be used to annotate the List. Maximum Length: 500' + kind: '- (Required) The kind of values in the List. Valid values: ip.' + name: '- (Required) The name of the list (used in filter expressions). Valid pattern: ^[a-zA-Z0-9_]+$. Maximum Length: 50' + value: '- (Required) The IPv4 address, IPv4 CIDR or IPv6 CIDR. IPv6 CIDRs are limited to a maximum of /64.' + importStatements: [] + cloudflare_ipsec_tunnel: + subCategory: "" + description: Provides a resource, that manages IPsec tunnels for Magic Transit. + name: cloudflare_ipsec_tunnel + title: cloudflare_ipsec_tunnel Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "allow_null_cipher": false, + "cloudflare_endpoint": "203.0.113.1", + "customer_endpoint": "203.0.113.1", + "description": "Tunnel for ISP X", + "health_check_enabled": true, + "health_check_target": "203.0.113.1", + "health_check_type": "reply", + "interface_address": "192.0.2.0/31", + "name": "IPsec_1", + "psk": "asdf12341234" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + allow_null_cipher: (Boolean) Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to false. + cloudflare_endpoint: (String) IP address assigned to the Cloudflare side of the IPsec tunnel. + customer_endpoint: (String) IP address assigned to the customer side of the IPsec tunnel. + description: (String) An optional description of the IPsec tunnel. + fqdn_id: (String) remote_id in the form of a fqdn. This value is generated by cloudflare. + health_check_enabled: '(Boolean) Specifies if ICMP tunnel health checks are enabled. Default: true.' + health_check_target: '(String) The IP address of the customer endpoint that will receive tunnel health checks. Default: .' + health_check_type: '(String) Specifies the ICMP echo type for the health check (request or reply). Available values: request, reply Default: reply.' + hex_id: (String) remote_id as a hex string. This value is generated by cloudflare. + id: (String) The ID of this resource. + interface_address: (String) 31-bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + name: (String) Name of the IPsec tunnel. + psk: (String, Sensitive) Pre shared key to be used with the IPsec tunnel. If left unset, it will be autogenerated. + remote_id: (String) ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. + user_id: (String) remote_id in the form of an email address. This value is generated by cloudflare. + importStatements: + - $ terraform import cloudflare_ipsec_tunnel.example / + cloudflare_list: + subCategory: "" + description: Provides Lists (IPs, Redirects) to be used in Edge Rules Engine across all zones within the same account. + name: cloudflare_list + title: cloudflare_list Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "description": "example IPs for a list", + "item": [ + { + "comment": "one", + "value": [ + { + "ip": "192.0.2.0" + } + ] + }, + { + "comment": "two", + "value": [ + { + "ip": "192.0.2.1" + } + ] + } + ], + "kind": "ip", + "name": "example list" + } + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "description": "example redirects for a list", + "item": [ + { + "comment": "one", + "value": [ + { + "redirect": [ + { + "source_url": "example.com/blog", + "target_url": "https://blog.example.com" + } + ] + } + ] + }, + { + "comment": "two", + "value": [ + { + "redirect": [ + { + "include_subdomains": "enabled", + "preserve_path_suffix": "disabled", + "preserve_query_string": "enabled", + "source_url": "example.com/foo", + "status_code": 301, + "subpath_matching": "enabled", + "target_url": "https://foo.example.com" + } + ] + } + ] + } + ], + "kind": "redirect", + "name": "example list" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. + comment: (String) An optional comment for the item. + description: (String) An optional description of the list. + id: (String) The ID of this resource. + include_subdomains: '(String) Whether the redirect also matches subdomains of the source url. Available values: disabled, enabled.' + ip: (String) + item: (Block Set) (see below for nested schema) + kind: (String) The type of items the list will contain. + name: (String) The name of the list. Modifying this attribute will force creation of a new resource. + preserve_path_suffix: '(String) Whether to preserve the path suffix when doing subpath matching. Available values: disabled, enabled.' + preserve_query_string: '(String) Whether the redirect target url should keep the query string of the request''s url. Available values: disabled, enabled.' + redirect: (Block List) (see below for nested schema) + source_url: (String) The source url of the redirect. + status_code: (Number) The status code to be used when redirecting a request. + subpath_matching: '(String) Whether the redirect also matches subpaths of the source url. Available values: disabled, enabled.' + target_url: (String) The target url of the redirect. + value: '(Block List, Min: 1, Max: 1) (see below for nested schema)' + importStatements: + - $ terraform import cloudflare_list.example / + cloudflare_load_balancer: + subCategory: "" + description: Provides a Cloudflare Load Balancer resource. This sits in front of a number of defined pools of origins and provides various options for geographically-aware load balancing. Note that the load balancing feature must be enabled in your Cloudflare account before you can use this resource. + name: cloudflare_load_balancer + title: cloudflare_load_balancer Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "country_pools": [ + { + "country": "US", + "pool_ids": [ + "${cloudflare_load_balancer_pool.example.id}" + ] + } + ], + "default_pool_ids": [ + "${cloudflare_load_balancer_pool.example.id}" + ], + "description": "example load balancer using geo-balancing", + "fallback_pool_id": "${cloudflare_load_balancer_pool.example.id}", + "name": "example-load-balancer.example.com", + "pop_pools": [ + { + "pool_ids": [ + "${cloudflare_load_balancer_pool.example.id}" + ], + "pop": "LAX" + } + ], + "proxied": true, + "region_pools": [ + { + "pool_ids": [ + "${cloudflare_load_balancer_pool.example.id}" + ], + "region": "WNAM" + } + ], + "rules": [ + { + "condition": "http.request.uri.path contains \"testing\"", + "fixed_response": [ + { + "content_type": "html", + "location": "www.example.com", + "message_body": "hello", + "status_code": 200 + } + ], + "name": "example rule" + } + ], + "steering_policy": "geo", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + references: + fallback_pool_id: cloudflare_load_balancer_pool.example.id + dependencies: + cloudflare_load_balancer_pool.example: |- + { + "name": "example-lb-pool", + "origins": [ + { + "address": "192.0.2.1", + "enabled": false, + "name": "example-1" + } + ] + } + argumentDocs: + adaptive_routing: (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) + condition: (String) The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See load balancing rules. + content_type: (String) The value of the HTTP context-type header for this fixed response. + country: (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. + country_pools: (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) + created_on: (String) The RFC3339 timestamp of when the load balancer was created. + default_pool_ids: (List of String) A list of pool IDs ordered by their failover priority. Used whenever pop_pools/country_pools/region_pools are not defined. + default_pools: (List of String) See default_pool_ids. + default_weight: (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. + description: (String) Free text description. + disabled: (Boolean) A disabled rule will not be executed. + drain_duration: (String) Configures the drain duration in seconds. This field is only used when session affinity is enabled on the load balancer. + enabled: (Boolean) Enable or disable the load balancer. Defaults to true. + failover_across_pools: (Boolean) Extends zero-downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. + fallback_pool: (String) See fallback_pool_id. + fallback_pool_id: (String) The pool ID to use when all other pools are detected as unhealthy. + fixed_response: '(Block List, Max: 1) Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: overrides or fixed_response must be set. (see below for nested schema)' + id: (String) The ID of this resource. + location: (String) The value of the HTTP location header for this fixed response. + location_strategy: (Block Set) Controls location-based steering for non-proxied requests. (see below for nested schema) + message_body: (String) The text used as the html body for this fixed response. + mode: '(String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop.' + modified_on: (String) The RFC3339 timestamp of when the load balancer was last modified. + name: (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + overrides: '(Block List) The load balancer settings to alter if this rule''s condition is true. Note: overrides or fixed_response must be set. (see below for nested schema)' + pool_ids: (List of String) A list of pool IDs in failover priority to use in the given country. + pool_weights: (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + pop: (String) A 3-letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. + pop_pools: (Block Set) A set containing mappings of Cloudflare Point-of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) + prefer_ecs: '(String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity.' + priority: (Number) Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. + proxied: (Boolean) Whether the hostname gets Cloudflare's origin protection. Defaults to false. Conflicts with ttl. + random_steering: (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) + region: (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. + region_pools: (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) + rules: (Block List) A list of rules for this load balancer to execute. (see below for nested schema) + samesite: '(String) Configures the SameSite attribute on session affinity cookie. Value Auto will be translated to Lax or None depending if Always Use HTTPS is enabled. Note: when using value None, then you can not set secure="Never". Available values: Auto, Lax, None, Strict.' + secure: '(String) Configures the Secure attribute on session affinity cookie. Value Always indicates the Secure attribute will be set in the Set-Cookie header, Never indicates the Secure attribute will not be set, and Auto will set the Secure attribute depending if Always Use HTTPS is enabled. Available values: Auto, Always, Never.' + session_affinity: '(String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client''s IP address. Available values: "", none, cookie, ip_cookie. Defaults to none.' + session_affinity_attributes: (Map of String) See session_affinity_attributes. + session_affinity_ttl: (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. + status_code: (Number) The HTTP status code used for this fixed response. + steering_policy: '(String) The method the load balancer uses to determine the route to your origin. Value off uses default_pool_ids. Value geo uses pop_pools/country_pools/region_pools. For non-proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools'' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "".' + terminates: '(Boolean) Terminates indicates that if this rule is true no further rules should be executed. Note: setting a fixed_response forces this field to true.' + ttl: (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. + zero_downtime_failover: '(String) Configures the zero-downtime failover between origins within a pool when session affinity is enabled. Value none means no failover takes place for sessions pinned to the origin. Value temporary means traffic will be sent to another other healthy origin until the originally pinned origin is available; note that this can potentially result in heavy origin flapping. Value sticky means the session affinity cookie is updated and subsequent requests are sent to the new origin. This feature is currently incompatible with Argo, Tiered Cache, and Bandwidth Alliance. Available values: none, temporary, sticky.' + zone_id: (String) The zone ID to add the load balancer to. Modifying this attribute will force creation of a new resource. + importStatements: + - $ terraform import cloudflare_load_balancer.example / + cloudflare_load_balancer_monitor: + subCategory: "" + description: Provides a Cloudflare Load Balancer Monitor resource. + name: cloudflare_load_balancer_monitor + title: cloudflare_load_balancer_monitor + examples: + - name: http_monitor + manifest: |- + { + "allow_insecure": false, + "description": "example http load balancer", + "expected_body": "alive", + "expected_codes": "2xx", + "follow_redirects": true, + "header": [ + { + "header": "Host", + "values": [ + "example.com" + ] + } + ], + "interval": 60, + "method": "GET", + "path": "/health", + "probe_zone": "example.com", + "retries": 5, + "timeout": 7, + "type": "http" + } + - name: tcp_monitor + manifest: |- + { + "description": "example tcp load balancer", + "interval": 60, + "method": "connection_established", + "port": 8080, + "retries": 5, + "timeout": 7, + "type": "tcp" + } + argumentDocs: + account_id: (Optional) The account identifier to target for the resource. + allow_insecure: '- (Optional) Do not validate the certificate when monitor use HTTPS. Only valid if type is "http" or "https".' + created_on: '- The RFC3339 timestamp of when the load balancer monitor was created.' + description: '- (Optional) Free text description.' + expected_body: '- (Optional) A case-insensitive sub-string to look for in the response body. If this string is not found, the origin will be marked as unhealthy. Only valid if type is "http" or "https". Default: "".' + expected_codes: '- (Optional) The expected HTTP response code or code range of the health check. Eg 2xx. Only valid and required if type is "http" or "https".' + follow_redirects: '- (Optional) Follow redirects if returned by the origin. Only valid if type is "http" or "https".' + header: '- (Optional) The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. Fields documented below. Only valid if type is "http" or "https".' + id: '- Load balancer monitor ID.' + interval: '- (Optional) The interval between each health check. Shorter intervals may improve failover time, but will increase load on the origins as we check from multiple locations. Default: 60.' + method: '- (Optional) The method to use for the health check. Valid values are any valid HTTP verb if type is "http" or "https", or connection_established if type is "tcp". Default: "GET" if type is "http" or "https", "connection_established" if type is "tcp", and empty otherwise.' + modified_on: '- The RFC3339 timestamp of when the load balancer monitor was last modified.' + path: '- (Optional) The endpoint path to health check against. Default: "/". Only valid if type is "http" or "https".' + port: '- The port number to use for the healthcheck, required when creating a TCP monitor. Valid values are in the range 0-65535.' + probe_zone: '- (Optional) Assign this monitor to emulate the specified zone while probing. Only valid if type is "http" or "https".' + retries: '- (Optional) The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Default: 2.' + timeout: '- (Optional) The timeout (in seconds) before marking the health check as failed. Default: 5.' + type: '- (Optional) The protocol to use for the healthcheck. Currently supported protocols are ''HTTP'', ''HTTPS'', ''TCP'', ''UDP-ICMP'', ''ICMP-PING'', and ''SMTP''. Default: "http".' + values: '- (Required) A list of string values for the header.' + importStatements: [] + cloudflare_load_balancer_pool: + subCategory: "" + description: Provides a Cloudflare Load Balancer Pool resource. + name: cloudflare_load_balancer_pool + title: cloudflare_load_balancer_pool + examples: + - name: foo + manifest: |- + { + "description": "example load balancer pool", + "enabled": false, + "latitude": 55, + "load_shedding": [ + { + "default_percent": 55, + "default_policy": "random", + "session_percent": 12, + "session_policy": "hash" + } + ], + "longitude": -12, + "minimum_origins": 1, + "name": "example-pool", + "notification_email": "someone@example.com", + "origin_steering": [ + { + "policy": "random" + } + ], + "origins": [ + { + "address": "192.0.2.1", + "enabled": false, + "header": [ + { + "header": "Host", + "values": [ + "example-1" + ] + } + ], + "name": "example-1" + }, + { + "address": "192.0.2.2", + "header": [ + { + "header": "Host", + "values": [ + "example-2" + ] + } + ], + "name": "example-2" + } + ] + } + argumentDocs: + account_id: (Optional) The account identifier to target for the resource. + address: '- (Required) The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. Hostnames entered here should resolve directly to the origin, and not be a hostname proxied by Cloudflare.' + check_regions: '- (Optional) A list of regions (specified by region code) from which to run health checks. Empty means every Cloudflare data center (the default), but requires an Enterprise plan. Region codes can be found here.' + created_on: '- The RFC3339 timestamp of when the load balancer was created.' + default_percent: '- (Optional) Percent of traffic to shed 0 - 100.' + default_policy: '- (Optional) Method of shedding traffic "", "hash" or "random".' + description: '- (Optional) Free text description.' + enabled: '- (Optional) Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any).' + header: '- (Optional) The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below.' + id: '- ID for this load balancer pool.' + latitude: '- (Optional) The latitude this pool is physically located at; used for proximity steering. Values should be between -90 and 90.' + load_shedding: '- (Optional) Setting for controlling load shedding for this pool.' + longitude: '- (Optional) The longitude this pool is physically located at; used for proximity steering. Values should be between -180 and 180.' + minimum_origins: '- (Optional) The minimum number of origins that must be healthy for this pool to serve traffic. If the number of healthy origins falls below this number, the pool will be marked unhealthy and we will failover to the next available pool. Default: 1.' + modified_on: '- The RFC3339 timestamp of when the load balancer was last modified.' + monitor: '- (Optional) The ID of the Monitor to use for health checking origins within this pool.' + name: '- (Required) A short name (tag) for the pool. Only alphanumeric characters, hyphens, and underscores are allowed.' + notification_email: '- (Optional) The email address to send health status notifications to. This can be an individual mailbox or a mailing list. Multiple emails can be supplied as a comma delimited list.' + origin_steering: '- (Optional) Set an origin steering policy to control origin selection within a pool.' + origins: '- (Required) The list of origins within this pool. Traffic directed at this pool is balanced across all currently healthy origins, provided the pool itself is healthy. It''s a complex value. See description below.' + policy: '- (Optional) Either "random" (default) or "hash".' + session_percent: '- (Optional) Percent of session traffic to shed 0 - 100.' + session_policy: '- (Optional) Method of shedding session traffic "" or "hash".' + values: '- (Required) A list of string values for the header.' + weight: '- (Optional) The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Default: 1.' + importStatements: [] + cloudflare_logpull_retention: + subCategory: "" + description: Allows management of the Logpull Retention settings used to control whether or not to retain HTTP request logs. + name: cloudflare_logpull_retention + title: cloudflare_logpull_retention + examples: + - name: example + manifest: |- + { + "enabled": "true", + "zone_id": "fb54f084ca7f7b732d3d3ecbd8ef7bf2" + } + argumentDocs: + enabled: '- (Required) Whether you wish to retain logs or not.' + zone_id: '- (Required) The zone ID to apply the log retention to.' + importStatements: [] + cloudflare_logpush_job: + subCategory: "" + description: 'Provides a resource which manages Cloudflare Logpush jobs. For Logpush jobs pushing to Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic, this resource cannot be automatically created. In order to have this automated, you must have: cloudflare_logpush_ownership_challenge: Configured to generate the challenge to confirm ownership of the destination.Either manual inspection or another Terraform Provider to get the contents of the ownership_challenge_filename value from thecloudflare_logpush_ownership_challenge resource.cloudflare_logpush_job: Create and manage the Logpush Job itself.' + name: cloudflare_logpush_job + title: cloudflare_logpush_job Resource - Cloudflare + examples: + - name: http_requests + manifest: |- + { + "dataset": "http_requests", + "destination_conf": "r2://cloudflare-logs/http_requests/date={DATE}?account-id=${var.account_id}\u0026access-key-id=${cloudflare_api_token.logpush_r2_token.id}\u0026secret-access-key=${sha256(cloudflare_api_token.logpush_r2_token.value)}", + "enabled": true, + "logpull_options": "fields=ClientIP,ClientRequestHost,ClientRequestMethod,ClientRequestURI,EdgeEndTimestamp,EdgeResponseBytes,EdgeResponseStatus,EdgeStartTimestamp,RayID\u0026timestamps=rfc3339", + "name": "http_requests", + "zone_id": "${var.zone_id}" + } + references: + zone_id: var.zone_id + dependencies: + cloudflare_api_token.logpush_r2_token: |- + { + "name": "logpush_r2_token", + "policy": [ + { + "permission_groups": [ + "${data.cloudflare_api_token_permission_groups.all.permissions[\"Workers R2 Storage Write\"]}" + ], + "resources": { + "com.cloudflare.api.account.*": "*" + } + } + ] + } + cloudflare_logpush_ownership_challenge.ownership_challenge: |- + { + "destination_conf": "s3://my-bucket-path?region=us-west-2", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: example_job + manifest: |- + { + "dataset": "http_requests", + "destination_conf": "s3://my-bucket-path?region=us-west-2", + "enabled": true, + "logpull_options": "fields=RayID,ClientIP,EdgeStartTimestamp\u0026timestamps=rfc3339", + "name": "My-logpush-job", + "ownership_challenge": "${data.aws_s3_bucket_object.challenge_file.body}", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + references: + ownership_challenge: data.aws_s3_bucket_object.challenge_file.body + dependencies: + cloudflare_api_token.logpush_r2_token: |- + { + "name": "logpush_r2_token", + "policy": [ + { + "permission_groups": [ + "${data.cloudflare_api_token_permission_groups.all.permissions[\"Workers R2 Storage Write\"]}" + ], + "resources": { + "com.cloudflare.api.account.*": "*" + } + } + ] + } + cloudflare_logpush_ownership_challenge.ownership_challenge: |- + { + "destination_conf": "s3://my-bucket-path?region=us-west-2", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: example_job + manifest: |- + { + "dataset": "http_requests", + "destination_conf": "s3://my-bucket-path?region=us-west-2", + "enabled": true, + "frequency": "high", + "logpull_options": "fields=RayID,ClientIP,EdgeStartTimestamp\u0026timestamps=rfc3339", + "name": "My-logpush-job", + "ownership_challenge": "0000000000000", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + dependencies: + cloudflare_api_token.logpush_r2_token: |- + { + "name": "logpush_r2_token", + "policy": [ + { + "permission_groups": [ + "${data.cloudflare_api_token_permission_groups.all.permissions[\"Workers R2 Storage Write\"]}" + ], + "resources": { + "com.cloudflare.api.account.*": "*" + } + } + ] + } + cloudflare_logpush_ownership_challenge.ownership_challenge: |- + { + "destination_conf": "s3://my-bucket-path?region=us-west-2", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Must provide only one of account_id, zone_id. + cloudflare_logpush_job: ': Create and manage the Logpush Job itself.' + cloudflare_logpush_ownership_challenge: |- + : Configured to generate the challenge + to confirm ownership of the destination. + dataset: '(String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. Available values: access_requests, firewall_events, http_requests, spectrum_events, nel_reports, audit_logs, gateway_dns, gateway_http, gateway_network, dns_logs, network_analytics_logs, workers_trace_events.' + destination_conf: (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. + enabled: (Boolean) Whether to enable the job. + filter: (String) Use filters to select the events to include and/or remove from your logs. For more information, refer to Filters. + frequency: '(String) A higher frequency will result in logs being pushed on faster with smaller files. low frequency will push logs less often with larger files. Available values: high, low. Defaults to high.' + id: (String) The ID of this resource. + kind: '(String) The kind of logpush job to create. Available values: edge, instant-logs, "".' + logpull_options: (String) Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See Logpull options documentation. + name: (String) The name of the logpush job to create. + ownership_challenge: (String) Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See Developer documentation. + ownership_challenge_filename: value from thecloudflare_logpush_ownership_challenge resource. + zone_id: (String) The zone identifier to target for the resource. Must provide only one of account_id, zone_id. + importStatements: + - |- + # Import an account-scoped job. + $ terraform import cloudflare_logpush_job.example account// + + # Import a zone-scoped job. + $ terraform import cloudflare_logpush_job.example zone// + cloudflare_logpush_ownership_challenge: + subCategory: "" + description: Provides a resource which manages Cloudflare Logpush ownership challenges to use in a Logpush Job. + name: cloudflare_logpush_ownership_challenge + title: cloudflare_logpush_ownership_challenge + examples: + - name: example + manifest: |- + { + "destination_conf": "s3://my-bucket-path?region=us-west-2", + "zone_id": "d41d8cd98f00b204e9800998ecf8427e" + } + - name: example + manifest: |- + { + "account_id": "1d5fdc9e88c8a8c4518b068cd94331fe", + "destination_conf": "s3://my-bucket-path?region=us-west-2" + } + argumentDocs: + account_id: '- (Optional) The account ID where the logpush ownership challenge should be created. Either account_id or zone_id are required.' + destination_conf: '- (Required) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation.' + ownership_challenge_filename: |- + - The filename of the ownership challenge which + contains the contents required for Logpush Job creation. + zone_id: '- (Optional) The zone ID where the logpush ownership challenge should be created. Either account_id or zone_id are required.' + importStatements: [] + cloudflare_magic_firewall_ruleset: + subCategory: "" + description: Provides the ability to manage a Magic Firewall Ruleset and it's firewall rules which are used with Magic Transit. + name: cloudflare_magic_firewall_ruleset + title: cloudflare_magic_firewall_ruleset + examples: + - name: example + manifest: |- + { + "account_id": "d41d8cd98f00b204e9800998ecf8427e", + "description": "Global mitigations", + "name": "Magic Transit Ruleset", + "rules": [ + { + "action": "allow", + "description": "Allow TCP Ephemeral Ports", + "enabled": "true", + "expression": "tcp.dstport in { 32768..65535 }" + }, + { + "action": "block", + "description": "Block all", + "enabled": "true", + "expression": "ip.len \u003e= 0" + } + ] + } + argumentDocs: + account_id: '- (Required) The ID of the account where the ruleset is being created.' + action: '- (Required) Valid values: allow or block.' + description: '- (Optional) A note that can be used to annotate the ruleset.' + enabled: '- (Required) Whether the rule is enabled or not. Valid values: true or false.' + expression: '- (Required) A Firewall expression using Wireshark syntax.' + name: '- (Required) The name of the ruleset.' + importStatements: [] + cloudflare_managed_headers: + subCategory: "" + description: The Cloudflare Managed Headers https://developers.cloudflare.com/rules/transform/managed-transforms/ allows you to add or remove some predefined headers to one's requests or origin responses. + name: cloudflare_managed_headers + title: cloudflare_managed_headers Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "managed_request_headers": [ + { + "enabled": true, + "id": "add_true_client_ip_headers" + } + ], + "managed_response_headers": [ + { + "enabled": true, + "id": "remove_x-powered-by_header" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + enabled: (Boolean) Whether the headers rule is active. + id: (String) The ID of this resource. + managed_request_headers: (Block Set) The list of managed request headers. (see below for nested schema) + managed_response_headers: (Block Set) The list of managed response headers. (see below for nested schema) + zone_id: (String) The zone identifier to target for the resource. + importStatements: [] + cloudflare_notification_policy: + subCategory: "" + description: Provides a resource, that manages a notification policy for Cloudflare's products. The delivery mechanisms supported are email, webhooks, and PagerDuty. + name: cloudflare_notification_policy + title: cloudflare_notification_policy Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "alert_type": "universal_ssl_event_type", + "description": "Notification policy to alert when my SSL certificates are modified", + "email_integration": [ + { + "id": "myemail@example.com" + } + ], + "enabled": true, + "name": "Policy for SSL notification events", + "pagerduty_integration": [ + { + "id": "850129d136459401860572c5d964d27k" + } + ], + "webhooks_integration": [ + { + "id": "1860572c5d964d27aa0f379d13645940" + } + ] + } + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "alert_type": "health_check_status_notification", + "description": "Notification policy to alert on unhealthy Healthcheck status", + "email_integration": [ + { + "id": "myemail@example.com" + } + ], + "enabled": true, + "filters": [ + { + "health_check_id": [ + "699d98642c564d2e855e9661899b7252" + ], + "status": [ + "Unhealthy" + ] + } + ], + "name": "Policy for Healthcheck notification", + "pagerduty_integration": [ + { + "id": "850129d136459401860572c5d964d27k" + } + ], + "webhooks_integration": [ + { + "id": "1860572c5d964d27aa0f379d13645940" + } + ] + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. + alert_type: '(String) The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of available alert types. Available values: billing_usage_alert, health_check_status_notification, g6_pool_toggle_alert, real_origin_monitoring, universal_ssl_event_type, dedicated_ssl_certificate_event_type, custom_ssl_certificate_event_type, access_custom_certificate_expiration_type, zone_aop_custom_certificate_expiration_type, bgp_hijack_notification, http_alert_origin_error, workers_alert, weekly_account_overview, expiring_service_token_alert, secondary_dns_all_primaries_failing, secondary_dns_zone_validation_warning, secondary_dns_primaries_failing, secondary_dns_zone_successfully_updated, dos_attack_l7, dos_attack_l4, advanced_ddos_attack_l7_alert, advanced_ddos_attack_l4_alert, fbm_volumetric_attack, fbm_auto_advertisement, load_balancing_pool_enablement_alert, load_balancing_health_alert, g6_health_alert, http_alert_edge_error, clickhouse_alert_fw_anomaly, clickhouse_alert_fw_ent_anomaly, failing_logpush_job_disabled_alert, scriptmonitor_alert_new_hosts, scriptmonitor_alert_new_scripts, scriptmonitor_alert_new_malicious_scripts, scriptmonitor_alert_new_malicious_url, scriptmonitor_alert_new_code_change_detections, scriptmonitor_alert_new_max_length_script_url, scriptmonitor_alert_new_malicious_hosts, sentinel_alert, hostname_aop_custom_certificate_expiration_type, stream_live_notifications, block_notification_new_block, block_notification_review_rejected, block_notification_review_accepted, web_analytics_metrics_update, workers_uptime.' + created: (String) When the notification policy was created. + description: (String) Description of the notification policy. + email_integration: (Block Set) The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + enabled: (Boolean) The status of the notification policy. + event_source: (Set of String) Source configuration to alert on for pool or origin. + event_type: (Set of String) Stream event type to alert on. + filters: '(Block List, Max: 1) An optional nested block of filters that applies to the selected alert_type. A key-value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). (see below for nested schema)' + health_check_id: (Set of String) Identifier health check. Required when using filters.0.status. + id: (String) The ID of this resource. + input_id: (Set of String) Stream input id to alert on. + limit: '(Set of String) A numerical limit. Example: 100.' + modified: (String) When the notification policy was last modified. + name: (String) The name of the notification policy. + new_health: (Set of String) Health status to alert on for pool or origin. + packets_per_second: (Set of String) Packets per second threshold for dos alert. + pagerduty_integration: (Block Set) The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + pool_id: (Set of String) Load balancer pool identifier. + product: '(Set of String) Product name. Available values: worker_requests, worker_durable_objects_requests, worker_durable_objects_duration, worker_durable_objects_data_transfer, worker_durable_objects_stored_data, worker_durable_objects_storage_deletes, worker_durable_objects_storage_writes, worker_durable_objects_storage_reads.' + protocol: (Set of String) Protocol to alert on for dos. + requests_per_second: (Set of String) Requests per second threshold for dos alert. + services: (Set of String) + slo: '(Set of String) A numerical limit. Example: 99.9.' + status: (Set of String) Status to alert on. + target_host: (Set of String) Target host to alert on for dos. + target_zone_name: (Set of String) Target domain to alert on. + webhooks_integration: (Block Set) The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + zones: (Set of String) A list of zone identifiers. + importStatements: + - $ terraform import cloudflare_notification_policy.example / + cloudflare_notification_policy_webhooks: + subCategory: "" + description: Provides a resource to create and manage webhooks destinations for Cloudflare's notification policies. + name: cloudflare_notification_policy_webhooks + title: cloudflare_notification_policy_webhooks + examples: + - name: example + manifest: |- + { + "account_id": "c4a7362d577a6c3019a474fd6f485821", + "name": "Webhooks destination", + "secret": "my-secret", + "url": "https://example.com" + } + argumentDocs: + account_id: '- (Required) The ID of the account for which the webhook destination has to be connected.' + name: '- (Required) The name of the webhook destination.' + secret: |- + - (Optional) An optional secret can be provided that will be passed in the cf-webhook-auth header when dispatching a webhook notification. + Secrets are not returned in any API response body. + Refer to the documentation for more details - https://api.cloudflare.com/#notification-webhooks-create-webhook. + url: '- (Required) The URL of the webhook destinations.' + importStatements: [] + cloudflare_origin_ca_certificate: + subCategory: "" + description: Provides a Cloudflare Origin CA certificate used to protect traffic to your origin without involving a third party Certificate Authority. + name: cloudflare_origin_ca_certificate + title: cloudflare_origin_ca_certificate Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "csr": "${tls_cert_request.example.cert_request_pem}", + "hostnames": [ + "example.com" + ], + "request_type": "origin-rsa", + "requested_validity": 7 + } + references: + csr: tls_cert_request.example.cert_request_pem + dependencies: + tls_cert_request.example: |- + { + "key_algorithm": "${tls_private_key.example.algorithm}", + "private_key_pem": "${tls_private_key.example.private_key_pem}", + "subject": [ + { + "common_name": "", + "organization": "Terraform Test" + } + ] + } + tls_private_key.example: |- + { + "algorithm": "RSA" + } + argumentDocs: + certificate: (String) The Origin CA certificate. + csr: (String) The Certificate Signing Request. Must be newline-encoded. Modifying this attribute will force creation of a new resource. + expires_on: (String) The datetime when the certificate will expire. + hostnames: (Set of String) A list of hostnames or wildcard names bound to the certificate. Modifying this attribute will force creation of a new resource. + id: (String) The ID of this resource. + min_days_for_renewal: (Number) Number of days prior to the expiry to trigger a renewal of the certificate if a Terraform operation is run. + request_type: '(String) The signature type desired on the certificate. Available values: origin-rsa, origin-ecc, keyless-certificate. Modifying this attribute will force creation of a new resource.' + requested_validity: '(Number) The number of days for which the certificate should be valid. Available values: 7, 30, 90, 365, 730, 1095, 5475. Modifying this attribute will force creation of a new resource.' + importStatements: + - $ terraform import cloudflare_origin_ca_certificate.example + cloudflare_page_rule: + subCategory: "" + description: Provides a Cloudflare page rule resource. + name: cloudflare_page_rule + title: cloudflare_page_rule + examples: + - name: foobar + manifest: |- + { + "actions": [ + { + "email_obfuscation": "on", + "minify": [ + { + "css": "on", + "html": "off", + "js": "on" + } + ], + "ssl": "flexible" + } + ], + "priority": 1, + "target": "sub.${var.cloudflare_zone}/page", + "zone_id": "${var.cloudflare_zone_id}" + } + references: + zone_id: var.cloudflare_zone_id + - name: foobar + manifest: |- + { + "actions": [ + { + "cache_key_fields": [ + { + "cookie": [ + {} + ], + "header": [ + { + "exclude": [ + "origin" + ] + } + ], + "host": [ + {} + ], + "query_string": [ + { + "exclude": [ + "api_token" + ] + } + ], + "user": [ + { + "lang": true + } + ] + } + ] + } + ], + "priority": 1, + "target": "embed.${var.cloudflare_zone}/*.js", + "zone_id": "${var.cloudflare_zone_id}" + } + references: + zone_id: var.cloudflare_zone_id + - name: foobar + manifest: |- + { + "actions": [ + { + "cache_key_fields": [ + { + "cookie": [ + { + "check_presence": [ + "wordpress_test_cookie" + ] + } + ], + "header": [ + { + "check_presence": [ + "header_present" + ], + "exclude": [ + "origin" + ], + "include": [ + "api-key", + "dnt" + ] + } + ], + "host": [ + { + "resolved": true + } + ], + "query_string": [ + { + "ignore": true + } + ], + "user": [ + { + "device_type": false, + "geo": true, + "lang": true + } + ] + } + ] + } + ], + "priority": 1, + "target": "${var.cloudflare_zone}/app/*", + "zone_id": "${var.cloudflare_zone_id}" + } + references: + zone_id: var.cloudflare_zone_id + - name: test + manifest: |- + { + "actions": [ + { + "cache_ttl_by_status": [ + { + "codes": "200-299", + "ttl": 300 + }, + { + "codes": "300-399", + "ttl": 60 + }, + { + "codes": "400-403", + "ttl": -1 + }, + { + "codes": "404", + "ttl": 30 + }, + { + "codes": "405-499", + "ttl": -1 + }, + { + "codes": "500-599", + "ttl": 0 + } + ] + } + ], + "priority": 1, + "target": "${var.cloudflare_zone}/app/*", + "zone_id": "${var.cloudflare_zone_id}" + } + references: + zone_id: var.cloudflare_zone_id + argumentDocs: + "-1": '- sets no-store, never save to cache' + "0": '- sets no-cache, saved to cache, but expired immediately (revalidate from origin every time)' + actions: '- (Required) The actions taken by the page rule, options given below.' + always_use_https: '- (Optional) Boolean of whether this action is enabled. Default: false.' + automatic_https_rewrites: '- (Optional) Whether this action is "on" or "off".' + browser_cache_ttl: '- (Optional) The Time To Live for the browser cache. 0 means ''Respect Existing Headers''' + browser_check: '- (Optional) Whether this action is "on" or "off".' + bypass_cache_on_cookie: '- (Optional) String value of cookie name to conditionally bypass cache the page.' + cache_by_device_type: '- (Optional) Whether this action is "on" or "off".' + cache_deception_armor: '- (Optional) Whether this action is "on" or "off".' + cache_key_fields: '- (Optional) Controls how Cloudflare creates Cache Keys used to identify files in cache. See below for full description.' + cache_level: '- (Optional) Whether to set the cache level to "bypass", "basic", "simplified", "aggressive", or "cache_everything".' + cache_on_cookie: '- (Optional) String value of cookie name to conditionally cache the page.' + cache_ttl_by_status: '- (Optional) Set cache TTL based on the response status from the origin web server. Can be specified multiple times. See below for full description.' + check_presence: '- (Optional, Array) Check for presence of specified cookies, without including their actual values.' + codes: '- (Required) A HTTP code (e.g. 404) or range of codes (e.g. 400-499)' + cookie: '- (Required, but allowed to be empty) Controls what cookies go into Cache Key:' + css: '- (Required) Whether CSS should be minified. Valid values are "on" or "off".' + device_type: '- (Optional, Boolean) true - classifies a request as “mobile”, “desktop”, or “tablet” based on the User Agent; defaults to false.' + disable_apps: '- (Optional) Boolean of whether this action is enabled. Default: false.' + disable_performance: '- (Optional) Boolean of whether this action is enabled. Default: false.' + disable_railgun: '- (Optional) Boolean of whether this action is enabled. Default: false.' + disable_security: '- (Optional) Boolean of whether this action is enabled. Default: false.' + disable_zaraz: '- (Optional) Boolean of whether this action is enabled. Default: false.' + edge_cache_ttl: '- (Optional) The Time To Live for the edge cache.' + email_obfuscation: '- (Optional) Whether this action is "on" or "off".' + exclude: '- (Optional, Array) Exclude these HTTP headers from Cache Key. Currently, only the Origin header can be excluded.' + explicit_cache_control: '- (Optional) Whether origin Cache-Control action is "on" or "off".' + forwarding_url: '- (Optional) The URL to forward to, and with what status. See below.' + geo: '- (Optional, Boolean) true - includes the client’s country, derived from the IP address; defaults to false.' + header: '- (Required, but allowed to be empty) Controls what HTTP headers go into Cache Key:' + host: '- (Required, but allowed to be empty) Controls which Host header goes into Cache Key:' + host_header_override: '- (Optional) Value of the Host header to send.' + html: '- (Required) Whether HTML should be minified. Valid values are "on" or "off".' + id: '- The page rule ID.' + ignore: '- (Optional, Boolean) false (default) - all query string parameters are used for Cache Key, unless explicitly excluded; true - all query string parameters are ignored; value should be false if any of exclude or include is non-empty.' + include: '- (Optional, Array) Use values of specified cookies in Cache Key.' + ip_geolocation: '- (Optional) Whether this action is "on" or "off".' + js: '- (Required) Whether Javascript should be minified. Valid values are "on" or "off".' + lang: '- (Optional, Boolean) true - includes the first language code contained in the Accept-Language header sent by the client; defaults to false.' + minify: '- (Optional) The configuration for HTML, CSS and JS minification. See below for full list of options.' + mirage: '- (Optional) Whether this action is "on" or "off".' + opportunistic_encryption: '- (Optional) Whether this action is "on" or "off".' + origin_error_page_pass_thru: '- (Optional) Whether this action is "on" or "off".' + polish: '- (Optional) Whether this action is "off", "lossless" or "lossy".' + priority: '- (Optional) The priority of the page rule among others for this target, the higher the number the higher the priority as per API documentation.' + query_string: '- (Required, but allowed to be empty) Controls which URL query string parameters go into the Cache Key.' + resolve_override: '- (Optional) Overridden origin server name.' + resolved: '- (Optional, Boolean) false (default) - includes the Host header in the HTTP request sent to the origin; true - includes the Host header that was resolved to get the origin IP for the request (e.g. changed with Resolve Override Page Rule).' + respect_strong_etag: '- (Optional) Whether this action is "on" or "off".' + response_buffering: '- (Optional) Whether this action is "on" or "off".' + rocket_loader: '- (Optional) Whether to set the rocket loader to "on", "off".' + security_level: '- (Optional) Whether to set the security level to "off", "essentially_off", "low", "medium", "high", or "under_attack".' + server_side_exclude: '- (Optional) Whether this action is "on" or "off".' + smart_errors: '- (Optional) Whether this action is "on" or "off".' + sort_query_string_for_cache: '- (Optional) Whether this action is "on" or "off".' + ssl: '- (Optional) Whether to set the SSL mode to "off", "flexible", "full", "strict", or "origin_pull".' + status: '- (Optional) Whether the page rule is active or disabled.' + status_code: '- (Required) The status code to use for the redirection.' + target: '- (Required) The URL pattern to target with the page rule.' + true_client_ip_header: '- (Optional) Whether this action is "on" or "off".' + ttl: '- (Required) Duration a resource lives in the Cloudflare cache.' + url: '- (Required) The URL to which the page rule should forward.' + user: '- (Required, but allowed to be empty) Controls which end user-related features go into the Cache Key.' + waf: '- (Optional) Whether this action is "on" or "off".' + zone_id: '- (Required) The DNS zone ID to which the page rule should be added.' + importStatements: [] + cloudflare_pages_domain: + subCategory: "" + description: Provides a resource for managing Cloudflare Pages domains. + name: cloudflare_pages_domain + title: cloudflare_pages_domain Resource - Cloudflare + examples: + - name: my-domain + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "domain": "example.com", + "project_name": "my-example-project" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + domain: (String) Custom domain. Modifying this attribute will force creation of a new resource. + id: (String) The ID of this resource. + project_name: (String) Name of the Pages Project. Modifying this attribute will force creation of a new resource. + status: (String) Status of the custom domain. + importStatements: + - $ terraform import cloudflare_pages_domain.example // + cloudflare_pages_project: + subCategory: "" + description: Provides a resource which manages Cloudflare Pages projects. + name: cloudflare_pages_project + title: cloudflare_pages_project Resource - Cloudflare + examples: + - name: basic_project + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "name": "this-is-my-project-01", + "production_branch": "main" + } + - name: build_config + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "build_config": [ + { + "build_command": "npm run build", + "destination_dir": "build", + "root_dir": "/", + "web_analytics_tag": "cee1c73f6e4743d0b5e6bb1a0bcaabcc", + "web_analytics_token": "021e1057c18547eca7b79f2516f06o7x" + } + ], + "name": "this-is-my-project-01", + "production_branch": "main" + } + - name: source_config + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "name": "this-is-my-project-01", + "production_branch": "main", + "source": [ + { + "config": [ + { + "deployments_enabled": true, + "owner": "cloudflare", + "pr_comments_enabled": true, + "preview_branch_excludes": [ + "main", + "prod" + ], + "preview_branch_includes": [ + "dev", + "preview" + ], + "preview_deployment_setting": "custom", + "production_branch": "main", + "production_deployment_enabled": true, + "repo_name": "ninjakittens" + } + ], + "type": "github" + } + ] + } + - name: deployment_configs + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "deployment_configs": [ + { + "preview": [ + { + "compatibility_date": "2022-08-15", + "compatibility_flags": [ + "preview_flag" + ], + "d1_databases": { + "D1_BINDING": "445e2955-951a-4358-a35b-a4d0c813f63" + }, + "durable_object_namespaces": { + "DO_BINDING": "5eb63bbbe01eeed093cb22bb8f5acdc3" + }, + "environment_variables": { + "ENVIRONMENT": "preview" + }, + "kv_namespaces": { + "KV_BINDING": "5eb63bbbe01eeed093cb22bb8f5acdc3" + }, + "r2_buckets": { + "R2_BINDING": "some-bucket" + } + } + ], + "production": [ + { + "compatibility_date": "2022-08-16", + "compatibility_flags": [ + "production_flag", + "second flag" + ], + "d1_databases": { + "D1_BINDING_1": "445e2955-951a-4358-a35b-a4d0c813f63", + "D1_BINDING_2": "a399414b-c697-409a-a688-377db6433cd9" + }, + "durable_object_namespaces": { + "DO_BINDING_1": "5eb63bbbe01eeed093cb22bb8f5acdc3", + "DO_BINDING_2": "3cdca5f8bb22bc390deee10ebbb36be5" + }, + "environment_variables": { + "ENVIRONMENT": "production", + "OTHER_VALUE": "other value" + }, + "kv_namespaces": { + "KV_BINDING_1": "5eb63bbbe01eeed093cb22bb8f5acdc3", + "KV_BINDING_2": "3cdca5f8bb22bc390deee10ebbb36be5" + }, + "r2_buckets": { + "R2_BINDING_1": "some-bucket", + "R2_BINDING_2": "other-bucket" + } + } + ] + } + ], + "name": "this-is-my-project-01", + "production_branch": "main" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. + build_command: (String) Command used to build project. + build_config: '(Block List, Max: 1) Configuration for the project build process. (see below for nested schema)' + compatibility_date: (String) Compatibility date used for Pages Functions. + compatibility_flags: (List of String) Compatibility flags used for Pages Functions. + config: '(Block List, Max: 1) Configuration for the source of the Cloudflare Pages project. (see below for nested schema)' + created_on: (String) When the project was created. + d1_databases: (Map of String) D1 Databases used for Pages Functions. + deployment_configs: '(Block List, Max: 1) Configuration for deployments in a project. (see below for nested schema)' + deployments_enabled: (Boolean) Toggle deployments on this repo. Defaults to true. + destination_dir: (String) Output directory of the build. + domains: (List of String) A list of associated custom domains for the project. + durable_object_namespaces: (Map of String) Durable Object namespaces used for Pages Functions. + environment_variables: (Map of String) Environment variables for Pages Functions. + id: (String) The ID of this resource. + kv_namespaces: (Map of String) KV namespaces used for Pages Functions. + name: (String) Name of the project. + owner: (String) Project owner username. + pr_comments_enabled: (Boolean) Enable Pages to comment on Pull Requests. Defaults to true. + preview: '(Block List, Max: 1) Configuration for preview deploys. (see below for nested schema)' + preview_branch_excludes: (List of String) Branches will be excluded from automatic deployment. + preview_branch_includes: (List of String) Branches will be included for automatic deployment. + preview_deployment_setting: (String) Preview Deployment Setting. Defaults to all. + production: '(Block List, Max: 1) Configuration for production deploys. (see below for nested schema)' + production_branch: (String) The name of the branch that is used for the production environment. + production_deployment_enabled: (Boolean) Enable production deployments. Defaults to true. + r2_buckets: (Map of String) R2 Buckets used for Pages Functions. + repo_name: (String) Project repository name. + root_dir: (String) Directory to run the command. + source: '(Block List, Max: 1) Configuration for the project source. (see below for nested schema)' + subdomain: (String) The Cloudflare subdomain associated with the project. + type: (String) Project host type. + web_analytics_tag: (String) The classifying tag for analytics. + web_analytics_token: (String) The auth token for analytics. + importStatements: + - $ terraform import cloudflare_pages_project.example / + cloudflare_rate_limit: + subCategory: "" + description: Provides a Cloudflare rate limit resource for a particular zone. + name: cloudflare_rate_limit + title: cloudflare_rate_limit + examples: + - name: example + manifest: |- + { + "action": [ + { + "mode": "simulate", + "response": [ + { + "body": "custom response body", + "content_type": "text/plain" + } + ], + "timeout": 43200 + } + ], + "bypass_url_patterns": [ + "${var.cloudflare_zone}/bypass1", + "${var.cloudflare_zone}/bypass2" + ], + "correlate": [ + { + "by": "nat" + } + ], + "description": "example rate limit for a zone", + "disabled": false, + "match": [ + { + "request": [ + { + "methods": [ + "GET", + "POST", + "PUT", + "DELETE", + "PATCH", + "HEAD" + ], + "schemes": [ + "HTTP", + "HTTPS" + ], + "url_pattern": "${var.cloudflare_zone}/*" + } + ], + "response": [ + { + "headers": [ + { + "name": "Host", + "op": "eq", + "value": "localhost" + }, + { + "name": "X-Example", + "op": "ne", + "value": "my-example" + } + ], + "origin_traffic": false, + "statuses": [ + 200, + 201, + 202, + 301, + 429 + ] + } + ] + } + ], + "period": 2, + "threshold": 2000, + "zone_id": "${var.cloudflare_zone_id}" + } + references: + zone_id: var.cloudflare_zone_id + argumentDocs: + action: '- (Required) The action to be performed when the threshold of matched traffic within the period defined is exceeded.' + body: '- (Required) The body to return, the content here should conform to the content_type.' + by: '- (Optional) If set to ''nat'', NAT support will be enabled for rate limiting.' + bypass_url_patterns: '- (Optional) URLs matching the patterns specified here will be excluded from rate limiting.' + content_type: '- (Required) The content-type of the body, must be one of: ''text/plain'', ''text/xml'', ''application/json''.' + correlate: '- (Optional) Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.' + description: '- (Optional) A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.' + disabled: '- (Optional) Whether this ratelimit is currently disabled. Default: false.' + headers: '- (Optional) block is a list of maps with the following attributes:' + id: '- The Rate limit ID.' + match: '- (Optional) Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone. See definition below.' + methods: '- (Optional) HTTP Methods, can be a subset [''POST'',''PUT''] or all [''_ALL_'']. Default: [''_ALL_''].' + mode: '- (Required) The type of action to perform. Allowable values are ''simulate'', ''ban'', ''challenge'', ''js_challenge'' and ''managed_challenge''.' + name: '- (Required) The name of the response header to match.' + op: '- (Required) The operator when matching. Allowable values are ''eq'', ''ne'' where eq means equals, ne means not equals.' + origin_traffic: '- (Optional) Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting. Default: true.' + period: '- (Required) The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed (min: 1, max: 86,400).' + request: '- (Optional) Matches HTTP requests (from the client to Cloudflare). See definition below.' + response: (Optional) Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage. This field is not required. + schemes: '- (Optional) HTTP Schemes, can be one [''HTTPS''], both [''HTTP'',''HTTPS''] or all [''_ALL_'']. Default: [''_ALL_''].' + statuses: '- (Optional) HTTP Status codes, can be one [403], many [401,403] or indicate all by not providing this value.' + threshold: '- (Required) The threshold that triggers the rate limit mitigations, combine with period. i.e. threshold per period (min: 2, max: 1,000,000).' + timeout: '- (Optional) The time in seconds as an integer to perform the mitigation action. This field is required if the mode is either simulate or ban. Must be the same or greater than the period (min: 1, max: 86400).' + url_pattern: '- (Optional) The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use _ for all traffic to your zone. Default: ''_''.' + value: '- (Required) The value of the header, which will be exactly matched.' + zone_id: '- (Required) The DNS zone ID to apply rate limiting to.' + importStatements: [] + cloudflare_record: + subCategory: "" + description: Provides a Cloudflare record resource. + name: cloudflare_record + title: cloudflare_record + examples: + - name: foobar + manifest: |- + { + "name": "terraform", + "ttl": 3600, + "type": "A", + "value": "192.168.0.11", + "zone_id": "${var.cloudflare_zone_id}" + } + references: + zone_id: var.cloudflare_zone_id + - name: _sip_tls + manifest: |- + { + "data": [ + { + "name": "terraform-srv", + "port": 443, + "priority": 0, + "proto": "_tls", + "service": "_sip", + "target": "example.com", + "weight": 0 + } + ], + "name": "_sip._tls", + "type": "SRV", + "zone_id": "${var.cloudflare_zone_id}" + } + references: + zone_id: var.cloudflare_zone_id + argumentDocs: + ae36f999674d196762efcc5abb06b345: '- the zone ID' + allow_overwrite: '- (Optional) Allow creation of this record in Terraform to overwrite an existing record, if any. This does not affect the ability to update the record in Terraform and does not prevent other resources within Terraform or manual changes outside Terraform from overwriting this record. false by default. This configuration is not recommended for most environments.' + created_on: '- The RFC3339 timestamp of when the record was created' + d41d8cd98f00b204e9800998ecf8427e: '- record ID as returned by API' + data: '- (Optional) Map of attributes that constitute the record value. Primarily used for LOC and SRV record types. Either this or value must be specified' + hostname: '- The FQDN of the record' + id: '- The record ID' + metadata: '- A key-value map of string metadata Cloudflare associates with the record' + modified_on: '- The RFC3339 timestamp of when the record was last modified' + name: '- (Required) The name of the record' + priority: '- (Optional) The priority of the record' + proxiable: '- Shows whether this record can be proxied, must be true if setting proxied=true' + proxied: '- (Optional) Whether the record gets Cloudflare''s origin protection; defaults to false.' + ttl: '- (Optional) The TTL of the record (automatic: ''1'')' + type: '- (Required) The type of the record' + value: '- (Optional) The (string) value of the record. Either this or data must be specified' + zone_id: '- (Required) The DNS zone ID to add the record to' + importStatements: [] + cloudflare_ruleset: + subCategory: "" + description: The Cloudflare Ruleset Engine https://developers.cloudflare.com/firewall/cf-rulesets allows you to create and deploy rules and rulesets. The engine syntax, inspired by the Wireshark Display Filter language, is the same syntax used in custom Firewall Rules. Cloudflare uses the Ruleset Engine in different products, allowing you to configure several products using the same basic syntax. + name: cloudflare_ruleset + title: cloudflare_ruleset Resource - Cloudflare + examples: + - name: magic_transit_example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "description": "example magic transit ruleset description", + "kind": "root", + "name": "account magic transit", + "phase": "magic_transit", + "rules": [ + { + "action": "allow", + "description": "Allow TCP Ephemeral Ports", + "expression": "tcp.dstport in { 32768..65535 }" + } + ] + } + - name: zone_level_managed_waf + manifest: |- + { + "description": "managed WAF ruleset description", + "kind": "zone", + "name": "managed WAF", + "phase": "http_request_firewall_managed", + "rules": [ + { + "action": "execute", + "action_parameters": [ + { + "id": "efb7b8c949ac4650a09736fc376e9aee" + } + ], + "description": "Execute Cloudflare Managed Ruleset on my zone-level phase entry point ruleset", + "enabled": true, + "expression": "(http.host eq \"example.host.com\")" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: zone_level_managed_waf_with_category_based_overrides + manifest: |- + { + "description": "managed WAF with tag-based overrides ruleset description", + "kind": "zone", + "name": "managed WAF with tag-based overrides", + "phase": "http_request_firewall_managed", + "rules": [ + { + "action": "execute", + "action_parameters": [ + { + "id": "efb7b8c949ac4650a09736fc376e9aee", + "overrides": [ + { + "categories": [ + { + "action": "block", + "category": "wordpress", + "status": "enabled" + }, + { + "action": "block", + "category": "joomla", + "status": "enabled" + } + ] + } + ] + } + ], + "description": "overrides to only enable wordpress rules to block", + "enabled": false, + "expression": "(http.host eq \"example.host.com\")" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: transform_uri_rule_path + manifest: |- + { + "description": "change the URI path to a new static path", + "kind": "zone", + "name": "transform rule for URI path", + "phase": "http_request_transform", + "rules": [ + { + "action": "rewrite", + "action_parameters": [ + { + "uri": [ + { + "path": [ + { + "value": "/my-new-route" + } + ] + } + ] + } + ], + "description": "example URI path transform rule", + "enabled": true, + "expression": "(http.host eq \"example.com\" and http.request.uri.path eq \"/old-path\")" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: transform_uri_rule_query + manifest: |- + { + "description": "change the URI query to a new static query", + "kind": "zone", + "name": "transform rule for URI query parameter", + "phase": "http_request_transform", + "rules": [ + { + "action": "rewrite", + "action_parameters": [ + { + "uri": [ + { + "query": [ + { + "value": "old=new_again" + } + ] + } + ] + } + ], + "description": "URI transformation query example", + "enabled": true, + "expression": "(http.host eq \"example.host.com\")" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: transform_uri_http_headers + manifest: |- + { + "description": "modify HTTP headers before reaching origin", + "kind": "zone", + "name": "transform rule for HTTP headers", + "phase": "http_request_late_transform", + "rules": [ + { + "action": "rewrite", + "action_parameters": [ + { + "headers": [ + { + "name": "example-http-header-1", + "operation": "set", + "value": "my-http-header-value-1" + }, + { + "expression": "cf.zone.name", + "name": "example-http-header-2", + "operation": "set" + }, + { + "name": "example-http-header-3-to-remove", + "operation": "remove" + } + ] + } + ], + "description": "example request header transform rule", + "enabled": false, + "expression": "(http.host eq \"example.host.com\")" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: rate_limiting_example + manifest: |- + { + "description": "apply HTTP rate limiting for a route", + "kind": "zone", + "name": "restrict API requests count", + "phase": "http_ratelimit", + "rules": [ + { + "action": "block", + "description": "rate limit for API", + "enabled": true, + "expression": "(http.request.uri.path matches \"^/api/\")", + "ratelimit": [ + { + "characteristics": [ + "cf.colo.id", + "ip.src" + ], + "mitigation_timeout": 600, + "period": 60, + "requests_per_period": 100 + } + ] + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: http_origin_example + manifest: |- + { + "description": "Change origin for a route", + "kind": "zone", + "name": "Change to some origin", + "phase": "http_request_origin", + "rules": [ + { + "action": "route", + "action_parameters": [ + { + "host_header": "some.host", + "origin": [ + { + "host": "some.host", + "port": 80 + } + ] + } + ], + "description": "change origin to some.host", + "enabled": true, + "expression": "(http.request.uri.path matches \"^/api/\")" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: custom_fields_logging_example + manifest: |- + { + "description": "add custom fields to logging", + "kind": "zone", + "name": "log custom fields", + "phase": "http_log_custom_fields", + "rules": [ + { + "action": "log_custom_field", + "action_parameters": [ + { + "cookie_fields": [ + "__ga", + "accountNumber", + "__cfruid" + ], + "request_fields": [ + "content-type", + "x-forwarded-for", + "host" + ], + "response_fields": [ + "server", + "content-type", + "allow" + ] + } + ], + "description": "log custom fields rule", + "enabled": true, + "expression": "(http.host eq \"example.host.com\")" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: cache_settings_example + manifest: |- + { + "description": "set cache settings for the request", + "kind": "zone", + "name": "set cache settings", + "phase": "http_request_cache_settings", + "rules": [ + { + "action": "set_cache_settings", + "action_parameters": [ + { + "browser_ttl": [ + { + "mode": "respect_origin" + } + ], + "cache_key": [ + { + "cache_deception_armor": true, + "custom_key": [ + { + "cookie": [ + { + "check_presence": [ + "cabc_t", + "cdef_t" + ], + "include": [ + "cabc", + "cdef" + ] + } + ], + "header": [ + { + "check_presence": [ + "habc_t", + "hdef_t" + ], + "exclude_origin": true, + "include": [ + "habc", + "hdef" + ] + } + ], + "host": [ + { + "resolved": true + } + ], + "query_string": [ + { + "exclude": [ + "*" + ] + } + ], + "user": [ + { + "device_type": true, + "geo": false + } + ] + } + ], + "ignore_query_strings_order": false + } + ], + "edge_ttl": [ + { + "default": 60, + "mode": "override_origin", + "status_code_ttl": [ + { + "status_code": 200, + "value": 50 + }, + { + "status_code_range": [ + { + "from": 201, + "to": 300 + } + ], + "value": 30 + } + ] + } + ], + "origin_error_page_passthru": false, + "respect_strong_etags": true, + "serve_stale": [ + { + "disable_stale_while_updating": true + } + ] + } + ], + "description": "set cache settings rule", + "enabled": true, + "expression": "(http.host eq \"example.host.com\")" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: redirect_from_list_example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "description": "Redirect ruleset", + "kind": "root", + "name": "redirects", + "phase": "http_request_redirect", + "rules": [ + { + "action": "redirect", + "action_parameters": [ + { + "from_list": [ + { + "key": "http.request.full_uri", + "name": "redirect_list" + } + ] + } + ], + "description": "Apply redirects from redirect_list", + "enabled": true, + "expression": "http.request.full_uri in $redirect_list" + } + ] + } + - name: redirect_from_value_example + manifest: |- + { + "description": "Redirect ruleset", + "kind": "root", + "name": "redirects", + "phase": "http_request_dynamic_redirect", + "rules": [ + { + "action": "redirect", + "action_parameters": [ + { + "from_value": [ + { + "preserve_query_string": true, + "status_code": 301, + "target_url": [ + { + "value": "some_host.com" + } + ] + } + ] + } + ], + "description": "Apply redirect from value", + "enabled": true, + "expression": "(http.request.uri.path matches \"^/api/\")" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: http_custom_error_example + manifest: |- + { + "description": "Serve some error response", + "kind": "zone", + "name": "Serve some error response", + "phase": "http_custom_errors", + "rules": [ + { + "action": "serve_error", + "action_parameters": [ + { + "content": "some error html", + "content_type": "text/html", + "status_code": "530" + } + ], + "description": "serve some error response", + "enabled": true, + "expression": "(http.request.uri.path matches \"^/api/\")" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: http_config_rules_example + manifest: |- + { + "description": "set config rules for request", + "kind": "zone", + "name": "set config rules", + "phase": "http_config_settings", + "rules": [ + { + "action": "set_config", + "action_parameters": [ + { + "bic": true, + "email_obfuscation": true + } + ], + "description": "set config rules for matching request", + "enabled": true, + "expression": "(http.request.uri.path matches \"^/api/\")" + } + ], + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Conflicts with zone_id. + action: '(String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip.' + action_parameters: '(Block List, Max: 1) List of parameters that configure the behavior of the ruleset rule action. (see below for nested schema)' + automatic_https_rewrites: (Boolean) Turn on or off Cloudflare Automatic HTTPS rewrites. + autominify: (Block List) Indicate which file extensions to minify automatically. (see below for nested schema) + bic: (Boolean) Inspect the visitor's browser for headers commonly associated with spammers and certain bots. + browser_ttl: '(Block List, Max: 1) List of browser TTL parameters to apply to the request. (see below for nested schema)' + cache: (Boolean) Whether to cache if expression matches. + cache_by_device_type: (Boolean) Cache by device type. Conflicts with "custom_key.user.device_type". + cache_deception_armor: (Boolean) Cache deception armor. + cache_key: '(Block List, Max: 1) List of cache key parameters to apply to the request. (see below for nested schema)' + categories: (Block List) List of tag-based overrides. (see below for nested schema) + category: (String) Tag name to apply the ruleset rule override to. + characteristics: (Set of String) List of parameters that define how Cloudflare tracks the request rate for this rule. + check_presence: (List of String) List of cookies to check for presence in the custom key. + content: (String) Content of the custom error response. + content_type: (String) Content-Type of the custom error response. + cookie: '(Block List, Max: 1) Cookie parameters for the custom key. (see below for nested schema)' + cookie_fields: (Set of String) List of cookie values to include as part of custom fields logging. + counting_expression: (String) Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + css: (Boolean) SSL minification. + custom_key: '(Block List, Max: 1) Custom key parameters for the request. (see below for nested schema)' + default: (Number) Default browser TTL. + description: (String) Brief summary of the ruleset and its intended use. + device_type: (Boolean) Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". + disable_apps: (Boolean) Turn off all active Cloudflare Apps. + disable_railgun: (Boolean) Turn off railgun feature of the Cloudflare Speed app. + disable_stale_while_updating: (Boolean) Disable stale while updating. + disable_zaraz: (Boolean) Turn off zaraz feature. + edge_ttl: '(Block List, Max: 1) List of edge TTL parameters to apply to the request. (see below for nested schema)' + email_obfuscation: (Boolean) Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. + enabled: (Boolean) Whether the rule is active. + exclude: (List of String) List of query string parameters to exclude from the custom key. Conflicts with "include". + exclude_origin: (Boolean) Exclude the origin header from the custom key. + exposed_credential_check: '(Block List, Max: 1) List of parameters that configure exposed credential checks. (see below for nested schema)' + expression: (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + from: (Number) From status code. + from_list: '(Block List, Max: 1) Use a list to lookup information for the action. (see below for nested schema)' + from_value: '(Block List, Max: 1) Use a value to lookup information for the action. (see below for nested schema)' + geo: (Boolean) Add geo data to the custom key. + header: '(Block List, Max: 1) Header parameters for the custom key. (see below for nested schema)' + headers: (Block List) List of HTTP header modifications to perform in the ruleset rule. (see below for nested schema) + host: '(Block List, Max: 1) Host parameters for the custom key. (see below for nested schema)' + host_header: (String) Host Header that request origin receives. + hotlink_protection: (Boolean) Turn on or off the hotlink protection feature. + html: (Boolean) HTML minification. + id: (String) The ID of this resource. + ignore_query_strings_order: (Boolean) Ignore query strings order. + include: (List of String) List of cookies to include in the custom key. + increment: (Number) + js: (Boolean) JS minification. + key: (String) Expression to use for the list lookup. + kind: '(String) Type of Ruleset to create. Available values: custom, managed, root, schema, zone.' + lang: (Boolean) Add language data to the custom key. + logging: '(Block List, Max: 1) List parameters to configure how the rule generates logs. (see below for nested schema)' + matched-data-cli: command-line tool + matched_data: '(Block List, Max: 1) List of properties to configure WAF payload logging. (see below for nested schema)' + mirage: (Boolean) Turn on or off Cloudflare Mirage of the Cloudflare Speed app. + mitigation_timeout: (Number) Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. + mode: (String) Mode of the browser TTL. + name: (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + operation: '(String) Action to perform on the HTTP request header. Available values: remove, set.' + opportunistic_encryption: (Boolean) Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + origin: '(Block List, Max: 1) List of properties to change request origin. (see below for nested schema)' + origin_error_page_passthru: (Boolean) Pass-through error page for origin. + overrides: '(Block List, Max: 1) List of override configurations to apply to the ruleset. (see below for nested schema)' + password_expression: (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language. + path: '(Block List, Max: 1) URI path configuration when performing a URL rewrite. (see below for nested schema)' + period: (Number) The period of time to consider (in seconds) when evaluating the request rate. + phase: '(String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings.' + phases: '(Set of String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings.' + polish: (String) Apply options from the Polish feature of the Cloudflare Speed app. + port: (Number) Origin Port where request is sent. + preserve_query_string: (Boolean) Preserve query string for redirect URL. + products: '(Set of String) Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.' + public_key: (String) Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the or in the Cloudflare dashboard. + query: '(Block List, Max: 1) Query string configuration when performing a URL rewrite. (see below for nested schema)' + query_string: '(Block List, Max: 1) Query string parameters for the custom key. (see below for nested schema)' + ratelimit: '(Block List, Max: 1) List of parameters that configure HTTP rate limiting behaviour. (see below for nested schema)' + ref: (String) Rule reference. + request_fields: (Set of String) List of request headers to include as part of custom fields logging, in lowercase. + requests_per_period: (Number) The number of requests over the period of time that will trigger the Rate Limiting rule. + requests_to_origin: (Boolean) Whether to include requests to origin within the Rate Limiting count. + resolved: (Boolean) Resolve hostname to IP address. + respect_strong_etags: (Boolean) Respect strong ETags. + response: (Block List) List of parameters that configure the response given to end users. (see below for nested schema) + response_fields: (Set of String) List of response headers to include as part of custom fields logging, in lowercase. + rocket_loader: (Boolean) Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. + rules: (Block List) List of rules to apply to the ruleset. (see below for nested schema) + ruleset: (String) Which ruleset ID to target. + rulesets: (Set of String) List of managed WAF rule IDs to target. Only valid when the "action" is set to skip. + score_threshold: (Number) Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets. + security_level: (String) Control options for the Security Level feature from the Security app. + sensitivity_level: '(String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.' + serve_stale: '(Block List, Max: 1) List of serve stale parameters to apply to the request. (see below for nested schema)' + server_side_excludes: (Boolean) Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. + shareable_entitlement_name: (String) Name of entitlement that is shareable between entities. + sni: '(Block List, Max: 1) List of properties to manange Server Name Indication. (see below for nested schema)' + ssl: (String) Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + status: '(String) Defines if the current ruleset-level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "".' + status_code: (Number) HTTP status code of the custom error response. + status_code_range: (Block List) Status code range for which the edge TTL is applied. Conflicts with "status_code". (see below for nested schema) + status_code_ttl: (Block List) Edge TTL for the status codes. (see below for nested schema) + sxg: (Boolean) Turn on or off the SXG feature. + target_url: '(Block List, Max: 1) Target URL for redirect. (see below for nested schema)' + to: (Number) To status code. + uri: '(Block List, Max: 1) List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. (see below for nested schema)' + user: '(Block List, Max: 1) User parameters for the custom key. (see below for nested schema)' + username_expression: (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language. + value: (Number) Status code edge TTL value. + version: (String) Version of the ruleset to deploy. + zone_id: (String) The zone identifier to target for the resource. Conflicts with account_id. + importStatements: + - |- + # Import an account scoped Ruleset configuration. + $ terraform import cloudflare_ruleset.example account// + + # Import a zone scoped Ruleset configuration. + $ terraform import cloudflare_ruleset.example zone// + cloudflare_spectrum_application: + subCategory: "" + description: Provides a Cloudflare Spectrum Application resource. + name: cloudflare_spectrum_application + title: cloudflare_spectrum_application + examples: + - name: ssh_proxy + manifest: |- + { + "dns": [ + { + "name": "ssh.example.com", + "type": "CNAME" + } + ], + "origin_direct": [ + "tcp://109.151.40.129:22" + ], + "protocol": "tcp/22", + "traffic_type": "direct", + "zone_id": "${var.cloudflare_zone_id}" + } + references: + zone_id: var.cloudflare_zone_id + argumentDocs: + 9a7806061c88ada191ed06f989cc3dac: '- Application ID' + argo_smart_routing: '- (Optional). Enables Argo Smart Routing. Defaults to false.' + d41d8cd98f00b204e9800998ecf8427e: '- zone ID, as returned from API' + dns: '- (Required) The name and type of DNS record for the Spectrum application. Fields documented below.' + edge_ip_connectivity: '- (Optional). Choose which types of IP addresses will be provisioned for this subdomain. Valid values are: all, ipv4, ipv6. Defaults to all.' + edge_ips: '- (Optional). A list of edge IPs (IPv4 and/or IPv6) to configure Spectrum application to. Requires Bring Your Own IP provisioned.' + end: '- (Required) Upper bound of the origin port range, e.g. 2000' + id: '- Unique identifier in the API for the spectrum application.' + ip_firewall: '- (Optional) Enables the IP Firewall for this application. Defaults to true.' + name: '- (Required) The name of the DNS record associated with the application.i.e. ssh.example.com.' + origin_direct: '- (Optional) A list of destination addresses to the origin. e.g. tcp://192.0.2.1:22.' + origin_dns: '- (Optional) A destination DNS addresses to the origin. Fields documented below.' + origin_port: '- (Optional) If using origin_dns and not origin_port_range, this is a required attribute. Origin port to proxy traffice to e.g. 22.' + origin_port_range: '- (Optional) If using origin_dns and not origin_port, this is a required attribute. Origin port range to proxy traffice to. When using a range, the protocol field must also specify a range, e.g. tcp/22-23. Fields documented below.' + protocol: '- (Required) The port configuration at Cloudflare’s edge. e.g. tcp/22.' + proxy_protocol: '- (Optional) Enables a proxy protocol to the origin. Valid values are: off, v1, v2, and simple. Defaults to off.' + start: '- (Required) Lower bound of the origin port range, e.g. 1000' + tls: '- (Optional) TLS configuration option for Cloudflare to connect to your origin. Valid values are: off, flexible, full and strict. Defaults to off.' + traffic_type: '- (Optional) Sets application type. Valid values are: direct, http, https. Defaults to direct.' + type: '- (Required) The type of DNS record associated with the application. Valid values: CNAME.' + zone_id: '- (Required) The DNS zone ID to add the application to' + importStatements: [] + cloudflare_split_tunnel: + subCategory: "" + description: Provides a Cloudflare Split Tunnel resource. Split tunnels are used to either include or exclude lists of routes from the WARP client's tunnel. + name: cloudflare_split_tunnel + title: cloudflare_split_tunnel Resource - Cloudflare + examples: + - name: example_split_tunnel_exclude + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "mode": "exclude", + "tunnels": [ + { + "description": "example domain", + "host": "*.example.com" + } + ] + } + dependencies: + cloudflare_device_policy.developer_warp_policy: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "match": "any(identity.groups.name[*] in {\"Developers\"})", + "name": "Developers", + "precedence": 10, + "switch_locked": true + } + - name: example_split_tunnel_include + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "mode": "include", + "tunnels": [ + { + "description": "example domain", + "host": "*.example.com" + } + ] + } + dependencies: + cloudflare_device_policy.developer_warp_policy: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "match": "any(identity.groups.name[*] in {\"Developers\"})", + "name": "Developers", + "precedence": 10, + "switch_locked": true + } + - name: example_device_policy_split_tunnel_exclude + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "mode": "exclude", + "policy_id": "${cloudflare_device_policy.developer_warp_policy.id}", + "tunnels": [ + { + "description": "example domain", + "host": "*.example.com" + } + ] + } + references: + policy_id: cloudflare_device_policy.developer_warp_policy.id + dependencies: + cloudflare_device_policy.developer_warp_policy: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "match": "any(identity.groups.name[*] in {\"Developers\"})", + "name": "Developers", + "precedence": 10, + "switch_locked": true + } + - name: example_split_tunnel_include + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "mode": "include", + "policy_id": "${cloudflare_device_policy.developer_warp_policy.id}", + "tunnels": [ + { + "description": "example domain", + "host": "*.example.com" + } + ] + } + references: + policy_id: cloudflare_device_policy.developer_warp_policy.id + dependencies: + cloudflare_device_policy.developer_warp_policy: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "match": "any(identity.groups.name[*] in {\"Developers\"})", + "name": "Developers", + "precedence": 10, + "switch_locked": true + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. + address: (String) The address for the tunnel. + description: (String) A description for the tunnel. + host: (String) The domain name for the tunnel. + id: (String) The ID of this resource. + mode: '(String) The mode of the split tunnel policy. Available values: include, exclude.' + policy_id: (String) The settings policy for which to configure this split tunnel policy. + tunnels: '(Block Set, Min: 1) The value of the tunnel attributes. (see below for nested schema)' + importStatements: + - |- + # Split Tunnels for default device policies must use "default" as the policy ID. + $ terraform import cloudflare_split_tunnel.example // + cloudflare_static_route: + subCategory: "" + description: Provides a resource which manages Cloudflare static routes for Magic Transit or Magic WAN. + name: cloudflare_static_route + title: cloudflare_static_route + examples: + - name: example + manifest: |- + { + "account_id": "c4a7362d577a6c3019a474fd6f485821", + "colo_names": [ + "den01" + ], + "colo_regions": [ + "APAC" + ], + "description": "New route for new prefix 192.0.2.0/24", + "nexthop": "10.0.0.0", + "prefix": "192.0.2.0/24", + "priority": 100, + "weight": 10 + } + argumentDocs: + account_id: '- (Required) The ID of the account where the static route is being created.' + colo_names: '- (Optional) Optional list of Cloudflare colocation names for this static route.' + colo_regions: '- (Optional) Optional list of Cloudflare colocation regions for this static route.' + description: '- (Optional) Description of the static route.' + nexthop: '- (Required) The nexthop IP address where traffic will be routed to.' + prefix: '- (Required) Your network prefix using CIDR notation.' + priority: '- (Required) The priority for the static route.' + weight: '- (Optional) The optional weight for ECMP routes.' + importStatements: [] + cloudflare_teams_account: + subCategory: "" + description: Provides a Cloudflare Teams Account resource. + name: cloudflare_teams_account + title: cloudflare_teams_account + examples: + - name: main + manifest: |- + { + "account_id": "1d5fdc9e88c8a8c4518b068cd94331fe", + "antivirus": [ + { + "enabled_download_phase": true, + "enabled_upload_phase": false, + "fail_closed": true + } + ], + "block_page": [ + { + "background_color": "#000000", + "footer_text": "hello", + "header_text": "hello", + "logo_path": "https://google.com" + } + ], + "fips": [ + { + "tls": true + } + ], + "logging": [ + { + "redact_pii": true, + "settings_by_rule_type": [ + { + "dns": [ + { + "log_all": false, + "log_blocks": true + } + ], + "http": [ + { + "log_all": true, + "log_blocks": true + } + ], + "l4": [ + { + "log_all": false, + "log_blocks": true + } + ] + } + ] + } + ], + "proxy": [ + { + "tcp": true, + "udp": true + } + ], + "tls_decrypt_enabled": true, + "url_browser_isolation_enabled": true + } + argumentDocs: + account_id: '- (Required) The account to which the teams location should be added.' + antivirus: '- (Optional) Configuration block for antivirus traffic scanning.' + background_color: '- (Optional) Hex code of block page background color.' + block_page: '- (Optional) Configuration for a custom block page.' + enabled: '- (Optional) Indicator of enablement.' + enabled_download_phase: '- (Optional) Scan on file download.' + enabled_upload_phase: '- (Optional) Scan on file upload.' + fail_closed: '- (Optional) Block requests for files that cannot be scanned.' + fips: '- (Optional) Configure compliance with Federal Information Processing Standards.' + footer_text: '- (Optional) Block page header text.' + header_text: '- (Optional) Block page footer text.' + logo_path: '- (Optional) URL of block page logo.' + name: '- (Optional) Name of block page configuration.' + proxy: '- (Optional) Configuration block for specifying which protocols are proxied.' + redact_pii: |- + - (Required) Redact personally identifiable information from activity logging (PII fields are: source IP, + user email, user ID, device ID, URL, referrer, user agent). + settings_by_rule_type: |- + - (Required) Represents whether all requests are logged or only the blocked requests are + logged in DNS, HTTP and L4 filters. + tcp: '- (Required) Whether gateway proxy is enabled on gateway devices for tcp traffic.' + tls: '- (Optional) Only allow FIPS-compliant TLS configuration.' + tls_decrypt_enabled: '- (Optional) Indicator that decryption of TLS traffic is enabled.' + udp: '- (Required) Whether gateway proxy is enabled on gateway devices for udp traffic.' + url_browser_isolation_enabled: '- (Optional) Safely browse websites in Browser Isolation through a URL.' + importStatements: [] + cloudflare_teams_list: + subCategory: "" + description: Provides a Cloudflare Teams List resource. + name: cloudflare_teams_list + title: cloudflare_teams_list + examples: + - name: corporate_devices + manifest: |- + { + "account_id": "1d5fdc9e88c8a8c4518b068cd94331fe", + "description": "Serial numbers for all corporate devices.", + "items": [ + "8GE8721REF", + "5RE8543EGG", + "1YE2880LNP" + ], + "name": "Corporate devices", + "type": "SERIAL" + } + argumentDocs: + account_id: '- (Required) The account to which the teams list should be added.' + description: '- (Optional) The description of the teams list.' + id: '- ID of the teams list.' + items: '- (Required) The items of the teams list.' + name: '- (Required) Name of the teams list.' + type: '- (Required) The teams list type. Valid values are IP, SERIAL, URL, DOMAIN, and EMAIL.' + importStatements: [] + cloudflare_teams_location: + subCategory: "" + description: Provides a Cloudflare Teams Location resource. + name: cloudflare_teams_location + title: cloudflare_teams_location + examples: + - name: corporate_office + manifest: |- + { + "account_id": "1d5fdc9e88c8a8c4518b068cd94331fe", + "client_default": true, + "name": "office", + "networks": [ + { + "network": "203.0.113.1/32" + }, + { + "network": "203.0.113.2/32" + } + ] + } + argumentDocs: + account_id: '- (Required) The account to which the teams location should be added.' + anonymized_logs_enabled: '- Indicator that anonymized logs are enabled.' + client_default: '- (Optional) Indicator that this is the default location.' + doh_subdomain: '- The FQDN that DoH clients should be pointed at.' + id: '- ID of the teams location.' + ip: '- Client IP address' + ipv4_destination: '- IP to direct all IPv4 DNS queries too.' + name: '- (Required) Name of the teams location.' + networks: '- (Optional) The networks CIDRs that comprise the location.' + importStatements: [] + cloudflare_teams_proxy_endpoint: + subCategory: "" + description: Provides a Cloudflare Teams Proxy Endpoint resource. + name: cloudflare_teams_proxy_endpoint + title: cloudflare_teams_proxy_endpoint + examples: + - name: corporate_office + manifest: |- + { + "account_id": "1d5fdc9e88c8a8c4518b068cd94331fe", + "ips": [ + "192.0.2.0/24" + ], + "name": "office" + } + argumentDocs: + account_id: '- (Required) The account to which the teams proxy endpoint should be added.' + id: '- ID of the teams proxy endpoint.' + ips: '- (Required) The networks CIDRs that will be allowed to initiate proxy connections.' + name: '- (Required) Name of the teams proxy endpoint.' + subdomain: '- The FQDN that proxy clients should be pointed at.' + importStatements: [] + cloudflare_teams_rule: + subCategory: "" + description: Provides a Cloudflare Teams rule resource. + name: cloudflare_teams_rule + title: cloudflare_teams_rule + examples: + - name: rule1 + manifest: |- + { + "account_id": "d57c3de47a013c03ca7e237dd3e61d7d", + "action": "block", + "description": "desc", + "filters": [ + "http" + ], + "name": "office", + "precedence": 1, + "rule_settings": [ + { + "block_page_enabled": true, + "block_page_reason": "access not permitted" + } + ], + "traffic": "http.request.uri == \"https://www.example.com/malicious\"" + } + argumentDocs: + account_id: '- (Required) The account to which the teams rule should be added.' + action: '- (Required) The action executed by matched teams rule.' + add_headers: '- (Optional, Map) Add custom headers to allowed requests in the form of key-value pairs.' + biso_admin_controls: '- (Optional) Configure how browser isolation behaves (refer to the nested schema).' + block_page_enabled: '- (Optional) Indicator of block page enablement.' + block_page_reason: '- (Optional) The displayed reason for a user being blocked.' + check_session: '- (Optional) Configure how session check behaves (refer to the nested schema).' + description: '- (Required) The description of the teams rule.' + device_posture: '- (Optional) The wirefilter expression to be used for device_posture check matching.' + disable_copy_paste: '- (Boolean) Disable copy-paste.' + disable_download: '- (Boolean) Disable download.' + disable_keyboard: '- (Boolean) Disable keyboard usage.' + disable_printing: '- (Boolean) Disable printing.' + disable_upload: '- (Boolean) Disable upload.' + duration: '- (Optional) Configure how fresh the session needs to be to be considered valid.' + enabled: '- (Optional) Indicator of rule enablement.' + enforce: '- (Optional) Enable session enforcement for this rule.' + filters: '- (Optional) The protocol or layer to evaluate the traffic and identity expressions.' + identity: '- (Optional) The wirefilter expression to be used for identity matching.' + insecure_disable_dnssec_validation: '- (Optional) Disable DNSSEC validation (must be Allow rule)' + ip: '- (Required) Override IP to forward traffic to.' + l4override: '- (Optional) Settings to forward layer 4 traffic (refer to the nested schema).' + name: '- (Required) The name of the teams rule.' + override_host: '- (Optional) The host to override matching DNS queries with.' + override_ips: '- (Optional) The IPs to override matching DNS queries with.' + port: '- (Required) Override Port to forward traffic to.' + precedence: '- (Required) The evaluation precedence of the teams rule.' + rule_settings: '- (Optional) Additional rule settings (refer to the nested schema).' + traffic: '- (Optional) The wirefilter expression to be used for traffic matching.' + importStatements: [] + cloudflare_tiered_cache: + subCategory: "" + description: Provides a resource, that manages Cloudflare Tiered Cache settings. This allows you to adjust topologies for your zone. + name: cloudflare_tiered_cache + title: cloudflare_tiered_cache Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "cache_type": "smart", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + cache_type: '(String) The typed of tiered cache to utilize on the zone. Available values: generic, smart, off.' + id: (String) The ID of this resource. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: [] + cloudflare_total_tls: + subCategory: "" + description: Provides a resource which manages Total TLS for a zone. + name: cloudflare_total_tls + title: cloudflare_total_tls Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "certificate_authority": "lets_encrypt", + "enabled": true, + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + certificate_authority: '(String) The Certificate Authority that Total TLS certificates will be issued through. Available values: google, lets_encrypt.' + enabled: (Boolean) Enable Total TLS for the zone. + id: (String) The ID of this resource. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: [] + cloudflare_tunnel_config: + subCategory: "" + description: Provides a Cloudflare Tunnel configuration resource. + name: cloudflare_tunnel_config + title: cloudflare_tunnel_config Resource - Cloudflare + examples: + - name: example_config + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "config": [ + { + "ingress_rule": [ + { + "hostname": "foo", + "path": "/bar", + "service": "http://10.0.0.2:8080" + }, + { + "service": "https://10.0.0.3:8081" + } + ], + "origin_request": [ + { + "bastion_mode": false, + "ca_pool": "/path/to/unsigned/ca/pool", + "connect_timeout": "1m0s", + "disable_chunked_encoding": false, + "http_host_header": "baz", + "ip_rules": [ + { + "allow": false, + "ports": [ + 80, + 443 + ], + "prefix": "/web" + } + ], + "keep_alive_connections": 1024, + "keep_alive_timeout": "1m0s", + "no_happy_eyeballs": false, + "no_tls_verify": false, + "origin_server_name": "foobar", + "proxy_address": "10.0.0.1", + "proxy_port": "8123", + "proxy_type": "socks", + "tcp_keep_alive": "1m0s", + "tls_timeout": "1m0s" + } + ], + "warp_routing": [ + { + "enabled": true + } + ] + } + ], + "tunnel_id": "${cloudflare_argo_tunnel.example_tunnel.id}" + } + references: + tunnel_id: cloudflare_argo_tunnel.example_tunnel.id + dependencies: + cloudflare_argo_tunnel.example_tunnel: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "name": "example_tunnel", + "secret": "\u003c32 character secret\u003e" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. + allow: (Boolean) Whether to allow the IP prefix. + bastion_mode: (Boolean) Runs as jump host. + ca_pool: (String) Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to "". + config: '(Block List, Min: 1, Max: 1) Configuration block for Tunnel Configuration. (see below for nested schema)' + connect_timeout: (String) Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout. Defaults to 30s. + disable_chunked_encoding: (Boolean) Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to false. + enabled: (Boolean) Whether WARP routing is enabled. + hostname: (String) Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. + http_host_header: (String) Sets the HTTP Host header on requests sent to the local service. Defaults to "". + id: (String) The ID of this resource. + ingress_rule: '(Block List, Min: 1) Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more. (see below for nested schema)' + ip_rules: (Block Set) IP rules for the proxy service. (see below for nested schema) + keep_alive_connections: (Number) Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to 100. + keep_alive_timeout: (String) Timeout after which an idle keepalive connection can be discarded. Defaults to 1m30s. + no_happy_eyeballs: (Boolean) Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to false. + no_tls_verify: (Boolean) Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to false. + origin_request: '(Block List, Max: 1) (see below for nested schema)' + origin_server_name: (String) Hostname that cloudflared should expect from your origin server certificate. Defaults to "". + path: (String) Path of the incoming request. If the path matches, the request will be sent to the local service. + ports: (List of Number) Ports to use within the IP rule. + prefix: (String) IP rule prefix. + proxy_address: (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to 127.0.0.1. + proxy_port: (Number) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to 0. + proxy_type: '(String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: ``, socks. Defaults to "".' + service: (String) Name of the service to which the request will be sent. + tcp_keep_alive: (String) The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to 30s. + tls_timeout: (String) Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to 10s. + tunnel_id: (String) Identifier of the Tunnel to target for this configuration. + warp_routing: '(Block List, Max: 1) If you''re exposing a private network, you need to add the warp-routing key and set it to true. (see below for nested schema)' + importStatements: [] + cloudflare_tunnel_route: + subCategory: "" + description: Provides a resource, that manages Cloudflare tunnel routes for Zero Trust. Tunnel routes are used to direct IP traffic through Cloudflare Tunnels. + name: cloudflare_tunnel_route + title: cloudflare_tunnel_route Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "comment": "New tunnel route for documentation", + "network": "192.0.2.24/32", + "tunnel_id": "f70ff985-a4ef-4643-bbbc-4a0ed4fc8415", + "virtual_network_id": "bdc39a3c-3104-4c23-8ac0-9f455dda691a" + } + dependencies: + cloudflare_argo_tunnel.tunnel: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "name": "my_tunnel", + "secret": "AQIDBAUGBwgBAgMEBQYHCAECAwQFBgcIAQIDBAUGBwg=" + } + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "comment": "New tunnel route for documentation", + "network": "192.0.2.24/32", + "tunnel_id": "${cloudflare_argo_tunnel.tunnel.id}", + "virtual_network_id": "bdc39a3c-3104-4c23-8ac0-9f455dda691a" + } + references: + tunnel_id: cloudflare_argo_tunnel.tunnel.id + dependencies: + cloudflare_argo_tunnel.tunnel: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "name": "my_tunnel", + "secret": "AQIDBAUGBwgBAgMEBQYHCAECAwQFBgcIAQIDBAUGBwg=" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + comment: (String) Description of the tunnel route. + id: (String) The ID of this resource. + network: (String) The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. + tunnel_id: (String) The ID of the tunnel that will service the tunnel route. + virtual_network_id: (String) The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. Modifying this attribute will force creation of a new resource. + importStatements: + - $ terraform import cloudflare_tunnel_route.example // + cloudflare_tunnel_virtual_network: + subCategory: "" + description: Provides a resource, that manages Cloudflare tunnel virtual networks for Zero Trust. Tunnel virtual networks are used for segregation of Tunnel IP Routes via Virtualized Networks to handle overlapping private IPs in your origins. + name: cloudflare_tunnel_virtual_network + title: cloudflare_tunnel_virtual_network Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "comment": "New tunnel virtual network for documentation", + "name": "vnet-for-documentation" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + comment: (String) Description of the tunnel virtual network. + id: (String) The ID of this resource. + is_default_network: (Boolean) Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. + name: (String) A user-friendly name chosen when the virtual network is created. + importStatements: + - $ terraform import cloudflare_tunnel_virtual_network.example / + cloudflare_url_normalization_settings: + subCategory: "" + description: Provides a resource to manage URL Normalization Settings. + name: cloudflare_url_normalization_settings + title: cloudflare_url_normalization_settings Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "scope": "incoming", + "type": "cloudflare", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + id: (String) The ID of this resource. + scope: (String) The scope of the URL normalization. + type: (String) The type of URL normalization performed by Cloudflare. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: [] + cloudflare_user_agent_blocking_rule: + subCategory: "" + description: Provides a resource to manage User Agent Blocking Rules. + name: cloudflare_user_agent_blocking_rule + title: cloudflare_user_agent_blocking_rule Resource - Cloudflare + examples: + - name: example_1 + manifest: |- + { + "configuration": [ + { + "target": "ua", + "value": "Chrome" + } + ], + "description": "My description 1", + "mode": "js_challenge", + "paused": false, + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + - name: example_2 + manifest: |- + { + "configuration": [ + { + "target": "ua", + "value": "Mozilla" + } + ], + "description": "My description 22", + "mode": "challenge", + "paused": true, + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + configuration: '(Block List, Min: 1, Max: 1) The configuration object for the current rule. (see below for nested schema)' + description: (String) An informative summary of the rule. + id: (String) The ID of this resource. + mode: '(String) The action to apply to a matched request. Available values: block, challenge, js_challenge, managed_challenge.' + paused: (Boolean) When true, indicates that the rule is currently paused. + target: (String) The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. + value: (String) The exact user agent string to match. This value will be compared to the received User-Agent HTTP header value. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: [] + cloudflare_waf_group: + subCategory: "" + description: Provides a Cloudflare WAF rule group resource for a particular zone. + name: cloudflare_waf_group + title: cloudflare_waf_group + examples: + - name: honey_pot + manifest: |- + { + "group_id": "de677e5818985db1285d0e80225f06e5", + "mode": "on", + "zone_id": "ae36f999674d196762efcc5abb06b345" + } + argumentDocs: + group_id: '- (Required) The WAF Rule Group ID.' + id: '- The WAF Rule Group ID, the same as group_id.' + mode: '- (Optional) The mode of the group, can be one of ["on", "off"].' + package_id: '- (Optional) The ID of the WAF Rule Package that contains the group.' + zone_id: '- (Required) The DNS zone ID to apply to.' + importStatements: [] + cloudflare_waf_override: + subCategory: "" + description: Provides a Cloudflare WAF Override resource. + name: cloudflare_waf_override + title: cloudflare_waf_override + examples: + - name: shop_ecxample + manifest: |- + { + "groups": { + "ea8687e59929c1fd05ba97574ad43f77": "default" + }, + "rewrite_action": { + "challenge": "block", + "default": "block" + }, + "rules": { + "100015": "disable" + }, + "urls": [ + "example.com/no-waf-here", + "example.com/another/path/*" + ], + "zone_id": "1d5fdc9e88c8a8c4518b068cd94331fe" + } + argumentDocs: + description: '- (Optional) Description of what the WAF override does.' + groups: '- (Optional) Similar to rules; which WAF groups you want to alter.' + paused: '- (Optional) Whether this package is currently paused.' + priority: '- (Optional) Relative priority of this configuration when multiple configurations match a single URL.' + rewrite_action: '- (Optional) When a WAF rule matches, substitute its configured action for a different action specified by this definition.' + rules: '- (Required) A list of WAF rule ID to rule action you intend to apply.' + urls: '- (Required) An array of URLs to apply the WAF override to.' + zone_id: '- (Required) The DNS zone to which the WAF override condition should be added.' + importStatements: [] + cloudflare_waf_package: + subCategory: "" + description: Provides a Cloudflare WAF rule package resource for a particular zone. + name: cloudflare_waf_package + title: cloudflare_waf_package + examples: + - name: owasp + manifest: |- + { + "action_mode": "simulate", + "package_id": "a25a9a7e9c00afc1fb2e0245519d725b", + "sensitivity": "medium", + "zone_id": "ae36f999674d196762efcc5abb06b345" + } + argumentDocs: + action_mode: '- (Optional) The action mode of the package, can be one of ["block", "challenge", "simulate"].' + id: '- The WAF Package ID, the same as package_id.' + package_id: '- (Required) The WAF Package ID.' + sensitivity: '- (Optional) The sensitivity of the package, can be one of ["high", "medium", "low", "off"].' + zone_id: '- (Required) The DNS zone ID to apply to.' + importStatements: [] + cloudflare_waf_rule: + subCategory: "" + description: Provides a Cloudflare WAF rule resource for a particular zone. + name: cloudflare_waf_rule + title: cloudflare_waf_rule + examples: + - name: rule_100000 + manifest: |- + { + "mode": "simulate", + "rule_id": "100000", + "zone_id": "ae36f999674d196762efcc5abb06b345" + } + argumentDocs: + group_id: '- The ID of the WAF Rule Group that contains the rule.' + id: '- The WAF Rule ID, the same as rule_id.' + mode: '- (Required) The mode of the rule, can be one of ["block", "challenge", "default", "disable", "simulate"] or ["on", "off"] depending on the WAF Rule type.' + package_id: '- (Optional) The ID of the WAF Rule Package that contains the rule.' + rule_id: '- (Required) The WAF Rule ID.' + zone_id: '- (Required) The DNS zone ID to apply to.' + importStatements: [] + cloudflare_waiting_room: + subCategory: "" + description: Provides a Cloudflare Waiting Room resource. + name: cloudflare_waiting_room + title: cloudflare_waiting_room Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "host": "foo.example.com", + "name": "foo", + "new_users_per_minute": 200, + "path": "/", + "total_active_users": 200, + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + create: (String) + custom_page_html: (String) This is a templated html file that will be rendered at the edge. + default_template_language: '(String) The language to use for the default waiting room page. Available values: de-DE, es-ES, en-US, fr-FR, id-ID, it-IT, ja-JP, ko-KR, nl-NL, pl-PL, pt-BR, tr-TR, zh-CN, zh-TW. Defaults to en-US.' + description: (String) A description to add more details about the waiting room. + disable_session_renewal: (Boolean) Disables automatic renewal of session cookies. + host: (String) Host name for which the waiting room will be applied (no wildcards). + id: (String) The ID of this resource. + json_response_enabled: '(Boolean) If true, requests to the waiting room with the header Accept: application/json will receive a JSON response object.' + name: (String) A unique name to identify the waiting room. Modifying this attribute will force creation of a new resource. + new_users_per_minute: (Number) The number of new users that will be let into the route every minute. + path: (String) The path within the host to enable the waiting room on. Defaults to /. + queue_all: (Boolean) If queue_all is true, then all traffic will be sent to the waiting room. + queueing_method: '(String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. Defaults to fifo.' + session_duration: (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to 5. + suspended: (Boolean) Suspends the waiting room. + timeouts: (Block, Optional) (see below for nested schema) + total_active_users: (Number) The total number of active user sessions on the route at a point in time. + update: (String) + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: + - |- + # Use the Zone ID and Waiting Room ID to import. + $ terraform import cloudflare_waiting_room.default / + cloudflare_waiting_room_event: + subCategory: "" + description: Provides a Cloudflare Waiting Room Event resource. + name: cloudflare_waiting_room_event + title: cloudflare_waiting_room_event Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "event_end_time": "2006-01-02T20:04:05Z", + "event_start_time": "2006-01-02T15:04:05Z", + "name": "foo", + "waiting_room_id": "d41d8cd98f00b204e9800998ecf8427e", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + created_on: (String) Creation time. + custom_page_html: (String) This is a templated html file that will be rendered at the edge. + description: (String) A description to let users add more details about the event. + disable_session_renewal: (Boolean) Disables automatic renewal of session cookies. + event_end_time: (String) ISO 8601 timestamp that marks the end of the event. Modifying this attribute will force creation of a new resource. + event_start_time: (String) ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before event_end_time. Modifying this attribute will force creation of a new resource. + id: (String) The ID of this resource. + modified_on: (String) Last modified time. + name: (String) A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. Modifying this attribute will force creation of a new resource. + new_users_per_minute: (Number) The number of new users that will be let into the route every minute. + prequeue_start_time: (String) ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before event_start_time. + queueing_method: '(String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject.' + session_duration: (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. + shuffle_at_event_start: (Boolean) Users in the prequeue will be shuffled randomly at the event_start_time. Requires that prequeue_start_time is not null. Defaults to false. + suspended: (Boolean) If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. + total_active_users: (Number) The total number of active user sessions on the route at a point in time. + waiting_room_id: (String) The Waiting Room ID the event should apply to. Modifying this attribute will force creation of a new resource. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: + - |- + # Use the Zone ID, Waiting Room ID, and Event ID to import. + $ terraform import cloudflare_waiting_room_event.default // + cloudflare_waiting_room_rules: + subCategory: "" + description: Provides a Cloudflare Waiting Room Rules resource. + name: cloudflare_waiting_room_rules + title: cloudflare_waiting_room_rules Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "rules": [ + { + "action": "bypass_waiting_room", + "description": "bypass ip list", + "expression": "src.ip in {192.0.2.0 192.0.2.1}", + "status": "enabled" + }, + { + "action": "bypass_waiting_room", + "description": "bypass query string", + "expression": "http.request.uri.query contains \"bypass=true\"", + "status": "enabled" + } + ], + "waiting_room_id": "d41d8cd98f00b204e9800998ecf8427e", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + argumentDocs: + action: '(String) Action to perform in the ruleset rule. Available values: bypass_waiting_room.' + description: (String) Brief summary of the waiting room rule and its intended use. + expression: (String) Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Waiting Room Rules Docs. + id: (String) The ID of this resource. + rules: (Block List) List of rules to apply to the ruleset. (see below for nested schema) + status: '(String) Whether the rule is enabled or disabled. Available values: enabled, disabled.' + version: (String) Version of the waiting room rule. + waiting_room_id: (String) The Waiting Room ID the rules should apply to. Modifying this attribute will force creation of a new resource. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: + - $ terraform import cloudflare_waiting_room_event.default / + cloudflare_web3_hostname Resource - Cloudflare: + subCategory: "" + description: Manages Web3 hostnames for IPFS and Ethereum gateways. + name: cloudflare_web3_hostname Resource - Cloudflare + title: cloudflare_web3_hostname Resource - Cloudflare + argumentDocs: + created_on: (String) Creation time. + description: (String) An optional description of the hostname. + dnslink: (String) DNSLink value used if the target is ipfs. + id: (String) The ID of this resource. + modified_on: (String) Last modification time. + name: (String) The hostname that will point to the target gateway via CNAME. + status: (String) Status of the hostname's activation. + target: (String) Target gateway of the hostname. + zone_id: (String) The zone identifier to target for the resource. + importStatements: [] + cloudflare_worker_cron_trigger: + subCategory: "" + description: Worker Cron Triggers allow users to map a cron expression to a Worker script using a ScheduledEvent listener that enables Workers to be executed on a schedule. Worker Cron Triggers are ideal for running periodic jobs for maintenance or calling third-party APIs to collect up-to-date data. + name: cloudflare_worker_cron_trigger + title: cloudflare_worker_cron_trigger Resource - Cloudflare + examples: + - name: example_trigger + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "schedules": [ + "*/5 * * * *", + "10 7 * * mon-fri" + ], + "script_name": "${cloudflare_worker_script.example_script.name}" + } + references: + script_name: cloudflare_worker_script.example_script.name + dependencies: + cloudflare_worker_script.example_script: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "content": "${file(\"path/to/my.js\")}", + "name": "example-script" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. + id: (String) The ID of this resource. + schedules: (Set of String) Cron expressions to execute the Worker script. + script_name: (String) Worker script to target for the schedules. + importStatements: + - $ terraform import cloudflare_worker_cron_trigger.example / + cloudflare_worker_route: + subCategory: "" + description: Provides a Cloudflare worker route resource. A route will also require a cloudflare_worker_script. + name: cloudflare_worker_route + title: cloudflare_worker_route Resource - Cloudflare + examples: + - name: my_route + manifest: |- + { + "pattern": "example.com/*", + "script_name": "${cloudflare_worker_script.my_script.name}", + "zone_id": "0da42c8d2132a9ddaf714f9e7c920711" + } + references: + script_name: cloudflare_worker_script.my_script.name + dependencies: + cloudflare_worker_script.my_script: '{}' + argumentDocs: + id: (String) The ID of this resource. + pattern: (String) The route pattern to associate the Worker with. + script_name: (String) Worker script name to invoke for requests that match the route pattern. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: + - $ terraform import cloudflare_worker_route.example / + cloudflare_worker_script: + subCategory: "" + description: Provides a Cloudflare worker script resource. In order for a script to be active, you'll also need to setup a cloudflare_worker_route. + name: cloudflare_worker_script + title: cloudflare_worker_script Resource - Cloudflare + examples: + - name: my_script + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "analytics_engine_binding": [ + { + "dataset": "dataset1", + "name": "MY_DATASET" + } + ], + "content": "${file(\"script.js\")}", + "kv_namespace_binding": [ + { + "name": "MY_EXAMPLE_KV_NAMESPACE", + "namespace_id": "${cloudflare_workers_kv_namespace.my_namespace.id}" + } + ], + "name": "script_1", + "plain_text_binding": [ + { + "name": "MY_EXAMPLE_PLAIN_TEXT", + "text": "foobar" + } + ], + "r2_bucket_binding": [ + { + "bucket_name": "MY_BUCKET_NAME", + "name": "MY_BUCKET" + } + ], + "secret_text_binding": [ + { + "name": "MY_EXAMPLE_SECRET_TEXT", + "text": "${var.secret_foo_value}" + } + ], + "service_binding": [ + { + "environment": "production", + "name": "MY_SERVICE_BINDING", + "service": "MY_SERVICE" + } + ], + "webassembly_binding": [ + { + "module": "${filebase64(\"example.wasm\")}", + "name": "MY_EXAMPLE_WASM" + } + ] + } + references: + kv_namespace_binding.namespace_id: cloudflare_workers_kv_namespace.my_namespace.id + secret_text_binding.text: var.secret_foo_value + dependencies: + cloudflare_workers_kv_namespace.my_namespace: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "title": "example" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. + analytics_engine_binding: (Block Set) (see below for nested schema) + bucket_name: (String) The name of the Bucket to bind to. + content: (String) The script content. + dataset: (String) The name of the Analytics Engine dataset to write to. + environment: (String) The name of the Worker environment to bind to. + id: (String) The ID of this resource. + kv_namespace_binding: (Block Set) (see below for nested schema) + module: (Boolean) Whether to upload Worker as a module. + name: (String) The name for the script. Modifying this attribute will force creation of a new resource. + namespace_id: (String) ID of the KV namespace you want to use. + plain_text_binding: (Block Set) (see below for nested schema) + r2_bucket_binding: (Block Set) (see below for nested schema) + secret_text_binding: (Block Set) (see below for nested schema) + service: (String) The name of the Worker to bind to. + service_binding: (Block Set) (see below for nested schema) + text: (String) The plain text you want to store. + webassembly_binding: (Block Set) (see below for nested schema) + importStatements: + - $ terraform import cloudflare_worker_script.example / + cloudflare_workers_kv: + subCategory: "" + description: Provides a resource to manage a Cloudflare Workers KV Pair. + name: cloudflare_workers_kv + title: cloudflare_workers_kv Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "key": "test-key", + "namespace_id": "${cloudflare_workers_kv_namespace.example_ns.id}", + "value": "test value" + } + references: + namespace_id: cloudflare_workers_kv_namespace.example_ns.id + dependencies: + cloudflare_workers_kv_namespace.example_ns: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "title": "test-namespace" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. + id: (String) The ID of this resource. + key: (String) Name of the KV pair. Modifying this attribute will force creation of a new resource. + namespace_id: (String) The ID of the Workers KV namespace in which you want to create the KV pair. Modifying this attribute will force creation of a new resource. + value: (String) Value of the KV pair. + importStatements: + - $ terraform import cloudflare_workers_kv.example // + cloudflare_workers_kv_namespace: + subCategory: "" + description: Provides the ability to manage Cloudflare Workers KV Namespace features. + name: cloudflare_workers_kv_namespace + title: cloudflare_workers_kv_namespace Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "title": "test-namespace" + } + argumentDocs: + account_id: (String) The account identifier to target for the resource. + id: (String) The ID of this resource. + title: (String) Title value of the Worker KV Namespace. + importStatements: + - $ terraform import cloudflare_workers_kv_namespace.example / + cloudflare_zone: + subCategory: "" + description: Provides a Cloudflare Zone resource. Zone is the basic resource for working with Cloudflare and is roughly equivalent to a domain name that the user purchases. + name: cloudflare_zone + title: cloudflare_zone Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "account_id": "f037e56e89293a057740de681ac9abbe", + "zone": "example.com" + } + argumentDocs: + account_id: (String) Account ID to manage the zone resource in. + id: (String) The ID of this resource. + jump_start: (Boolean) Whether to scan for DNS records on creation. Ignored after zone is created. + meta: (Map of Boolean) + name_servers: (List of String) Cloudflare-assigned name servers. This is only populated for zones that use Cloudflare DNS. + paused: (Boolean) Whether this zone is paused (traffic bypasses Cloudflare). Defaults to false. + plan: '(String) The name of the commercial plan to apply to the zone. Available values: free, lite, pro, pro_plus, business, enterprise, partners_free, partners_pro, partners_business, partners_enterprise.' + status: '(String) Status of the zone. Available values: active, pending, initializing, moved, deleted, deactivated.' + type: '(String) A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. Available values: full, partial. Defaults to full.' + vanity_name_servers: (List of String) List of Vanity Nameservers (if set). + verification_key: (String) Contains the TXT record value to validate domain ownership. This is only populated for zones of type partial. + zone: (String) The DNS zone name which will be added. Modifying this attribute will force creation of a new resource. + importStatements: + - $ terraform import cloudflare_zone.example + cloudflare_zone_cache_variants: + subCategory: "" + description: Provides a resource which customizes Cloudflare zone cache variants setting. + name: cloudflare_zone_cache_variants + title: cloudflare_zone_cache_variants + examples: + - name: example + manifest: |- + { + "avif": [ + "image/avif", + "image/webp" + ], + "bmp": [ + "image/bmp", + "image/webp" + ], + "gif": [ + "image/gif", + "image/webp" + ], + "jp2": [ + "image/jp2", + "image/webp" + ], + "jpeg": [ + "image/jpeg", + "image/webp" + ], + "jpg": [ + "image/jpg", + "image/webp" + ], + "jpg2": [ + "image/jpg2", + "image/webp" + ], + "png": [ + "image/png", + "image/webp" + ], + "tif": [ + "image/tif", + "image/webp" + ], + "tiff": [ + "image/tiff", + "image/webp" + ], + "webp": [ + "image/jpeg", + "image/webp" + ], + "zone_id": "7df50664b7f90274f4d77cdfee701380" + } + argumentDocs: + avif: '- (Optional) List of strings with the MIME types of all the variants that should be served for avif' + bmp: '- (Optional) List of strings with the MIME types of all the variants that should be served for bmp' + gif: '- (Optional) List of strings with the MIME types of all the variants that should be served for gif' + jp2: '- (Optional) List of strings with the MIME types of all the variants that should be served for jp2' + jpeg: '- (Optional) List of strings with the MIME types of all the variants that should be served for jpeg' + jpg: '- (Optional) List of strings with the MIME types of all the variants that should be served for jpg' + jpg2: '- (Optional) List of strings with the MIME types of all the variants that should be served for jpg2' + png: '- (Optional) List of strings with the MIME types of all the variants that should be served for png' + tif: '- (Optional) List of strings with the MIME types of all the variants that should be served for tif' + tiff: '- (Optional) List of strings with the MIME types of all the variants that should be served for tiff' + webp: '- (Optional) List of strings with the MIME types of all the variants that should be served for webp' + zone_id: '- (Required) The ID of the DNS zone in which to apply the cache variants setting' + importStatements: [] + cloudflare_zone_dnssec: + subCategory: "" + description: Provides a Cloudflare resource to create and modify zone DNSSEC settings. + name: cloudflare_zone_dnssec + title: cloudflare_zone_dnssec Resource - Cloudflare + examples: + - name: example + manifest: |- + { + "zone_id": "${cloudflare_zone.example.id}" + } + references: + zone_id: cloudflare_zone.example.id + dependencies: + cloudflare_zone.example: |- + { + "zone": "example.com" + } + argumentDocs: + algorithm: (String) Zone DNSSEC algorithm. + digest: (String) Zone DNSSEC digest. + digest_algorithm: (String) Digest algorithm use for Zone DNSSEC. + digest_type: (String) Digest Type for Zone DNSSEC. + ds: (String) DS for the Zone DNSSEC. + flags: (Number) Zone DNSSEC flags. + id: (String) The ID of this resource. + key_tag: (Number) Key Tag for the Zone DNSSEC. + key_type: (String) Key type used for Zone DNSSEC. + modified_on: (String) Zone DNSSEC updated time. + public_key: (String) Public Key for the Zone DNSSEC. + status: (String) The status of the Zone DNSSEC. + zone_id: (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + importStatements: + - $ terraform import cloudflare_zone_dnssec.example + cloudflare_zone_lockdown: + subCategory: "" + description: Provides a Cloudflare resource to lock down access to URLs by IP address or IP ranges. + name: cloudflare_zone_lockdown + title: cloudflare_zone_lockdown + examples: + - name: endpoint_lockdown + manifest: |- + { + "configurations": [ + { + "target": "ip_range", + "value": "198.51.100.0/16" + } + ], + "description": "Restrict access to these endpoints to requests from a known IP address range", + "paused": "false", + "urls": [ + "api.mysite.com/some/endpoint*" + ], + "zone_id": "d41d8cd98f00b204e9800998ecf8427e" + } + - name: endpoint_lockdown + manifest: |- + { + "configurations": [ + { + "target": "ip", + "value": "198.51.100.4" + }, + { + "target": "ip", + "value": "198.51.100.5" + } + ], + "description": "Restrict access to these endpoints to requests from two known IP addresses", + "paused": "false", + "urls": [ + "api.mysite.com/some/endpoint*" + ], + "zone_id": "d41d8cd98f00b204e9800998ecf8427e" + } + argumentDocs: + 37cb64fe4a90adb5ca3afc04f2c82a2f: '- zone lockdown ID as returned by API' + configurations: '- (Required) A list of IP addresses or IP ranges to match the request against specified in target, value pairs. It''s a complex value. See description below. The order of the configuration entries is unimportant.' + d41d8cd98f00b204e9800998ecf8427e: '- zone ID' + description: '- (Optional) A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.' + id: '- The access rule ID.' + paused: '- (Optional) Boolean of whether this zone lockdown is currently paused. Default: false.' + target: '- (Required) The request property to target. Allowed values: "ip", "ip_range"' + urls: '- (Required) A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.' + value: '- (Required) The value to target. Depends on target''s type. IP addresses should just be standard IPv4/IPv6 notation i.e. 198.51.100.4 or 2001:db8::/32 and IP ranges in CIDR format i.e. 198.51.0.0/16.' + zone_id: '- (Required) The DNS zone ID to which the access rule should be added.' + importStatements: [] + cloudflare_zone_settings_override: + subCategory: "" + description: Provides a resource which customizes Cloudflare zone settings. + name: cloudflare_zone_settings_override + title: cloudflare_zone_settings_override + examples: + - name: test + manifest: |- + { + "settings": [ + { + "automatic_https_rewrites": "on", + "brotli": "on", + "challenge_ttl": 2700, + "minify": [ + { + "css": "on", + "html": "off", + "js": "off" + } + ], + "mirage": "on", + "opportunistic_encryption": "on", + "security_header": [ + { + "enabled": true + } + ], + "security_level": "high", + "waf": "on" + } + ], + "zone_id": "${var.cloudflare_zone_id}" + } + references: + zone_id: var.cloudflare_zone_id + argumentDocs: + always_online: '(default: on)' + always_use_https: '(default: off)' + automatic_https_rewrites: (default value depends on the zone's plan level) + binary_ast: '(default: off)' + brotli: '(default: off)' + browser_cache_ttl: '(default: 14400)' + browser_check: '(default: on)' + cache_level: '- Allowed values: "aggressive" (default) - delivers a different resource each time the query string changes, "basic" - delivers resources from cache when there is no query string, "simplified" - delivers the same resource to everyone independent of the query string.' + challenge_ttl: '(default: 1800)' + ciphers: '- An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.' + cname_flattening: '- Allowed values: "flatten_at_root" (default), "flatten_all", "flatten_none".' + css: (Required) "on"/"off" + development_mode: '(default: off)' + early_hints: '(default: off)' + email_obfuscation: '(default: on)' + enabled: (Optional) true/false + filter_logs_to_cloudflare: '(default: off)' + h2_prioritization: '- Allowed values: "on", "off" (default), "custom".' + hotlink_protection: '(default: off)' + html: (Required) "on"/"off" + http2: '(default: off)' + http3: '(default: off)' + id: '- The zone ID.' + image_resizing: '- Allowed values: "on", "off" (default), "open".' + include_subdomains: (Optional) true/false + initial_settings: '- Settings present in the zone at the time the resource is created. This will be used to restore the original settings when this resource is destroyed. Shares the same schema as the settings attribute (Above).' + initial_settings_read_at: '- Time when this resource was created and the initial_settings were set.' + ip_geolocation: '(default: on)' + ipv6: '(default: off)' + js: (Required)"on"/"off" + log_to_cloudflare: '(default: off)' + max_age: (Optional) Integer + max_upload: '(default: 100)' + min_tls_version: '- Allowed values: "1.0" (default), "1.1", "1.2", "1.3".' + mirage: '(default: off)' + mobile_subdomain: (Required) String value + nosniff: (Optional) true/false + opportunistic_encryption: (default value depends on the zone's plan level) + opportunistic_onion: '(default: off)' + orange_to_orange: '(default: off)' + origin_error_page_pass_thru: '(default: off)' + origin_max_http_version: '- Allowed values: "1" (default on Enterprise), "2" (default)' + polish: '- Allowed values: "off" (default), "lossless", "lossy".' + prefetch_preload: '(default: off)' + preload: (Optional) true/false + privacy_pass: '(default: on)' + proxy_read_timeout: '(default: "100")' + pseudo_ipv4: '- Allowed values: "off" (default), "add_header", "overwrite_header".' + readonly_settings: '- Which of the current settings are not able to be set by the user. Which settings these are is determined by plan level and user permissions.' + response_buffering: '(default: off)' + rocket_loader: '(default: off)' + security_level: '- Allowed values: "off" (Enterprise only), "essentially_off", "low", "medium" (default), "high", "under_attack".' + server_side_exclude: '(default: on)' + settings: '- (Optional) Settings overrides that will be applied to the zone. If a setting is not specified the existing setting will be used. For a full list of available settings see below.' + sort_query_string_for_cache: '(default: off)' + ssl: '- Allowed values: "off" (default), "flexible", "full", "strict", "origin_pull".' + status: (Required) "on"/"off" + strip_uri: (Required) true/false + tls_1_3: '- Allowed values: "off" (default), "on", "zrt".' + tls_client_auth: '(default: on)' + true_client_ip_header: '(default: off)' + universal_ssl: '(default: on)' + visitor_ip: '(default: off)' + waf: '(default: off)' + webp: '(default: off). Note that the value specified will be ignored unless polish is turned on (i.e. is "lossless" or "lossy")' + websockets: '(default: off)' + zero_rtt: '(default: off)' + zone_id: '- (Required) The DNS zone ID to which apply settings.' + zone_status: . A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. + zone_type: '. Status of the zone. Valid values: active, pending, initializing, moved, deleted, deactivated.' + importStatements: [] diff --git a/config/provider.go b/config/provider.go index 21d1c97..6f45585 100644 --- a/config/provider.go +++ b/config/provider.go @@ -8,7 +8,7 @@ import ( // Note(turkenh): we are importing this to embed provider schema document _ "embed" - ujconfig "github.com/upbound/upjet/pkg/config" + ujconfig "github.com/crossplane/upjet/pkg/config" "github.com/cdloh/provider-cloudflare/config/access" "github.com/cdloh/provider-cloudflare/config/account" diff --git a/config/ruleset/config.go b/config/ruleset/config.go index 5b4c582..08197be 100644 --- a/config/ruleset/config.go +++ b/config/ruleset/config.go @@ -1,6 +1,6 @@ package ruleset -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for ruleset group. func Configure(p *config.Provider) { diff --git a/config/spectrum/config.go b/config/spectrum/config.go index 4df2cf7..359b50f 100644 --- a/config/spectrum/config.go +++ b/config/spectrum/config.go @@ -1,6 +1,6 @@ package spectrum -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for spectrum group. func Configure(p *config.Provider) { diff --git a/config/teams/config.go b/config/teams/config.go index 022c6e8..082d4a3 100644 --- a/config/teams/config.go +++ b/config/teams/config.go @@ -1,6 +1,6 @@ package teams -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for teams group. func Configure(p *config.Provider) { diff --git a/config/waf/config.go b/config/waf/config.go index 09f1f39..cf86a4e 100644 --- a/config/waf/config.go +++ b/config/waf/config.go @@ -1,6 +1,6 @@ package waf -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for waf group. func Configure(p *config.Provider) { diff --git a/config/waitingroom/config.go b/config/waitingroom/config.go index 5505a0a..6aab0d0 100644 --- a/config/waitingroom/config.go +++ b/config/waitingroom/config.go @@ -1,6 +1,6 @@ package waitingroom -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" const ( shortGroupName = "waitingroom" diff --git a/config/warp/config.go b/config/warp/config.go index 1406033..fe37729 100644 --- a/config/warp/config.go +++ b/config/warp/config.go @@ -1,6 +1,6 @@ package warp -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" const ( shortGroupName = "WARP" diff --git a/config/web3/config.go b/config/web3/config.go index 8f42919..6906605 100644 --- a/config/web3/config.go +++ b/config/web3/config.go @@ -1,6 +1,6 @@ package web3 -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" // Configure adds configurations for web3 group. func Configure(p *config.Provider) { diff --git a/config/worker/config.go b/config/worker/config.go index d9e9545..88785d2 100644 --- a/config/worker/config.go +++ b/config/worker/config.go @@ -1,6 +1,6 @@ package worker -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" const ( shortGroupName = "worker" diff --git a/config/zone/config.go b/config/zone/config.go index 0467aca..696ccf4 100644 --- a/config/zone/config.go +++ b/config/zone/config.go @@ -1,6 +1,6 @@ package zone -import "github.com/upbound/upjet/pkg/config" +import "github.com/crossplane/upjet/pkg/config" const ( shortGroupName = "Zone" diff --git a/examples-generated/access/v1alpha1/application.yaml b/examples-generated/access/v1alpha1/application.yaml new file mode 100644 index 0000000..dc22a0d --- /dev/null +++ b/examples-generated/access/v1alpha1/application.yaml @@ -0,0 +1,18 @@ +apiVersion: access.cloudflare.upbound.io/v1alpha1 +kind: Application +metadata: + annotations: + meta.upbound.io/example-id: access/v1alpha1/application + labels: + testing.upbound.io/example-name: staging_app + name: staging-app +spec: + forProvider: + autoRedirectToIdentity: false + domain: staging.example.com + name: staging application + sessionDuration: 24h + type: self_hosted + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/access/v1alpha1/bookmark.yaml b/examples-generated/access/v1alpha1/bookmark.yaml new file mode 100644 index 0000000..435926f --- /dev/null +++ b/examples-generated/access/v1alpha1/bookmark.yaml @@ -0,0 +1,17 @@ +apiVersion: access.cloudflare.upbound.io/v1alpha1 +kind: Bookmark +metadata: + annotations: + meta.upbound.io/example-id: access/v1alpha1/bookmark + labels: + testing.upbound.io/example-name: my_bookmark_app + name: my-bookmark-app +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + appLauncherVisible: true + domain: example.com + logoUrl: https://example.com/example.png + name: My Bookmark App diff --git a/examples-generated/access/v1alpha1/cacertificate.yaml b/examples-generated/access/v1alpha1/cacertificate.yaml new file mode 100644 index 0000000..f156ee8 --- /dev/null +++ b/examples-generated/access/v1alpha1/cacertificate.yaml @@ -0,0 +1,16 @@ +apiVersion: access.cloudflare.upbound.io/v1alpha1 +kind: CACertificate +metadata: + annotations: + meta.upbound.io/example-id: access/v1alpha1/cacertificate + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + applicationIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/access/v1alpha1/group.yaml b/examples-generated/access/v1alpha1/group.yaml new file mode 100644 index 0000000..f4b214f --- /dev/null +++ b/examples-generated/access/v1alpha1/group.yaml @@ -0,0 +1,17 @@ +apiVersion: access.cloudflare.upbound.io/v1alpha1 +kind: Group +metadata: + annotations: + meta.upbound.io/example-id: access/v1alpha1/group + labels: + testing.upbound.io/example-name: test_group + name: test-group +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + include: + - email: + - test@example.com + name: staging group diff --git a/examples-generated/access/v1alpha1/identityprovider.yaml b/examples-generated/access/v1alpha1/identityprovider.yaml new file mode 100644 index 0000000..720117b --- /dev/null +++ b/examples-generated/access/v1alpha1/identityprovider.yaml @@ -0,0 +1,15 @@ +apiVersion: access.cloudflare.upbound.io/v1alpha1 +kind: IdentityProvider +metadata: + annotations: + meta.upbound.io/example-id: access/v1alpha1/identityprovider + labels: + testing.upbound.io/example-name: pin_login + name: pin-login +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + name: PIN login + type: onetimepin diff --git a/examples-generated/access/v1alpha1/mutualtlscertificate.yaml b/examples-generated/access/v1alpha1/mutualtlscertificate.yaml new file mode 100644 index 0000000..ed22d16 --- /dev/null +++ b/examples-generated/access/v1alpha1/mutualtlscertificate.yaml @@ -0,0 +1,17 @@ +apiVersion: access.cloudflare.upbound.io/v1alpha1 +kind: MutualTLSCertificate +metadata: + annotations: + meta.upbound.io/example-id: access/v1alpha1/mutualtlscertificate + labels: + testing.upbound.io/example-name: my_cert + name: my-cert +spec: + forProvider: + associatedHostnames: + - staging.example.com + certificate: ${var.ca_pem} + name: My Root Cert + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/access/v1alpha1/organization.yaml b/examples-generated/access/v1alpha1/organization.yaml new file mode 100644 index 0000000..7d6f6e2 --- /dev/null +++ b/examples-generated/access/v1alpha1/organization.yaml @@ -0,0 +1,22 @@ +apiVersion: access.cloudflare.upbound.io/v1alpha1 +kind: Organization +metadata: + annotations: + meta.upbound.io/example-id: access/v1alpha1/organization + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + authDomain: example.cloudflareaccess.com + isUiReadOnly: false + loginDesign: + - backgroundColor: '#ffffff' + footerText: My footer text + headerText: My header text + logoPath: https://example.com/logo.png + textColor: '#000000' + name: example.cloudflareaccess.com diff --git a/examples-generated/access/v1alpha1/policy.yaml b/examples-generated/access/v1alpha1/policy.yaml new file mode 100644 index 0000000..839975c --- /dev/null +++ b/examples-generated/access/v1alpha1/policy.yaml @@ -0,0 +1,25 @@ +apiVersion: access.cloudflare.upbound.io/v1alpha1 +kind: Policy +metadata: + annotations: + meta.upbound.io/example-id: access/v1alpha1/policy + labels: + testing.upbound.io/example-name: test_policy + name: test-policy +spec: + forProvider: + applicationIdSelector: + matchLabels: + testing.upbound.io/example-name: example + decision: allow + include: + - email: + - test@example.com + name: staging policy + precedence: "1" + require: + - email: + - test@example.com + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/access/v1alpha1/rule.yaml b/examples-generated/access/v1alpha1/rule.yaml new file mode 100644 index 0000000..8aaae42 --- /dev/null +++ b/examples-generated/access/v1alpha1/rule.yaml @@ -0,0 +1,18 @@ +apiVersion: access.cloudflare.upbound.io/v1alpha1 +kind: Rule +metadata: + annotations: + meta.upbound.io/example-id: access/v1alpha1/rule + labels: + testing.upbound.io/example-name: tor_exit_nodes + name: tor-exit-nodes +spec: + forProvider: + configuration: + - target: country + value: T1 + mode: challenge + notes: Requests coming from known Tor exit nodes + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/access/v1alpha1/servicetoken.yaml b/examples-generated/access/v1alpha1/servicetoken.yaml new file mode 100644 index 0000000..5d3eb5d --- /dev/null +++ b/examples-generated/access/v1alpha1/servicetoken.yaml @@ -0,0 +1,14 @@ +apiVersion: access.cloudflare.upbound.io/v1alpha1 +kind: ServiceToken +metadata: + annotations: + meta.upbound.io/example-id: access/v1alpha1/servicetoken + labels: + testing.upbound.io/example-name: my_app + name: my-app +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + name: CI/CD app diff --git a/examples-generated/account/v1alpha1/account.yaml b/examples-generated/account/v1alpha1/account.yaml new file mode 100644 index 0000000..91e6aaa --- /dev/null +++ b/examples-generated/account/v1alpha1/account.yaml @@ -0,0 +1,13 @@ +apiVersion: account.cloudflare.upbound.io/v1alpha1 +kind: Account +metadata: + annotations: + meta.upbound.io/example-id: account/v1alpha1/account + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + enforceTwofactor: true + name: some-enterprise-account + type: enterprise diff --git a/examples-generated/account/v1alpha1/apitoken.yaml b/examples-generated/account/v1alpha1/apitoken.yaml new file mode 100644 index 0000000..d71f2bf --- /dev/null +++ b/examples-generated/account/v1alpha1/apitoken.yaml @@ -0,0 +1,25 @@ +apiVersion: account.cloudflare.upbound.io/v1alpha1 +kind: APIToken +metadata: + annotations: + meta.upbound.io/example-id: account/v1alpha1/apitoken + labels: + testing.upbound.io/example-name: api_token_create + name: api-token-create +spec: + forProvider: + condition: + - requestIp: + - in: + - 192.0.2.1/32 + notIn: + - 198.51.100.1/32 + name: api_token_create + policy: + - expires_on: "2020-01-01T00:00:00Z" + not_before: "2018-07-01T05:20:00Z" + permissionGroups: + - ${data.cloudflare_api_token_permission_groups.all.permissions["API Tokens + Write"]} + resources: + com.cloudflare.api.user.${var.user_id}: '*' diff --git a/examples-generated/account/v1alpha1/member.yaml b/examples-generated/account/v1alpha1/member.yaml new file mode 100644 index 0000000..21bb17a --- /dev/null +++ b/examples-generated/account/v1alpha1/member.yaml @@ -0,0 +1,14 @@ +apiVersion: account.cloudflare.upbound.io/v1alpha1 +kind: Member +metadata: + annotations: + meta.upbound.io/example-id: account/v1alpha1/member + labels: + testing.upbound.io/example-name: example_user + name: example-user +spec: + forProvider: + emailAddress: user@example.com + roleIds: + - 68b329da9893e34099c7d8ad5cb9c940 + - d784fa8b6d98d27699781bd9a7cf19f0 diff --git a/examples-generated/apishield/v1alpha1/apishield.yaml b/examples-generated/apishield/v1alpha1/apishield.yaml new file mode 100644 index 0000000..be754c4 --- /dev/null +++ b/examples-generated/apishield/v1alpha1/apishield.yaml @@ -0,0 +1,16 @@ +apiVersion: apishield.cloudflare.upbound.io/v1alpha1 +kind: APIShield +metadata: + annotations: + meta.upbound.io/example-id: apishield/v1alpha1/apishield + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + authIdCharacteristics: + - name: my-example-header + type: header + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/argo/v1alpha1/argo.yaml b/examples-generated/argo/v1alpha1/argo.yaml new file mode 100644 index 0000000..87f5aaf --- /dev/null +++ b/examples-generated/argo/v1alpha1/argo.yaml @@ -0,0 +1,15 @@ +apiVersion: argo.cloudflare.upbound.io/v1alpha1 +kind: Argo +metadata: + annotations: + meta.upbound.io/example-id: argo/v1alpha1/argo + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + smartRouting: "on" + tieredCaching: "on" + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/argo/v1alpha1/tunnel.yaml b/examples-generated/argo/v1alpha1/tunnel.yaml new file mode 100644 index 0000000..fa89798 --- /dev/null +++ b/examples-generated/argo/v1alpha1/tunnel.yaml @@ -0,0 +1,18 @@ +apiVersion: argo.cloudflare.upbound.io/v1alpha1 +kind: Tunnel +metadata: + annotations: + meta.upbound.io/example-id: argo/v1alpha1/tunnel + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + name: my-tunnel + secretSecretRef: + key: example-key + name: example-secret + namespace: upbound-system diff --git a/examples-generated/argo/v1alpha1/tunnelconfig.yaml b/examples-generated/argo/v1alpha1/tunnelconfig.yaml new file mode 100644 index 0000000..a57d631 --- /dev/null +++ b/examples-generated/argo/v1alpha1/tunnelconfig.yaml @@ -0,0 +1,67 @@ +apiVersion: argo.cloudflare.upbound.io/v1alpha1 +kind: TunnelConfig +metadata: + annotations: + meta.upbound.io/example-id: argo/v1alpha1/tunnelconfig + labels: + testing.upbound.io/example-name: example_config + name: example-config +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + config: + - ingressRule: + - hostname: foo + path: /bar + service: http://10.0.0.2:8080 + - service: https://10.0.0.3:8081 + originRequest: + - bastionMode: false + caPool: /path/to/unsigned/ca/pool + connectTimeout: 1m0s + disableChunkedEncoding: false + httpHostHeader: baz + ipRules: + - allow: false + ports: + - 80 + - 443 + prefix: /web + keepAliveConnections: 1024 + keepAliveTimeout: 1m0s + noHappyEyeballs: false + noTlsVerify: false + originServerName: foobar + proxyAddress: 10.0.0.1 + proxyPort: "8123" + proxyType: socks + tcpKeepAlive: 1m0s + tlsTimeout: 1m0s + warpRouting: + - enabled: true + tunnelIdSelector: + matchLabels: + testing.upbound.io/example-name: example_tunnel + +--- + +apiVersion: argo.cloudflare.upbound.io/v1alpha1 +kind: Tunnel +metadata: + annotations: + meta.upbound.io/example-id: argo/v1alpha1/tunnelconfig + labels: + testing.upbound.io/example-name: example_tunnel + name: example-tunnel +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + name: example_tunnel + secretSecretRef: + key: example-key + name: example-secret + namespace: upbound-system diff --git a/examples-generated/argo/v1alpha1/tunnelroute.yaml b/examples-generated/argo/v1alpha1/tunnelroute.yaml new file mode 100644 index 0000000..cecb513 --- /dev/null +++ b/examples-generated/argo/v1alpha1/tunnelroute.yaml @@ -0,0 +1,42 @@ +apiVersion: argo.cloudflare.upbound.io/v1alpha1 +kind: TunnelRoute +metadata: + annotations: + meta.upbound.io/example-id: argo/v1alpha1/tunnelroute + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + comment: New tunnel route for documentation + network: 192.0.2.24/32 + tunnelIdSelector: + matchLabels: + testing.upbound.io/example-name: example + virtualNetworkIdSelector: + matchLabels: + testing.upbound.io/example-name: example + +--- + +apiVersion: argo.cloudflare.upbound.io/v1alpha1 +kind: Tunnel +metadata: + annotations: + meta.upbound.io/example-id: argo/v1alpha1/tunnelroute + labels: + testing.upbound.io/example-name: tunnel + name: tunnel +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + name: my_tunnel + secretSecretRef: + key: example-key + name: example-secret + namespace: upbound-system diff --git a/examples-generated/argo/v1alpha1/tunnelvirtualnetwork.yaml b/examples-generated/argo/v1alpha1/tunnelvirtualnetwork.yaml new file mode 100644 index 0000000..b36956e --- /dev/null +++ b/examples-generated/argo/v1alpha1/tunnelvirtualnetwork.yaml @@ -0,0 +1,15 @@ +apiVersion: argo.cloudflare.upbound.io/v1alpha1 +kind: TunnelVirtualNetwork +metadata: + annotations: + meta.upbound.io/example-id: argo/v1alpha1/tunnelvirtualnetwork + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + comment: New tunnel virtual network for documentation + name: vnet-for-documentation diff --git a/examples-generated/authenticatedoriginpulls/v1alpha1/authenticatedoriginspulls.yaml b/examples-generated/authenticatedoriginpulls/v1alpha1/authenticatedoriginspulls.yaml new file mode 100644 index 0000000..74e5e14 --- /dev/null +++ b/examples-generated/authenticatedoriginpulls/v1alpha1/authenticatedoriginspulls.yaml @@ -0,0 +1,58 @@ +apiVersion: authenticatedoriginpulls.cloudflare.upbound.io/v1alpha1 +kind: AuthenticatedOriginsPulls +metadata: + annotations: + meta.upbound.io/example-id: authenticatedoriginpulls/v1alpha1/authenticatedoriginspulls + labels: + testing.upbound.io/example-name: my_aop + name: my-aop +spec: + forProvider: + enabled: true + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example + +--- + +apiVersion: authenticatedoriginpulls.cloudflare.upbound.io/v1alpha1 +kind: Certificate +metadata: + annotations: + meta.upbound.io/example-id: authenticatedoriginpulls/v1alpha1/authenticatedoriginspulls + labels: + testing.upbound.io/example-name: my_per_hostname_aop_cert + name: my-per-hostname-aop-cert +spec: + forProvider: + certificate: '-----INSERT CERTIFICATE-----' + privateKeySecretRef: + key: example-key + name: example-secret + namespace: upbound-system + type: per-hostname + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example + +--- + +apiVersion: authenticatedoriginpulls.cloudflare.upbound.io/v1alpha1 +kind: Certificate +metadata: + annotations: + meta.upbound.io/example-id: authenticatedoriginpulls/v1alpha1/authenticatedoriginspulls + labels: + testing.upbound.io/example-name: my_per_zone_aop_cert + name: my-per-zone-aop-cert +spec: + forProvider: + certificate: '-----INSERT CERTIFICATE-----' + privateKeySecretRef: + key: example-key + name: example-secret + namespace: upbound-system + type: per-zone + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/authenticatedoriginpulls/v1alpha1/certificate.yaml b/examples-generated/authenticatedoriginpulls/v1alpha1/certificate.yaml new file mode 100644 index 0000000..8020348 --- /dev/null +++ b/examples-generated/authenticatedoriginpulls/v1alpha1/certificate.yaml @@ -0,0 +1,19 @@ +apiVersion: authenticatedoriginpulls.cloudflare.upbound.io/v1alpha1 +kind: Certificate +metadata: + annotations: + meta.upbound.io/example-id: authenticatedoriginpulls/v1alpha1/certificate + labels: + testing.upbound.io/example-name: my_per_zone_aop_cert + name: my-per-zone-aop-cert +spec: + forProvider: + certificate: '-----INSERT CERTIFICATE-----' + privateKeySecretRef: + key: example-key + name: example-secret + namespace: upbound-system + type: per-zone + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/byoip/v1alpha1/ipprefix.yaml b/examples-generated/byoip/v1alpha1/ipprefix.yaml new file mode 100644 index 0000000..9a6f2c0 --- /dev/null +++ b/examples-generated/byoip/v1alpha1/ipprefix.yaml @@ -0,0 +1,16 @@ +apiVersion: byoip.cloudflare.upbound.io/v1alpha1 +kind: IPPrefix +metadata: + annotations: + meta.upbound.io/example-id: byoip/v1alpha1/ipprefix + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + advertisement: "on" + description: Example IP Prefix + prefixId: d41d8cd98f00b204e9800998ecf8427e diff --git a/examples-generated/certificate/v1alpha1/pack.yaml b/examples-generated/certificate/v1alpha1/pack.yaml new file mode 100644 index 0000000..fa03a71 --- /dev/null +++ b/examples-generated/certificate/v1alpha1/pack.yaml @@ -0,0 +1,21 @@ +apiVersion: certificate.cloudflare.upbound.io/v1alpha1 +kind: Pack +metadata: + annotations: + meta.upbound.io/example-id: certificate/v1alpha1/pack + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + certificateAuthority: digicert + cloudflareBranding: false + hosts: + - example.com + - sub.example.com + type: advanced + validationMethod: txt + validityDays: 30 + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/custom/v1alpha1/pages.yaml b/examples-generated/custom/v1alpha1/pages.yaml new file mode 100644 index 0000000..458a104 --- /dev/null +++ b/examples-generated/custom/v1alpha1/pages.yaml @@ -0,0 +1,16 @@ +apiVersion: custom.cloudflare.upbound.io/v1alpha1 +kind: Pages +metadata: + annotations: + meta.upbound.io/example-id: custom/v1alpha1/pages + labels: + testing.upbound.io/example-name: basic_challenge + name: basic-challenge +spec: + forProvider: + state: customized + type: basic_challenge + url: https://example.com/challenge.html + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/custom/v1alpha1/ssl.yaml b/examples-generated/custom/v1alpha1/ssl.yaml new file mode 100644 index 0000000..5e724fe --- /dev/null +++ b/examples-generated/custom/v1alpha1/ssl.yaml @@ -0,0 +1,15 @@ +apiVersion: custom.cloudflare.upbound.io/v1alpha1 +kind: SSL +metadata: + annotations: + meta.upbound.io/example-id: custom/v1alpha1/ssl + labels: + testing.upbound.io/example-name: foossl + name: foossl +spec: + forProvider: + customSslOptions: + - {} + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/customhostname/v1alpha1/fallbackorigin.yaml b/examples-generated/customhostname/v1alpha1/fallbackorigin.yaml new file mode 100644 index 0000000..598ca6c --- /dev/null +++ b/examples-generated/customhostname/v1alpha1/fallbackorigin.yaml @@ -0,0 +1,14 @@ +apiVersion: customhostname.cloudflare.upbound.io/v1alpha1 +kind: FallbackOrigin +metadata: + annotations: + meta.upbound.io/example-id: customhostname/v1alpha1/fallbackorigin + labels: + testing.upbound.io/example-name: fallback_origin + name: fallback-origin +spec: + forProvider: + origin: fallback.example.com + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/customhostname/v1alpha1/hostname.yaml b/examples-generated/customhostname/v1alpha1/hostname.yaml new file mode 100644 index 0000000..984ef5c --- /dev/null +++ b/examples-generated/customhostname/v1alpha1/hostname.yaml @@ -0,0 +1,16 @@ +apiVersion: customhostname.cloudflare.upbound.io/v1alpha1 +kind: Hostname +metadata: + annotations: + meta.upbound.io/example-id: customhostname/v1alpha1/hostname + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + hostname: hostname.example.com + ssl: + - method: txt + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/dlp/v1alpha1/profile.yaml b/examples-generated/dlp/v1alpha1/profile.yaml new file mode 100644 index 0000000..a1a4c2f --- /dev/null +++ b/examples-generated/dlp/v1alpha1/profile.yaml @@ -0,0 +1,20 @@ +apiVersion: dlp.cloudflare.upbound.io/v1alpha1 +kind: Profile +metadata: + annotations: + meta.upbound.io/example-id: dlp/v1alpha1/profile + labels: + testing.upbound.io/example-name: example_predefined + name: example-predefined +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + entry: + - enabled: true + name: Mastercard Card Number + - enabled: false + name: Union Pay Card Number + name: Example Predefined Profile + type: predefined diff --git a/examples-generated/dns/v1alpha1/record.yaml b/examples-generated/dns/v1alpha1/record.yaml new file mode 100644 index 0000000..6925d4a --- /dev/null +++ b/examples-generated/dns/v1alpha1/record.yaml @@ -0,0 +1,17 @@ +apiVersion: dns.cloudflare.upbound.io/v1alpha1 +kind: Record +metadata: + annotations: + meta.upbound.io/example-id: dns/v1alpha1/record + labels: + testing.upbound.io/example-name: foobar + name: foobar +spec: + forProvider: + name: terraform + ttl: 3600 + type: A + value: 192.168.0.11 + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/emailrouting/v1alpha1/address.yaml b/examples-generated/emailrouting/v1alpha1/address.yaml new file mode 100644 index 0000000..7704ecc --- /dev/null +++ b/examples-generated/emailrouting/v1alpha1/address.yaml @@ -0,0 +1,14 @@ +apiVersion: emailrouting.cloudflare.upbound.io/v1alpha1 +kind: Address +metadata: + annotations: + meta.upbound.io/example-id: emailrouting/v1alpha1/address + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + email: user@example.com diff --git a/examples-generated/emailrouting/v1alpha1/catchall.yaml b/examples-generated/emailrouting/v1alpha1/catchall.yaml new file mode 100644 index 0000000..b2241cd --- /dev/null +++ b/examples-generated/emailrouting/v1alpha1/catchall.yaml @@ -0,0 +1,21 @@ +apiVersion: emailrouting.cloudflare.upbound.io/v1alpha1 +kind: CatchAll +metadata: + annotations: + meta.upbound.io/example-id: emailrouting/v1alpha1/catchall + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + action: + - type: forward + value: + - destinationaddress@example.net + enabled: true + matcher: + - type: all + name: example catch all + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/emailrouting/v1alpha1/rule.yaml b/examples-generated/emailrouting/v1alpha1/rule.yaml new file mode 100644 index 0000000..ef63995 --- /dev/null +++ b/examples-generated/emailrouting/v1alpha1/rule.yaml @@ -0,0 +1,23 @@ +apiVersion: emailrouting.cloudflare.upbound.io/v1alpha1 +kind: Rule +metadata: + annotations: + meta.upbound.io/example-id: emailrouting/v1alpha1/rule + labels: + testing.upbound.io/example-name: main + name: main +spec: + forProvider: + action: + - type: forward + value: + - destinationaddress@example.net + enabled: true + matcher: + - field: to + type: literal + value: test@example.com + name: terraform rule + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/emailrouting/v1alpha1/settings.yaml b/examples-generated/emailrouting/v1alpha1/settings.yaml new file mode 100644 index 0000000..de78e57 --- /dev/null +++ b/examples-generated/emailrouting/v1alpha1/settings.yaml @@ -0,0 +1,14 @@ +apiVersion: emailrouting.cloudflare.upbound.io/v1alpha1 +kind: Settings +metadata: + annotations: + meta.upbound.io/example-id: emailrouting/v1alpha1/settings + labels: + testing.upbound.io/example-name: my_zone + name: my-zone +spec: + forProvider: + enabled: "true" + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/filters/v1alpha1/filter.yaml b/examples-generated/filters/v1alpha1/filter.yaml new file mode 100644 index 0000000..f865e0b --- /dev/null +++ b/examples-generated/filters/v1alpha1/filter.yaml @@ -0,0 +1,16 @@ +apiVersion: filters.cloudflare.upbound.io/v1alpha1 +kind: Filter +metadata: + annotations: + meta.upbound.io/example-id: filters/v1alpha1/filter + labels: + testing.upbound.io/example-name: wordpress + name: wordpress +spec: + forProvider: + description: Wordpress break-in attempts that are outside of the office + expression: (http.request.uri.path ~ ".*wp-login.php" or http.request.uri.path + ~ ".*xmlrpc.php") and ip.src ne 192.0.2.1 + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/firewall/v1alpha1/rule.yaml b/examples-generated/firewall/v1alpha1/rule.yaml new file mode 100644 index 0000000..5197d9b --- /dev/null +++ b/examples-generated/firewall/v1alpha1/rule.yaml @@ -0,0 +1,37 @@ +apiVersion: firewall.cloudflare.upbound.io/v1alpha1 +kind: Rule +metadata: + annotations: + meta.upbound.io/example-id: firewall/v1alpha1/rule + labels: + testing.upbound.io/example-name: wordpress + name: wordpress +spec: + forProvider: + action: block + description: Block wordpress break-in attempts + filterIdSelector: + matchLabels: + testing.upbound.io/example-name: wordpress + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example + +--- + +apiVersion: filters.cloudflare.upbound.io/v1alpha1 +kind: Filter +metadata: + annotations: + meta.upbound.io/example-id: firewall/v1alpha1/rule + labels: + testing.upbound.io/example-name: wordpress + name: wordpress +spec: + forProvider: + description: Wordpress break-in attempts that are outside of the office + expression: (http.request.uri.path ~ ".*wp-login.php" or http.request.uri.path + ~ ".*xmlrpc.php") and ip.src ne 192.0.2.1 + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/lists/v1alpha1/iplist.yaml b/examples-generated/lists/v1alpha1/iplist.yaml new file mode 100644 index 0000000..ec5e758 --- /dev/null +++ b/examples-generated/lists/v1alpha1/iplist.yaml @@ -0,0 +1,21 @@ +apiVersion: lists.cloudflare.upbound.io/v1alpha1 +kind: IPList +metadata: + annotations: + meta.upbound.io/example-id: lists/v1alpha1/iplist + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + description: list description + item: + - comment: Office IP + value: 192.0.2.1 + - comment: Datacenter range + value: 203.0.113.0/24 + kind: ip + name: example_list diff --git a/examples-generated/lists/v1alpha1/list.yaml b/examples-generated/lists/v1alpha1/list.yaml new file mode 100644 index 0000000..eb3170d --- /dev/null +++ b/examples-generated/lists/v1alpha1/list.yaml @@ -0,0 +1,23 @@ +apiVersion: lists.cloudflare.upbound.io/v1alpha1 +kind: List +metadata: + annotations: + meta.upbound.io/example-id: lists/v1alpha1/list + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + description: example IPs for a list + item: + - comment: one + value: + - ip: 192.0.2.0 + - comment: two + value: + - ip: 192.0.2.1 + kind: ip + name: example list diff --git a/examples-generated/loadbalancer/v1alpha1/loadbalancer.yaml b/examples-generated/loadbalancer/v1alpha1/loadbalancer.yaml new file mode 100644 index 0000000..0861d9b --- /dev/null +++ b/examples-generated/loadbalancer/v1alpha1/loadbalancer.yaml @@ -0,0 +1,60 @@ +apiVersion: loadbalancer.cloudflare.upbound.io/v1alpha1 +kind: LoadBalancer +metadata: + annotations: + meta.upbound.io/example-id: loadbalancer/v1alpha1/loadbalancer + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + countryPools: + - country: US + poolIdsRefs: + - name: example + defaultPoolIdsRefs: + - name: example + description: example load balancer using geo-balancing + fallbackPoolIdSelector: + matchLabels: + testing.upbound.io/example-name: example + name: example-load-balancer.example.com + popPools: + - poolIdsRefs: + - name: example + pop: LAX + proxied: true + regionPools: + - poolIdsRefs: + - name: example + region: WNAM + rules: + - condition: http.request.uri.path contains "testing" + fixedResponse: + - contentType: html + location: www.example.com + messageBody: hello + statusCode: 200 + name: example rule + steeringPolicy: geo + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example + +--- + +apiVersion: loadbalancer.cloudflare.upbound.io/v1alpha1 +kind: Pool +metadata: + annotations: + meta.upbound.io/example-id: loadbalancer/v1alpha1/loadbalancer + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + name: example-lb-pool + origins: + - address: 192.0.2.1 + enabled: false + name: example-1 diff --git a/examples-generated/loadbalancer/v1alpha1/monitor.yaml b/examples-generated/loadbalancer/v1alpha1/monitor.yaml new file mode 100644 index 0000000..00bd95f --- /dev/null +++ b/examples-generated/loadbalancer/v1alpha1/monitor.yaml @@ -0,0 +1,26 @@ +apiVersion: loadbalancer.cloudflare.upbound.io/v1alpha1 +kind: Monitor +metadata: + annotations: + meta.upbound.io/example-id: loadbalancer/v1alpha1/monitor + labels: + testing.upbound.io/example-name: http_monitor + name: http-monitor +spec: + forProvider: + allowInsecure: false + description: example http load balancer + expectedBody: alive + expectedCodes: 2xx + followRedirects: true + header: + - header: Host + values: + - example.com + interval: 60 + method: GET + path: /health + probeZone: example.com + retries: 5 + timeout: 7 + type: http diff --git a/examples-generated/loadbalancer/v1alpha1/pool.yaml b/examples-generated/loadbalancer/v1alpha1/pool.yaml new file mode 100644 index 0000000..8b05d9a --- /dev/null +++ b/examples-generated/loadbalancer/v1alpha1/pool.yaml @@ -0,0 +1,38 @@ +apiVersion: loadbalancer.cloudflare.upbound.io/v1alpha1 +kind: Pool +metadata: + annotations: + meta.upbound.io/example-id: loadbalancer/v1alpha1/pool + labels: + testing.upbound.io/example-name: foo + name: foo +spec: + forProvider: + description: example load balancer pool + enabled: false + latitude: 55 + loadShedding: + - defaultPercent: 55 + defaultPolicy: random + sessionPercent: 12 + sessionPolicy: hash + longitude: -12 + minimumOrigins: 1 + name: example-pool + notificationEmail: someone@example.com + originSteering: + - policy: random + origins: + - address: 192.0.2.1 + enabled: false + header: + - header: Host + values: + - example-1 + name: example-1 + - address: 192.0.2.2 + header: + - header: Host + values: + - example-2 + name: example-2 diff --git a/examples-generated/logpush/v1alpha1/job.yaml b/examples-generated/logpush/v1alpha1/job.yaml new file mode 100644 index 0000000..ee08114 --- /dev/null +++ b/examples-generated/logpush/v1alpha1/job.yaml @@ -0,0 +1,55 @@ +apiVersion: logpush.cloudflare.upbound.io/v1alpha1 +kind: Job +metadata: + annotations: + meta.upbound.io/example-id: logpush/v1alpha1/job + labels: + testing.upbound.io/example-name: http_requests + name: http-requests +spec: + forProvider: + dataset: http_requests + destinationConf: r2://cloudflare-logs/http_requests/date={DATE}?account-id=${var.account_id}&access-key-id=${cloudflare_api_token.logpush_r2_token.id}&secret-access-key=${sha256(cloudflare_api_token.logpush_r2_token.value)} + enabled: true + logpullOptions: fields=ClientIP,ClientRequestHost,ClientRequestMethod,ClientRequestURI,EdgeEndTimestamp,EdgeResponseBytes,EdgeResponseStatus,EdgeStartTimestamp,RayID×tamps=rfc3339 + name: http_requests + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example + +--- + +apiVersion: account.cloudflare.upbound.io/v1alpha1 +kind: APIToken +metadata: + annotations: + meta.upbound.io/example-id: logpush/v1alpha1/job + labels: + testing.upbound.io/example-name: logpush_r2_token + name: logpush-r2-token +spec: + forProvider: + name: logpush_r2_token + policy: + - permissionGroups: + - ${data.cloudflare_api_token_permission_groups.all.permissions["Workers R2 + Storage Write"]} + resources: + com.cloudflare.api.account.*: '*' + +--- + +apiVersion: logpush.cloudflare.upbound.io/v1alpha1 +kind: OwnershipChallenge +metadata: + annotations: + meta.upbound.io/example-id: logpush/v1alpha1/job + labels: + testing.upbound.io/example-name: ownership_challenge + name: ownership-challenge +spec: + forProvider: + destinationConf: s3://my-bucket-path?region=us-west-2 + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/logpush/v1alpha1/ownershipchallenge.yaml b/examples-generated/logpush/v1alpha1/ownershipchallenge.yaml new file mode 100644 index 0000000..abf0bcc --- /dev/null +++ b/examples-generated/logpush/v1alpha1/ownershipchallenge.yaml @@ -0,0 +1,14 @@ +apiVersion: logpush.cloudflare.upbound.io/v1alpha1 +kind: OwnershipChallenge +metadata: + annotations: + meta.upbound.io/example-id: logpush/v1alpha1/ownershipchallenge + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + destinationConf: s3://my-bucket-path?region=us-west-2 + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/magic/v1alpha1/firewallruleset.yaml b/examples-generated/magic/v1alpha1/firewallruleset.yaml new file mode 100644 index 0000000..743fed0 --- /dev/null +++ b/examples-generated/magic/v1alpha1/firewallruleset.yaml @@ -0,0 +1,24 @@ +apiVersion: magic.cloudflare.upbound.io/v1alpha1 +kind: FirewallRuleset +metadata: + annotations: + meta.upbound.io/example-id: magic/v1alpha1/firewallruleset + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + description: Global mitigations + name: Magic Transit Ruleset + rules: + - action: allow + description: Allow TCP Ephemeral Ports + enabled: "true" + expression: tcp.dstport in { 32768..65535 } + - action: block + description: Block all + enabled: "true" + expression: ip.len >= 0 diff --git a/examples-generated/magic/v1alpha1/gretunnel.yaml b/examples-generated/magic/v1alpha1/gretunnel.yaml new file mode 100644 index 0000000..0ad8922 --- /dev/null +++ b/examples-generated/magic/v1alpha1/gretunnel.yaml @@ -0,0 +1,23 @@ +apiVersion: magic.cloudflare.upbound.io/v1alpha1 +kind: GRETunnel +metadata: + annotations: + meta.upbound.io/example-id: magic/v1alpha1/gretunnel + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + cloudflareGreEndpoint: 203.0.113.1 + customerGreEndpoint: 203.0.113.1 + description: Tunnel for ISP X + healthCheckEnabled: true + healthCheckTarget: 203.0.113.1 + healthCheckType: reply + interfaceAddress: 192.0.2.0/31 + mtu: 1476 + name: GRE_1 + ttl: 64 diff --git a/examples-generated/magic/v1alpha1/ipsectunnel.yaml b/examples-generated/magic/v1alpha1/ipsectunnel.yaml new file mode 100644 index 0000000..6a8916a --- /dev/null +++ b/examples-generated/magic/v1alpha1/ipsectunnel.yaml @@ -0,0 +1,26 @@ +apiVersion: magic.cloudflare.upbound.io/v1alpha1 +kind: IPsecTunnel +metadata: + annotations: + meta.upbound.io/example-id: magic/v1alpha1/ipsectunnel + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + allowNullCipher: false + cloudflareEndpoint: 203.0.113.1 + customerEndpoint: 203.0.113.1 + description: Tunnel for ISP X + healthCheckEnabled: true + healthCheckTarget: 203.0.113.1 + healthCheckType: reply + interfaceAddress: 192.0.2.0/31 + name: IPsec_1 + pskSecretRef: + key: example-key + name: example-secret + namespace: upbound-system diff --git a/examples-generated/magic/v1alpha1/staticroute.yaml b/examples-generated/magic/v1alpha1/staticroute.yaml new file mode 100644 index 0000000..1269939 --- /dev/null +++ b/examples-generated/magic/v1alpha1/staticroute.yaml @@ -0,0 +1,22 @@ +apiVersion: magic.cloudflare.upbound.io/v1alpha1 +kind: StaticRoute +metadata: + annotations: + meta.upbound.io/example-id: magic/v1alpha1/staticroute + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + coloNames: + - den01 + coloRegions: + - APAC + description: New route for new prefix 192.0.2.0/24 + nexthop: 10.0.0.0 + prefix: 192.0.2.0/24 + priority: 100 + weight: 10 diff --git a/examples-generated/notification/v1alpha1/policy.yaml b/examples-generated/notification/v1alpha1/policy.yaml new file mode 100644 index 0000000..26353a9 --- /dev/null +++ b/examples-generated/notification/v1alpha1/policy.yaml @@ -0,0 +1,25 @@ +apiVersion: notification.cloudflare.upbound.io/v1alpha1 +kind: Policy +metadata: + annotations: + meta.upbound.io/example-id: notification/v1alpha1/policy + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + alertType: universal_ssl_event_type + description: Notification policy to alert when my SSL certificates are modified + emailIntegration: + - id: myemail@example.com + enabled: true + name: Policy for SSL notification events + pagerdutyIntegration: + - id: 850129d136459401860572c5d964d27k + webhooksIntegration: + - idSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/notification/v1alpha1/policywebhooks.yaml b/examples-generated/notification/v1alpha1/policywebhooks.yaml new file mode 100644 index 0000000..910e23a --- /dev/null +++ b/examples-generated/notification/v1alpha1/policywebhooks.yaml @@ -0,0 +1,16 @@ +apiVersion: notification.cloudflare.upbound.io/v1alpha1 +kind: PolicyWebhooks +metadata: + annotations: + meta.upbound.io/example-id: notification/v1alpha1/policywebhooks + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + name: Webhooks destination + secret: my-secret + url: https://example.com diff --git a/examples-generated/originca/v1alpha1/certificate.yaml b/examples-generated/originca/v1alpha1/certificate.yaml new file mode 100644 index 0000000..2b566ee --- /dev/null +++ b/examples-generated/originca/v1alpha1/certificate.yaml @@ -0,0 +1,15 @@ +apiVersion: originca.cloudflare.upbound.io/v1alpha1 +kind: Certificate +metadata: + annotations: + meta.upbound.io/example-id: originca/v1alpha1/certificate + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + csr: ${tls_cert_request.example.cert_request_pem} + hostnames: + - example.com + requestType: origin-rsa + requestedValidity: 7 diff --git a/examples-generated/page/v1alpha1/rule.yaml b/examples-generated/page/v1alpha1/rule.yaml new file mode 100644 index 0000000..48c75e6 --- /dev/null +++ b/examples-generated/page/v1alpha1/rule.yaml @@ -0,0 +1,22 @@ +apiVersion: page.cloudflare.upbound.io/v1alpha1 +kind: Rule +metadata: + annotations: + meta.upbound.io/example-id: page/v1alpha1/rule + labels: + testing.upbound.io/example-name: foobar + name: foobar +spec: + forProvider: + actions: + - emailObfuscation: "on" + minify: + - css: "on" + html: "off" + js: "on" + ssl: flexible + priority: 1 + target: sub.${var.cloudflare_zone}/page + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/pages/v1alpha1/domain.yaml b/examples-generated/pages/v1alpha1/domain.yaml new file mode 100644 index 0000000..fef774b --- /dev/null +++ b/examples-generated/pages/v1alpha1/domain.yaml @@ -0,0 +1,17 @@ +apiVersion: pages.cloudflare.upbound.io/v1alpha1 +kind: Domain +metadata: + annotations: + meta.upbound.io/example-id: pages/v1alpha1/domain + labels: + testing.upbound.io/example-name: my-domain + name: my-domain +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + domain: example.com + projectNameSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/pages/v1alpha1/project.yaml b/examples-generated/pages/v1alpha1/project.yaml new file mode 100644 index 0000000..f0c25e4 --- /dev/null +++ b/examples-generated/pages/v1alpha1/project.yaml @@ -0,0 +1,15 @@ +apiVersion: pages.cloudflare.upbound.io/v1alpha1 +kind: Project +metadata: + annotations: + meta.upbound.io/example-id: pages/v1alpha1/project + labels: + testing.upbound.io/example-name: basic_project + name: basic-project +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + name: this-is-my-project-01 + productionBranch: main diff --git a/examples-generated/ruleset/v1alpha1/ruleset.yaml b/examples-generated/ruleset/v1alpha1/ruleset.yaml new file mode 100644 index 0000000..bbd1008 --- /dev/null +++ b/examples-generated/ruleset/v1alpha1/ruleset.yaml @@ -0,0 +1,21 @@ +apiVersion: ruleset.cloudflare.upbound.io/v1alpha1 +kind: Ruleset +metadata: + annotations: + meta.upbound.io/example-id: ruleset/v1alpha1/ruleset + labels: + testing.upbound.io/example-name: magic_transit_example + name: magic-transit-example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + description: example magic transit ruleset description + kind: root + name: account magic transit + phase: magic_transit + rules: + - action: allow + description: Allow TCP Ephemeral Ports + expression: tcp.dstport in { 32768..65535 } diff --git a/examples-generated/spectrum/v1alpha1/application.yaml b/examples-generated/spectrum/v1alpha1/application.yaml new file mode 100644 index 0000000..6ce6ab5 --- /dev/null +++ b/examples-generated/spectrum/v1alpha1/application.yaml @@ -0,0 +1,20 @@ +apiVersion: spectrum.cloudflare.upbound.io/v1alpha1 +kind: Application +metadata: + annotations: + meta.upbound.io/example-id: spectrum/v1alpha1/application + labels: + testing.upbound.io/example-name: ssh_proxy + name: ssh-proxy +spec: + forProvider: + dns: + - name: ssh.example.com + type: CNAME + originDirect: + - tcp://109.151.40.129:22 + protocol: tcp/22 + trafficType: direct + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/teams/v1alpha1/account.yaml b/examples-generated/teams/v1alpha1/account.yaml new file mode 100644 index 0000000..d14a50a --- /dev/null +++ b/examples-generated/teams/v1alpha1/account.yaml @@ -0,0 +1,41 @@ +apiVersion: teams.cloudflare.upbound.io/v1alpha1 +kind: Account +metadata: + annotations: + meta.upbound.io/example-id: teams/v1alpha1/account + labels: + testing.upbound.io/example-name: main + name: main +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + antivirus: + - enabledDownloadPhase: true + enabledUploadPhase: false + failClosed: true + blockPage: + - backgroundColor: '#000000' + footerText: hello + headerText: hello + logoPath: https://google.com + fips: + - tls: true + logging: + - redactPii: true + settingsByRuleType: + - dns: + - logAll: false + logBlocks: true + http: + - logAll: true + logBlocks: true + l4: + - logAll: false + logBlocks: true + proxy: + - tcp: true + udp: true + tlsDecryptEnabled: true + urlBrowserIsolationEnabled: true diff --git a/examples-generated/teams/v1alpha1/list.yaml b/examples-generated/teams/v1alpha1/list.yaml new file mode 100644 index 0000000..84cabc2 --- /dev/null +++ b/examples-generated/teams/v1alpha1/list.yaml @@ -0,0 +1,20 @@ +apiVersion: teams.cloudflare.upbound.io/v1alpha1 +kind: List +metadata: + annotations: + meta.upbound.io/example-id: teams/v1alpha1/list + labels: + testing.upbound.io/example-name: corporate_devices + name: corporate-devices +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + description: Serial numbers for all corporate devices. + items: + - 8GE8721REF + - 5RE8543EGG + - 1YE2880LNP + name: Corporate devices + type: SERIAL diff --git a/examples-generated/teams/v1alpha1/location.yaml b/examples-generated/teams/v1alpha1/location.yaml new file mode 100644 index 0000000..ee2d742 --- /dev/null +++ b/examples-generated/teams/v1alpha1/location.yaml @@ -0,0 +1,18 @@ +apiVersion: teams.cloudflare.upbound.io/v1alpha1 +kind: Location +metadata: + annotations: + meta.upbound.io/example-id: teams/v1alpha1/location + labels: + testing.upbound.io/example-name: corporate_office + name: corporate-office +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + clientDefault: true + name: office + networks: + - network: 203.0.113.1/32 + - network: 203.0.113.2/32 diff --git a/examples-generated/teams/v1alpha1/proxyendpoint.yaml b/examples-generated/teams/v1alpha1/proxyendpoint.yaml new file mode 100644 index 0000000..c101072 --- /dev/null +++ b/examples-generated/teams/v1alpha1/proxyendpoint.yaml @@ -0,0 +1,16 @@ +apiVersion: teams.cloudflare.upbound.io/v1alpha1 +kind: ProxyEndpoint +metadata: + annotations: + meta.upbound.io/example-id: teams/v1alpha1/proxyendpoint + labels: + testing.upbound.io/example-name: corporate_office + name: corporate-office +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + ips: + - 192.0.2.0/24 + name: office diff --git a/examples-generated/teams/v1alpha1/rule.yaml b/examples-generated/teams/v1alpha1/rule.yaml new file mode 100644 index 0000000..cafb4e0 --- /dev/null +++ b/examples-generated/teams/v1alpha1/rule.yaml @@ -0,0 +1,23 @@ +apiVersion: teams.cloudflare.upbound.io/v1alpha1 +kind: Rule +metadata: + annotations: + meta.upbound.io/example-id: teams/v1alpha1/rule + labels: + testing.upbound.io/example-name: rule1 + name: rule1 +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + action: block + description: desc + filters: + - http + name: office + precedence: 1 + ruleSettings: + - blockPageEnabled: true + blockPageReason: access not permitted + traffic: http.request.uri == "https://www.example.com/malicious" diff --git a/examples-generated/waf/v1alpha1/group.yaml b/examples-generated/waf/v1alpha1/group.yaml new file mode 100644 index 0000000..13c6268 --- /dev/null +++ b/examples-generated/waf/v1alpha1/group.yaml @@ -0,0 +1,15 @@ +apiVersion: waf.cloudflare.upbound.io/v1alpha1 +kind: Group +metadata: + annotations: + meta.upbound.io/example-id: waf/v1alpha1/group + labels: + testing.upbound.io/example-name: honey_pot + name: honey-pot +spec: + forProvider: + groupId: de677e5818985db1285d0e80225f06e5 + mode: "on" + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/waf/v1alpha1/override.yaml b/examples-generated/waf/v1alpha1/override.yaml new file mode 100644 index 0000000..bf5ee8b --- /dev/null +++ b/examples-generated/waf/v1alpha1/override.yaml @@ -0,0 +1,23 @@ +apiVersion: waf.cloudflare.upbound.io/v1alpha1 +kind: Override +metadata: + annotations: + meta.upbound.io/example-id: waf/v1alpha1/override + labels: + testing.upbound.io/example-name: shop_ecxample + name: shop-ecxample +spec: + forProvider: + groups: + ea8687e59929c1fd05ba97574ad43f77: default + rewriteAction: + challenge: block + default: block + rules: + "100015": disable + urls: + - example.com/no-waf-here + - example.com/another/path/* + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/waf/v1alpha1/rule.yaml b/examples-generated/waf/v1alpha1/rule.yaml new file mode 100644 index 0000000..5a8f0c9 --- /dev/null +++ b/examples-generated/waf/v1alpha1/rule.yaml @@ -0,0 +1,15 @@ +apiVersion: waf.cloudflare.upbound.io/v1alpha1 +kind: Rule +metadata: + annotations: + meta.upbound.io/example-id: waf/v1alpha1/rule + labels: + testing.upbound.io/example-name: rule_100000 + name: rule-100000 +spec: + forProvider: + mode: simulate + ruleId: "100000" + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/waf/v1alpha1/wafpackage.yaml b/examples-generated/waf/v1alpha1/wafpackage.yaml new file mode 100644 index 0000000..ef121c5 --- /dev/null +++ b/examples-generated/waf/v1alpha1/wafpackage.yaml @@ -0,0 +1,16 @@ +apiVersion: waf.cloudflare.upbound.io/v1alpha1 +kind: WAFPackage +metadata: + annotations: + meta.upbound.io/example-id: waf/v1alpha1/wafpackage + labels: + testing.upbound.io/example-name: owasp + name: owasp +spec: + forProvider: + actionMode: simulate + packageId: a25a9a7e9c00afc1fb2e0245519d725b + sensitivity: medium + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/waitingroom/v1alpha1/event.yaml b/examples-generated/waitingroom/v1alpha1/event.yaml new file mode 100644 index 0000000..0897e10 --- /dev/null +++ b/examples-generated/waitingroom/v1alpha1/event.yaml @@ -0,0 +1,19 @@ +apiVersion: waitingroom.cloudflare.upbound.io/v1alpha1 +kind: Event +metadata: + annotations: + meta.upbound.io/example-id: waitingroom/v1alpha1/event + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + eventEndTime: "2006-01-02T20:04:05Z" + eventStartTime: "2006-01-02T15:04:05Z" + name: foo + waitingRoomIdSelector: + matchLabels: + testing.upbound.io/example-name: example + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/waitingroom/v1alpha1/room.yaml b/examples-generated/waitingroom/v1alpha1/room.yaml new file mode 100644 index 0000000..eb9e439 --- /dev/null +++ b/examples-generated/waitingroom/v1alpha1/room.yaml @@ -0,0 +1,18 @@ +apiVersion: waitingroom.cloudflare.upbound.io/v1alpha1 +kind: Room +metadata: + annotations: + meta.upbound.io/example-id: waitingroom/v1alpha1/room + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + host: foo.example.com + name: foo + newUsersPerMinute: 200 + path: / + totalActiveUsers: 200 + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/waitingroom/v1alpha1/rules.yaml b/examples-generated/waitingroom/v1alpha1/rules.yaml new file mode 100644 index 0000000..8a4b907 --- /dev/null +++ b/examples-generated/waitingroom/v1alpha1/rules.yaml @@ -0,0 +1,25 @@ +apiVersion: waitingroom.cloudflare.upbound.io/v1alpha1 +kind: Rules +metadata: + annotations: + meta.upbound.io/example-id: waitingroom/v1alpha1/rules + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + rules: + - action: bypass_waiting_room + description: bypass ip list + expression: src.ip in {192.0.2.0 192.0.2.1} + status: enabled + - action: bypass_waiting_room + description: bypass query string + expression: http.request.uri.query contains "bypass=true" + status: enabled + waitingRoomIdSelector: + matchLabels: + testing.upbound.io/example-name: example + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/warp/v1alpha1/devicepolicycertificates.yaml b/examples-generated/warp/v1alpha1/devicepolicycertificates.yaml new file mode 100644 index 0000000..505f5b1 --- /dev/null +++ b/examples-generated/warp/v1alpha1/devicepolicycertificates.yaml @@ -0,0 +1,14 @@ +apiVersion: warp.cloudflare.upbound.io/v1alpha1 +kind: DevicePolicyCertificates +metadata: + annotations: + meta.upbound.io/example-id: warp/v1alpha1/devicepolicycertificates + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + enabled: true + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/warp/v1alpha1/devicepostureintegration.yaml b/examples-generated/warp/v1alpha1/devicepostureintegration.yaml new file mode 100644 index 0000000..1c1570d --- /dev/null +++ b/examples-generated/warp/v1alpha1/devicepostureintegration.yaml @@ -0,0 +1,24 @@ +apiVersion: warp.cloudflare.upbound.io/v1alpha1 +kind: DevicePostureIntegration +metadata: + annotations: + meta.upbound.io/example-id: warp/v1alpha1/devicepostureintegration + labels: + testing.upbound.io/example-name: third_party_devices_posture_integration + name: third-party-devices-posture-integration +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + config: + - apiUrl: https://example.com/api + authUrl: https://example.com/connect/token + clientId: client-id + clientSecretSecretRef: + key: example-key + name: example-secret + namespace: upbound-system + interval: 24h + name: Device posture integration + type: workspace_one diff --git a/examples-generated/warp/v1alpha1/deviceposturerule.yaml b/examples-generated/warp/v1alpha1/deviceposturerule.yaml new file mode 100644 index 0000000..f5e245b --- /dev/null +++ b/examples-generated/warp/v1alpha1/deviceposturerule.yaml @@ -0,0 +1,26 @@ +apiVersion: warp.cloudflare.upbound.io/v1alpha1 +kind: DevicePostureRule +metadata: + annotations: + meta.upbound.io/example-id: warp/v1alpha1/deviceposturerule + labels: + testing.upbound.io/example-name: eaxmple + name: eaxmple +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + description: Device posture rule for corporate devices. + expiration: 24h + input: + - id: ${cloudflare_teams_list.corporate_devices.id} + operator: < + osDistroName: ubuntu + osDistroRevision: 1.0.0 + version: 1.0.0 + match: + - platform: linux + name: Corporate devices posture rule + schedule: 24h + type: os_version diff --git a/examples-generated/warp/v1alpha1/devicesettingspolicy.yaml b/examples-generated/warp/v1alpha1/devicesettingspolicy.yaml new file mode 100644 index 0000000..d81e92f --- /dev/null +++ b/examples-generated/warp/v1alpha1/devicesettingspolicy.yaml @@ -0,0 +1,28 @@ +apiVersion: warp.cloudflare.upbound.io/v1alpha1 +kind: DeviceSettingsPolicy +metadata: + annotations: + meta.upbound.io/example-id: warp/v1alpha1/devicesettingspolicy + labels: + testing.upbound.io/example-name: developer_warp_policy + name: developer-warp-policy +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + allowModeSwitch: true + allowUpdates: true + allowedToLeave: true + autoConnect: 0 + captivePortal: 5 + default: false + disableAutoFallback: true + enabled: true + match: any(identity.groups.name[*] in {"Developers"}) + name: Developers WARP settings policy + precedence: 10 + serviceModeV2Mode: warp + serviceModeV2Port: 3000 + supportUrl: https://cloudflare.com + switchLocked: true diff --git a/examples-generated/warp/v1alpha1/fallbackdomain.yaml b/examples-generated/warp/v1alpha1/fallbackdomain.yaml new file mode 100644 index 0000000..b1a6e1b --- /dev/null +++ b/examples-generated/warp/v1alpha1/fallbackdomain.yaml @@ -0,0 +1,39 @@ +apiVersion: warp.cloudflare.upbound.io/v1alpha1 +kind: FallbackDomain +metadata: + annotations: + meta.upbound.io/example-id: warp/v1alpha1/fallbackdomain + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + domains: + - description: Example domain + dnsServer: + - 192.0.2.0 + - 192.0.2.1 + suffix: example.com + +--- + +apiVersion: warp.cloudflare.upbound.io/v1alpha1 +kind: DeviceSettingsPolicy +metadata: + annotations: + meta.upbound.io/example-id: warp/v1alpha1/fallbackdomain + labels: + testing.upbound.io/example-name: developer_warp_policy + name: developer-warp-policy +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + match: any(identity.groups.name[*] in {"Developers"}) + name: Developers + precedence: 10 + switchLocked: true diff --git a/examples-generated/warp/v1alpha1/splittunnel.yaml b/examples-generated/warp/v1alpha1/splittunnel.yaml new file mode 100644 index 0000000..f031b9d --- /dev/null +++ b/examples-generated/warp/v1alpha1/splittunnel.yaml @@ -0,0 +1,17 @@ +apiVersion: warp.cloudflare.upbound.io/v1alpha1 +kind: SplitTunnel +metadata: + annotations: + meta.upbound.io/example-id: warp/v1alpha1/splittunnel + labels: + testing.upbound.io/example-name: example_split_tunnel_exclude + name: example-split-tunnel-exclude +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + mode: exclude + tunnels: + - description: example domain + host: '*.example.com' diff --git a/examples-generated/worker/v1alpha1/crontrigger.yaml b/examples-generated/worker/v1alpha1/crontrigger.yaml new file mode 100644 index 0000000..73bc7cd --- /dev/null +++ b/examples-generated/worker/v1alpha1/crontrigger.yaml @@ -0,0 +1,35 @@ +apiVersion: worker.cloudflare.upbound.io/v1alpha1 +kind: CronTrigger +metadata: + annotations: + meta.upbound.io/example-id: worker/v1alpha1/crontrigger + labels: + testing.upbound.io/example-name: example_trigger + name: example-trigger +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + schedules: + - '*/5 * * * *' + - 10 7 * * mon-fri + scriptNameSelector: + matchLabels: + testing.upbound.io/example-name: example_script + +--- + +apiVersion: worker.cloudflare.upbound.io/v1alpha1 +kind: Script +metadata: + annotations: + meta.upbound.io/example-id: worker/v1alpha1/crontrigger + labels: + testing.upbound.io/example-name: example_script + name: example-script +spec: + forProvider: + accountId: f037e56e89293a057740de681ac9abbe + content: ${file("path/to/my.js")} + name: example-script diff --git a/examples-generated/worker/v1alpha1/kv.yaml b/examples-generated/worker/v1alpha1/kv.yaml new file mode 100644 index 0000000..0b03722 --- /dev/null +++ b/examples-generated/worker/v1alpha1/kv.yaml @@ -0,0 +1,35 @@ +apiVersion: worker.cloudflare.upbound.io/v1alpha1 +kind: KV +metadata: + annotations: + meta.upbound.io/example-id: worker/v1alpha1/kv + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + key: test-key + namespaceIdSelector: + matchLabels: + testing.upbound.io/example-name: example_ns + value: test value + +--- + +apiVersion: worker.cloudflare.upbound.io/v1alpha1 +kind: KVNamespace +metadata: + annotations: + meta.upbound.io/example-id: worker/v1alpha1/kv + labels: + testing.upbound.io/example-name: example_ns + name: example-ns +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + title: test-namespace diff --git a/examples-generated/worker/v1alpha1/kvnamespace.yaml b/examples-generated/worker/v1alpha1/kvnamespace.yaml new file mode 100644 index 0000000..04ed885 --- /dev/null +++ b/examples-generated/worker/v1alpha1/kvnamespace.yaml @@ -0,0 +1,14 @@ +apiVersion: worker.cloudflare.upbound.io/v1alpha1 +kind: KVNamespace +metadata: + annotations: + meta.upbound.io/example-id: worker/v1alpha1/kvnamespace + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + title: test-namespace diff --git a/examples-generated/worker/v1alpha1/route.yaml b/examples-generated/worker/v1alpha1/route.yaml new file mode 100644 index 0000000..e7c86a0 --- /dev/null +++ b/examples-generated/worker/v1alpha1/route.yaml @@ -0,0 +1,30 @@ +apiVersion: worker.cloudflare.upbound.io/v1alpha1 +kind: Route +metadata: + annotations: + meta.upbound.io/example-id: worker/v1alpha1/route + labels: + testing.upbound.io/example-name: my_route + name: my-route +spec: + forProvider: + pattern: example.com/* + scriptNameSelector: + matchLabels: + testing.upbound.io/example-name: my_script + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example + +--- + +apiVersion: worker.cloudflare.upbound.io/v1alpha1 +kind: Script +metadata: + annotations: + meta.upbound.io/example-id: worker/v1alpha1/route + labels: + testing.upbound.io/example-name: my_script + name: my-script +spec: + forProvider: {} diff --git a/examples-generated/worker/v1alpha1/script.yaml b/examples-generated/worker/v1alpha1/script.yaml new file mode 100644 index 0000000..b6b68ef --- /dev/null +++ b/examples-generated/worker/v1alpha1/script.yaml @@ -0,0 +1,57 @@ +apiVersion: worker.cloudflare.upbound.io/v1alpha1 +kind: Script +metadata: + annotations: + meta.upbound.io/example-id: worker/v1alpha1/script + labels: + testing.upbound.io/example-name: my_script + name: my-script +spec: + forProvider: + accountId: f037e56e89293a057740de681ac9abbe + analyticsEngineBinding: + - dataset: dataset1 + name: MY_DATASET + content: ${file("script.js")} + kvNamespaceBinding: + - name: MY_EXAMPLE_KV_NAMESPACE + namespaceIdSelector: + matchLabels: + testing.upbound.io/example-name: my_namespace + name: script_1 + plainTextBinding: + - name: MY_EXAMPLE_PLAIN_TEXT + text: foobar + r2BucketBinding: + - bucketName: MY_BUCKET_NAME + name: MY_BUCKET + secretTextBinding: + - name: MY_EXAMPLE_SECRET_TEXT + textSecretRef: + key: example-key + name: example-secret + namespace: upbound-system + serviceBinding: + - environment: production + name: MY_SERVICE_BINDING + service: MY_SERVICE + webassemblyBinding: + - module: ${filebase64("example.wasm")} + name: MY_EXAMPLE_WASM + +--- + +apiVersion: worker.cloudflare.upbound.io/v1alpha1 +kind: KVNamespace +metadata: + annotations: + meta.upbound.io/example-id: worker/v1alpha1/script + labels: + testing.upbound.io/example-name: my_namespace + name: my-namespace +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + title: example diff --git a/examples-generated/zone/v1alpha1/dnssec.yaml b/examples-generated/zone/v1alpha1/dnssec.yaml new file mode 100644 index 0000000..39f9ce1 --- /dev/null +++ b/examples-generated/zone/v1alpha1/dnssec.yaml @@ -0,0 +1,27 @@ +apiVersion: zone.cloudflare.upbound.io/v1alpha1 +kind: DNSSEC +metadata: + annotations: + meta.upbound.io/example-id: zone/v1alpha1/dnssec + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example + +--- + +apiVersion: zone.cloudflare.upbound.io/v1alpha1 +kind: Zone +metadata: + annotations: + meta.upbound.io/example-id: zone/v1alpha1/dnssec + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + zone: example.com diff --git a/examples-generated/zone/v1alpha1/healthcheck.yaml b/examples-generated/zone/v1alpha1/healthcheck.yaml new file mode 100644 index 0000000..5cb370c --- /dev/null +++ b/examples-generated/zone/v1alpha1/healthcheck.yaml @@ -0,0 +1,39 @@ +apiVersion: zone.cloudflare.upbound.io/v1alpha1 +kind: Healthcheck +metadata: + annotations: + meta.upbound.io/example-id: zone/v1alpha1/healthcheck + labels: + testing.upbound.io/example-name: http_health_check + name: http-health-check +spec: + forProvider: + address: example.com + allowInsecure: false + checkRegions: + - WEU + - EEU + consecutiveFails: 3 + consecutiveSuccesses: 2 + description: example http health check + expectedBody: alive + expectedCodes: + - 2xx + - "301" + followRedirects: true + header: + - header: Host + values: + - example.com + interval: 60 + method: GET + name: http-health-check + path: /health + port: "443" + retries: 2 + suspended: false + timeout: 10 + type: HTTPS + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/zone/v1alpha1/logpullretention.yaml b/examples-generated/zone/v1alpha1/logpullretention.yaml new file mode 100644 index 0000000..b561846 --- /dev/null +++ b/examples-generated/zone/v1alpha1/logpullretention.yaml @@ -0,0 +1,14 @@ +apiVersion: zone.cloudflare.upbound.io/v1alpha1 +kind: LogpullRetention +metadata: + annotations: + meta.upbound.io/example-id: zone/v1alpha1/logpullretention + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + enabled: "true" + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/zone/v1alpha1/managedheaders.yaml b/examples-generated/zone/v1alpha1/managedheaders.yaml new file mode 100644 index 0000000..0fda9ae --- /dev/null +++ b/examples-generated/zone/v1alpha1/managedheaders.yaml @@ -0,0 +1,19 @@ +apiVersion: zone.cloudflare.upbound.io/v1alpha1 +kind: ManagedHeaders +metadata: + annotations: + meta.upbound.io/example-id: zone/v1alpha1/managedheaders + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + managedRequestHeaders: + - enabled: true + id: add_true_client_ip_headers + managedResponseHeaders: + - enabled: true + id: remove_x-powered-by_header + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/zone/v1alpha1/ratelimit.yaml b/examples-generated/zone/v1alpha1/ratelimit.yaml new file mode 100644 index 0000000..6729de2 --- /dev/null +++ b/examples-generated/zone/v1alpha1/ratelimit.yaml @@ -0,0 +1,56 @@ +apiVersion: zone.cloudflare.upbound.io/v1alpha1 +kind: RateLimit +metadata: + annotations: + meta.upbound.io/example-id: zone/v1alpha1/ratelimit + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + action: + - mode: simulate + response: + - body: custom response body + contentType: text/plain + timeout: 43200 + bypassUrlPatterns: + - ${var.cloudflare_zone}/bypass1 + - ${var.cloudflare_zone}/bypass2 + correlate: + - by: nat + description: example rate limit for a zone + disabled: false + match: + - request: + - methods: + - GET + - POST + - PUT + - DELETE + - PATCH + - HEAD + schemes: + - HTTP + - HTTPS + urlPattern: ${var.cloudflare_zone}/* + response: + - headers: + - name: Host + op: eq + value: localhost + - name: X-Example + op: ne + value: my-example + originTraffic: false + statuses: + - 200 + - 201 + - 202 + - 301 + - 429 + period: 2 + threshold: 2000 + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/zone/v1alpha1/settingsoverride.yaml b/examples-generated/zone/v1alpha1/settingsoverride.yaml new file mode 100644 index 0000000..69ec2cf --- /dev/null +++ b/examples-generated/zone/v1alpha1/settingsoverride.yaml @@ -0,0 +1,27 @@ +apiVersion: zone.cloudflare.upbound.io/v1alpha1 +kind: SettingsOverride +metadata: + annotations: + meta.upbound.io/example-id: zone/v1alpha1/settingsoverride + labels: + testing.upbound.io/example-name: test + name: test +spec: + forProvider: + settings: + - automaticHttpsRewrites: "on" + brotli: "on" + challengeTtl: 2700 + minify: + - css: "on" + html: "off" + js: "off" + mirage: "on" + opportunisticEncryption: "on" + securityHeader: + - enabled: true + securityLevel: high + waf: "on" + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/zone/v1alpha1/tieredcache.yaml b/examples-generated/zone/v1alpha1/tieredcache.yaml new file mode 100644 index 0000000..2f9221a --- /dev/null +++ b/examples-generated/zone/v1alpha1/tieredcache.yaml @@ -0,0 +1,14 @@ +apiVersion: zone.cloudflare.upbound.io/v1alpha1 +kind: TieredCache +metadata: + annotations: + meta.upbound.io/example-id: zone/v1alpha1/tieredcache + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + cacheType: smart + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/zone/v1alpha1/totaltls.yaml b/examples-generated/zone/v1alpha1/totaltls.yaml new file mode 100644 index 0000000..31cfe68 --- /dev/null +++ b/examples-generated/zone/v1alpha1/totaltls.yaml @@ -0,0 +1,15 @@ +apiVersion: zone.cloudflare.upbound.io/v1alpha1 +kind: TotalTLS +metadata: + annotations: + meta.upbound.io/example-id: zone/v1alpha1/totaltls + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + certificateAuthority: lets_encrypt + enabled: true + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/zone/v1alpha1/urlnormalizationsettings.yaml b/examples-generated/zone/v1alpha1/urlnormalizationsettings.yaml new file mode 100644 index 0000000..e58a22f --- /dev/null +++ b/examples-generated/zone/v1alpha1/urlnormalizationsettings.yaml @@ -0,0 +1,15 @@ +apiVersion: zone.cloudflare.upbound.io/v1alpha1 +kind: URLNormalizationSettings +metadata: + annotations: + meta.upbound.io/example-id: zone/v1alpha1/urlnormalizationsettings + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + scope: incoming + type: cloudflare + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/zone/v1alpha1/useragentblockingrule.yaml b/examples-generated/zone/v1alpha1/useragentblockingrule.yaml new file mode 100644 index 0000000..cbafce3 --- /dev/null +++ b/examples-generated/zone/v1alpha1/useragentblockingrule.yaml @@ -0,0 +1,19 @@ +apiVersion: zone.cloudflare.upbound.io/v1alpha1 +kind: UserAgentBlockingRule +metadata: + annotations: + meta.upbound.io/example-id: zone/v1alpha1/useragentblockingrule + labels: + testing.upbound.io/example-name: example_1 + name: example-1 +spec: + forProvider: + configuration: + - target: ua + value: Chrome + description: My description 1 + mode: js_challenge + paused: false + zoneIdSelector: + matchLabels: + testing.upbound.io/example-name: example diff --git a/examples-generated/zone/v1alpha1/zone.yaml b/examples-generated/zone/v1alpha1/zone.yaml new file mode 100644 index 0000000..16e46ba --- /dev/null +++ b/examples-generated/zone/v1alpha1/zone.yaml @@ -0,0 +1,14 @@ +apiVersion: zone.cloudflare.upbound.io/v1alpha1 +kind: Zone +metadata: + annotations: + meta.upbound.io/example-id: zone/v1alpha1/zone + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + accountIdSelector: + matchLabels: + testing.upbound.io/example-name: example + zone: example.com diff --git a/go.mod b/go.mod index 99725db..8346c03 100644 --- a/go.mod +++ b/go.mod @@ -1,92 +1,79 @@ module github.com/cdloh/provider-cloudflare -go 1.19 +go 1.21 + +toolchain go1.22.1 require ( - github.com/crossplane/crossplane-runtime v0.19.0-rc.0.0.20221012013934-bce61005a175 - github.com/crossplane/crossplane-tools v0.0.0-20220310165030-1f43fc12793e + dario.cat/mergo v1.0.0 + github.com/crossplane/crossplane-runtime v1.15.1 + github.com/crossplane/crossplane-tools v0.0.0-20230925130601-628280f8bf79 + github.com/crossplane/upjet v1.1.0 github.com/pkg/errors v0.9.1 - github.com/upbound/upjet v0.8.0-rc.0.0.20221024111721-c82119f5ef34 gopkg.in/alecthomas/kingpin.v2 v2.2.6 - k8s.io/apimachinery v0.25.0 - k8s.io/client-go v0.25.0 - sigs.k8s.io/controller-runtime v0.12.1 - sigs.k8s.io/controller-tools v0.8.0 + k8s.io/apimachinery v0.29.3 + k8s.io/client-go v0.29.3 + sigs.k8s.io/controller-runtime v0.17.2 + sigs.k8s.io/controller-tools v0.14.0 ) require ( - github.com/PuerkitoBio/purell v1.1.1 // indirect - github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect github.com/agext/levenshtein v1.2.3 // indirect github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect - github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a // indirect + github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 // indirect github.com/antchfx/htmlquery v1.2.4 // indirect github.com/antchfx/xpath v1.2.0 // indirect - github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect - github.com/armon/go-metrics v0.3.9 // indirect - github.com/armon/go-radix v1.0.0 // indirect + github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect github.com/beorn7/perks v1.0.1 // indirect - github.com/cenkalti/backoff/v3 v3.0.0 // indirect - github.com/cespare/xxhash/v2 v2.1.2 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/dave/jennifer v1.4.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.8.0 // indirect - github.com/evanphx/json-patch v4.12.0+incompatible // indirect + github.com/emicklei/go-restful/v3 v3.11.0 // indirect + github.com/evanphx/json-patch v5.6.0+incompatible // indirect + github.com/evanphx/json-patch/v5 v5.8.0 // indirect github.com/fatih/camelcase v1.0.0 // indirect - github.com/fatih/color v1.13.0 // indirect - github.com/fsnotify/fsnotify v1.5.4 // indirect - github.com/go-logr/logr v1.2.3 // indirect - github.com/go-logr/zapr v1.2.3 // indirect - github.com/go-openapi/jsonpointer v0.19.5 // indirect - github.com/go-openapi/jsonreference v0.19.5 // indirect - github.com/go-openapi/swag v0.19.14 // indirect - github.com/gobuffalo/flect v0.2.3 // indirect + github.com/fatih/color v1.16.0 // indirect + github.com/fsnotify/fsnotify v1.7.0 // indirect + github.com/go-logr/logr v1.4.1 // indirect + github.com/go-logr/zapr v1.3.0 // indirect + github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect + github.com/go-openapi/swag v0.22.3 // indirect + github.com/gobuffalo/flect v1.0.2 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/mock v1.6.0 // indirect - github.com/golang/protobuf v1.5.2 // indirect - github.com/golang/snappy v0.0.4 // indirect - github.com/google/gnostic v0.5.7-v3refs // indirect - github.com/google/go-cmp v0.5.9 // indirect - github.com/google/gofuzz v1.1.0 // indirect - github.com/google/uuid v1.1.2 // indirect - github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/hashicorp/go-cleanhttp v0.5.2 // indirect + github.com/golang/protobuf v1.5.4 // indirect + github.com/google/gnostic-models v0.6.8 // indirect + github.com/google/go-cmp v0.6.0 // indirect + github.com/google/gofuzz v1.2.0 // indirect + github.com/google/uuid v1.4.0 // indirect github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect - github.com/hashicorp/go-hclog v1.2.1 // indirect - github.com/hashicorp/go-immutable-radix v1.3.1 // indirect - github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-plugin v1.4.4 // indirect - github.com/hashicorp/go-retryablehttp v0.6.6 // indirect - github.com/hashicorp/go-rootcerts v1.0.2 // indirect - github.com/hashicorp/go-secure-stdlib/mlock v0.1.1 // indirect - github.com/hashicorp/go-secure-stdlib/parseutil v0.1.1 // indirect - github.com/hashicorp/go-secure-stdlib/strutil v0.1.1 // indirect - github.com/hashicorp/go-sockaddr v1.0.2 // indirect + github.com/hashicorp/go-hclog v1.5.0 // indirect + github.com/hashicorp/go-plugin v1.5.1 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/go-version v1.6.0 // indirect - github.com/hashicorp/golang-lru v0.5.4 // indirect - github.com/hashicorp/hcl v1.0.0 // indirect - github.com/hashicorp/hcl/v2 v2.14.1 // indirect + github.com/hashicorp/hcl/v2 v2.19.1 // indirect github.com/hashicorp/logutils v1.0.0 // indirect - github.com/hashicorp/terraform-json v0.14.0 // indirect - github.com/hashicorp/terraform-plugin-go v0.14.0 // indirect - github.com/hashicorp/terraform-plugin-log v0.7.0 // indirect - github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.0 // indirect - github.com/hashicorp/vault/api v1.3.1 // indirect - github.com/hashicorp/vault/sdk v0.3.0 // indirect + github.com/hashicorp/terraform-json v0.17.1 // indirect + github.com/hashicorp/terraform-plugin-framework v1.4.1 // indirect + github.com/hashicorp/terraform-plugin-go v0.19.0 // indirect + github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect + github.com/hashicorp/terraform-plugin-sdk/v2 v2.30.0 // indirect + github.com/hashicorp/terraform-registry-address v0.2.2 // indirect + github.com/hashicorp/terraform-svchost v0.1.1 // indirect github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d // indirect github.com/iancoleman/strcase v0.2.0 // indirect - github.com/imdario/mergo v0.3.12 // indirect - github.com/inconshreveable/mousetrap v1.0.0 // indirect + github.com/imdario/mergo v0.3.16 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/mailru/easyjson v0.7.6 // indirect - github.com/mattn/go-colorable v0.1.12 // indirect - github.com/mattn/go-isatty v0.0.14 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect - github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/mitchellh/go-ps v1.0.0 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect github.com/mitchellh/go-wordwrap v1.0.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect @@ -96,49 +83,46 @@ require ( github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/muvaf/typewriter v0.0.0-20220131201631-921e94e8e8d7 // indirect github.com/oklog/run v1.0.0 // indirect - github.com/pierrec/lz4 v2.5.2+incompatible // indirect - github.com/prometheus/client_golang v1.12.2 // indirect - github.com/prometheus/client_model v0.2.0 // indirect - github.com/prometheus/common v0.32.1 // indirect - github.com/prometheus/procfs v0.7.3 // indirect - github.com/ryanuber/go-glob v1.0.0 // indirect - github.com/spf13/afero v1.8.0 // indirect - github.com/spf13/cobra v1.4.0 // indirect + github.com/prometheus/client_golang v1.18.0 // indirect + github.com/prometheus/client_model v0.5.0 // indirect + github.com/prometheus/common v0.45.0 // indirect + github.com/prometheus/procfs v0.12.0 // indirect + github.com/spf13/afero v1.11.0 // indirect + github.com/spf13/cobra v1.8.0 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/tmccombs/hcl2json v0.3.3 // indirect github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect - github.com/vmihailenco/msgpack/v4 v4.3.12 // indirect - github.com/vmihailenco/tagparser v0.1.1 // indirect + github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect + github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect github.com/yuin/goldmark v1.4.13 // indirect - github.com/zclconf/go-cty v1.11.0 // indirect - go.uber.org/atomic v1.9.0 // indirect - go.uber.org/multierr v1.7.0 // indirect - go.uber.org/zap v1.19.1 // indirect - golang.org/x/crypto v0.0.0-20220517005047-85d78b3ac167 // indirect - golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect - golang.org/x/net v0.0.0-20220722155237-a158d28d115b // indirect - golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect - golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f // indirect - golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect - golang.org/x/text v0.3.7 // indirect - golang.org/x/time v0.0.0-20220609170525-579cf78fd858 // indirect - golang.org/x/tools v0.1.12 // indirect - gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21 // indirect - google.golang.org/grpc v1.48.0 // indirect - google.golang.org/protobuf v1.28.1 // indirect + github.com/zclconf/go-cty v1.14.1 // indirect + github.com/zclconf/go-cty-yaml v1.0.3 // indirect + go.uber.org/multierr v1.11.0 // indirect + go.uber.org/zap v1.26.0 // indirect + golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3 // indirect + golang.org/x/mod v0.14.0 // indirect + golang.org/x/net v0.20.0 // indirect + golang.org/x/oauth2 v0.15.0 // indirect + golang.org/x/sys v0.16.0 // indirect + golang.org/x/term v0.16.0 // indirect + golang.org/x/text v0.14.0 // indirect + golang.org/x/time v0.5.0 // indirect + golang.org/x/tools v0.17.0 // indirect + gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect + google.golang.org/appengine v1.6.8 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f // indirect + google.golang.org/grpc v1.61.0 // indirect + google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/square/go-jose.v2 v2.5.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.25.0 // indirect - k8s.io/apiextensions-apiserver v0.24.0 // indirect - k8s.io/component-base v0.25.0 // indirect - k8s.io/klog/v2 v2.70.1 // indirect - k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect - k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed // indirect - sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect + k8s.io/api v0.29.3 // indirect + k8s.io/apiextensions-apiserver v0.29.1 // indirect + k8s.io/component-base v0.29.1 // indirect + k8s.io/klog/v2 v2.110.1 // indirect + k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect + k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/go.sum b/go.sum index 8dd0f32..1c369b3 100644 --- a/go.sum +++ b/go.sum @@ -1,459 +1,152 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= -cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= -cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= -cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= -cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= -cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= -cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= -cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= -cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= -cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= -cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= -cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= -cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= -cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= -cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= -cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= -cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= -cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= -cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= -cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= -cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= -cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= -cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= -cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= -cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= -cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= -cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= -cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= -cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= -cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= -cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= -cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= -cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= -github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= -github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= -github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= -github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= +dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/alecthomas/kong v0.2.16/go.mod h1:kQOmtJgV+Lb4aj+I2LEn40cbtawdWJ9Y8QLq+lElKxE= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 h1:JYp7IbQjafoB+tBA3gMyHYHrpOtNuDiK/uB5uXxq5wM= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= -github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a h1:E/8AP5dFtMhl5KPJz66Kt9G0n+7Sn41Fy1wv9/jHOrc= -github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= +github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 h1:s6gZFSlWYmbqAuRjVTiNNhvNRfY2Wxp9nhfyel4rklc= +github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= github.com/antchfx/htmlquery v1.2.4 h1:qLteofCMe/KGovBI6SQgmou2QNyedFUW+pE+BpeZ494= github.com/antchfx/htmlquery v1.2.4/go.mod h1:2xO6iu3EVWs7R2JYqBbp8YzG50gj/ofqs5/0VZoDZLc= github.com/antchfx/xpath v1.2.0 h1:mbwv7co+x0RwgeGAOHdrKy89GvHaGvxxBtPK0uF9Zr8= github.com/antchfx/xpath v1.2.0/go.mod h1:i54GszH55fYfBmoZXapTHN8T8tkcHfRgLyVwwqzXNcs= -github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= -github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20210826220005-b48c857c3a0e/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY= github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= -github.com/apparentlymart/go-dump v0.0.0-20190214190832-042adf3cf4a0 h1:MzVXffFUye+ZcSR6opIgz9Co7WcDx6ZcY+RjfFHoA0I= github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= -github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= -github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= -github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= -github.com/armon/go-metrics v0.3.9 h1:O2sNqxBdvq8Eq5xmzljcYzAORli6RWCvEym4cJf9m18= -github.com/armon/go-metrics v0.3.9/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc= -github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= -github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM= -github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew1u1fNQOlOtuGxQY= +github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84= -github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= -github.com/cenkalti/backoff/v3 v3.0.0 h1:ske+9nBpD9qZsTBoF41nW5L+AIuFBKMeze18XQ3eG1c= -github.com/cenkalti/backoff/v3 v3.0.0/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= -github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= -github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= -github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag= -github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= -github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= -github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= -github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI= -github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= -github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= -github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/bufbuild/protocompile v0.6.0 h1:Uu7WiSQ6Yj9DbkdnOe7U4mNKp58y9WDMKDn28/ZlunY= +github.com/bufbuild/protocompile v0.6.0/go.mod h1:YNP35qEYoYGme7QMtz5SBCoN4kL4g12jTtjuzRNdjpE= +github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/crossplane/crossplane-runtime v0.19.0-rc.0.0.20221012013934-bce61005a175 h1:qGLew6IazCwfgvY4/xh5lQiumip/WrULpQfW4duol6g= -github.com/crossplane/crossplane-runtime v0.19.0-rc.0.0.20221012013934-bce61005a175/go.mod h1:o9ExoilV6k2M3qzSFoRVX4phuww0mLmjs1WrDTvsR4s= -github.com/crossplane/crossplane-tools v0.0.0-20220310165030-1f43fc12793e h1:HqLaMji3FRPwEBA5P6twPz0HbE6no0XOnByLU5O1noM= -github.com/crossplane/crossplane-tools v0.0.0-20220310165030-1f43fc12793e/go.mod h1:xFf30hwHd5n0/a0D4ZomId8nxQTTjE0Hc1j4/rWxefc= +github.com/crossplane/crossplane-runtime v1.15.1 h1:g1h75tNYOQT152IUNxs8ZgSsRFQKrZN9z69KefMujXs= +github.com/crossplane/crossplane-runtime v1.15.1/go.mod h1:kRcJjJQmBFrR2n/KhwL8wYS7xNfq3D8eK4JliEScOHI= +github.com/crossplane/crossplane-tools v0.0.0-20230925130601-628280f8bf79 h1:HigXs5tEQxWz0fcj8hzbU2UAZgEM7wPe0XRFOsrtF8Y= +github.com/crossplane/crossplane-tools v0.0.0-20230925130601-628280f8bf79/go.mod h1:+e4OaFlOcmr0JvINHl/yvEYBrZawzTgj6pQumOH1SS0= +github.com/crossplane/upjet v1.1.0 h1:jfdag6qaF1/5mvlDT/8LdTc/vq1Iq0ASnmk3yV86I9U= +github.com/crossplane/upjet v1.1.0/go.mod h1:0bHLtnejZ9bDeyXuBb9MSOQLvKo3+aoTeUBO8N0dGSA= github.com/dave/jennifer v1.4.1 h1:XyqG6cn5RQsTj3qlWQTKlRGAyrTcsk1kUmWdZBzRjDw= github.com/dave/jennifer v1.4.1/go.mod h1:7jEdnm+qBcxl8PC0zyp7vxcpSRnzXSt9r39tpTVGlwA= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emicklei/go-restful/v3 v3.8.0 h1:eCZ8ulSerjdAiaNpF7GxXIE7ZCMo1moN1qX+S609eVw= -github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= -github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= -github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= -github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= -github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ= -github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= -github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.5.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= +github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= +github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= +github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch/v5 v5.8.0 h1:lRj6N9Nci7MvzrXuX6HFzU8XjmhPiXPlsKEy1u0KQro= +github.com/evanphx/json-patch/v5 v5.8.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8= github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo= -github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= -github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= -github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= -github.com/frankban/quicktest v1.10.0/go.mod h1:ui7WezCLWMWxVWr1GETZY3smRy0G4KWq9vcPtJmFl7Y= -github.com/frankban/quicktest v1.13.0 h1:yNZif1OkDfNoDfb9zZa9aXIpejNR4F23Wely0c+Qdqk= -github.com/frankban/quicktest v1.13.0/go.mod h1:qLE0fzW0VuyUAJgPU19zByoIr0HtCHN/r/VLSOOIySU= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= -github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= -github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg= -github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-asn1-ber/asn1-ber v1.3.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= -github.com/go-ldap/ldap/v3 v3.1.10/go.mod h1:5Zun81jBTabRaI8lzN7E1JjyEl1g6zI6u9pd8luAK4Q= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= -github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/zapr v1.2.0/go.mod h1:Qa4Bsj2Vb+FAVeAKsLD8RLQ+YRJB8YDmOAKxaBQf7Ro= -github.com/go-logr/zapr v1.2.3 h1:a9vnzlIBPQBBkeaR9IuMUfmVOrQlkoC4YfPoFkX3T7A= -github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= -github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/jsonreference v0.19.5 h1:1WJP/wi4OjB4iV8KVbH73rQaoialJrqv8gitZLxGLtM= -github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.14 h1:gm3vOOXfiuw5i9p5N9xJvfjvuofpyvLA9Wr6QfK5Fng= -github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= +github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= +github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= +github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= +github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= +github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= +github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= +github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= +github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/go-test/deep v1.0.7 h1:/VSMRlnY/JSyqxQUzQLKVMAskpY/NZKFA5j2P+0pP2M= github.com/go-test/deep v1.0.7/go.mod h1:QV8Hv/iy04NyLBxAdO9njL0iVPN1S4d/A3NVv1V36o8= -github.com/gobuffalo/flect v0.2.3 h1:f/ZukRnSNA/DUpSNDadko7Qc0PhGvsew35p/2tu+CRY= -github.com/gobuffalo/flect v0.2.3/go.mod h1:vmkQwuZYhN5Pc4ljYQZzP+1sq+NEkK+lh20jmEmX3jc= -github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/gobuffalo/flect v1.0.2 h1:eqjPGSo2WmjgY2XlpGwo2NXgL3RucAKo4k4qQMNA5sA= +github.com/gobuffalo/flect v1.0.2/go.mod h1:A5msMlrHtLqh9umBSnvabjsMrCcCpAyzglnDvkbYKHs= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4= -github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= -github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= -github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= -github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= -github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/addlicense v0.0.0-20210428195630-6d92264d7170/go.mod h1:EMjYTRimagHs1FwlIqKyX3wAM0u3rA+McvlIIWmSamA= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= -github.com/google/cel-go v0.10.1/go.mod h1:U7ayypeSkw23szu4GaQTPJGx66c20mx8JklMSxrmI1w= -github.com/google/cel-spec v0.6.0/go.mod h1:Nwjgxy5CbjlPrtCWjeDjUyKMl8w41YBYGjsyDdqk0xA= -github.com/google/gnostic v0.5.7-v3refs h1:FhTMOKj2VhjpouxvWJAV1TL304uMlb9zcDqkl6cEI54= -github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= +github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= -github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-middleware v1.3.0/go.mod h1:z0ButlSOZa5vEBq9m2m2hlwIgKw+rp3sdCBRoJY+30Y= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= -github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= -github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= -github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= -github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= -github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= -github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= +github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= +github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/pprof v0.0.0-20240117000934-35fc243c5815 h1:WzfWbQz/Ze8v6l++GGbGNFZnUShVpP/0xffCPLL+ax8= +github.com/google/pprof v0.0.0-20240117000934-35fc243c5815/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= +github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= +github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 h1:1/D3zfFHttUKaCaGKZ/dR2roBXv0vKbSCnssIldfQdI= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320/go.mod h1:EiZBMaudVLy8fmjf9Npq1dq9RalhveqZG5w/yz3mHWs= -github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= -github.com/hashicorp/go-hclog v0.14.1/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= -github.com/hashicorp/go-hclog v0.16.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= -github.com/hashicorp/go-hclog v1.2.1 h1:YQsLlGDJgwhXFpucSPyVbCBviQtjlHv3jLTlp8YmtEw= -github.com/hashicorp/go-hclog v1.2.1/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc= -github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-kms-wrapping/entropy v0.1.0/go.mod h1:d1g9WGtAunDNpek8jUIEJnBlbgKS1N2Q61QkHiZyR1g= -github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= -github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= -github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-plugin v1.4.3/go.mod h1:5fGEH17QVwTTcR0zV7yhDPLLmFX9YSZ38b18Udy6vYQ= -github.com/hashicorp/go-plugin v1.4.4 h1:NVdrSdFRt3SkZtNckJ6tog7gbpRrcbOjQi/rgF7JYWQ= -github.com/hashicorp/go-plugin v1.4.4/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= -github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= -github.com/hashicorp/go-retryablehttp v0.6.6 h1:HJunrbHTDDbBb/ay4kxa1n+dLmttUlnP3V9oNE4hmsM= -github.com/hashicorp/go-retryablehttp v0.6.6/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= -github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= -github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= -github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= -github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= -github.com/hashicorp/go-secure-stdlib/mlock v0.1.1 h1:cCRo8gK7oq6A2L6LICkUZ+/a5rLiRXFMf1Qd4xSwxTc= -github.com/hashicorp/go-secure-stdlib/mlock v0.1.1/go.mod h1:zq93CJChV6L9QTfGKtfBxKqD7BqqXx5O04A/ns2p5+I= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.1 h1:78ki3QBevHwYrVxnyVeaEz+7WtifHhauYF23es/0KlI= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.1/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= -github.com/hashicorp/go-secure-stdlib/password v0.1.1/go.mod h1:9hH302QllNwu1o2TGYtSk8I8kTAN0ca1EHpwhm5Mmzo= -github.com/hashicorp/go-secure-stdlib/strutil v0.1.1 h1:nd0HIW15E6FG1MsnArYaHfuw9C2zgzM8LxkG5Ty/788= -github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U= -github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.1/go.mod h1:l8slYwnJA26yBz+ErHpp2IRCLr0vuOMGBORIz4rRiAs= -github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= -github.com/hashicorp/go-sockaddr v1.0.2 h1:ztczhD1jLxIRjVejw8gFomI1BQZOe2WoVOu0SyteCQc= -github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A= -github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= -github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= +github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-plugin v1.5.1 h1:oGm7cWBaYIp3lJpx1RUEfLWophprE2EV/KUeqBYo+6k= +github.com/hashicorp/go-plugin v1.5.1/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go-version v1.5.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= -github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= -github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= -github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/hcl/v2 v2.9.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= -github.com/hashicorp/hcl/v2 v2.14.1 h1:x0BpjfZ+CYdbiz+8yZTQ+gdLO7IXvOut7Da+XJayx34= -github.com/hashicorp/hcl/v2 v2.14.1/go.mod h1:e4z5nxYlWNPdDSNYX+ph14EvWYMFm3eP0zIUqPc2jr0= +github.com/hashicorp/hcl/v2 v2.19.1 h1://i05Jqznmb2EXqa39Nsvyan2o5XyMowW5fnCKW5RPI= +github.com/hashicorp/hcl/v2 v2.19.1/go.mod h1:ThLC89FV4p9MPW804KVbe/cEXoQ8NZEh+JtMeeGErHE= github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= -github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= -github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= -github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= -github.com/hashicorp/terraform-json v0.14.0 h1:sh9iZ1Y8IFJLx+xQiKHGud6/TSUCM0N8e17dKDpqV7s= -github.com/hashicorp/terraform-json v0.14.0/go.mod h1:5A9HIWPkk4e5aeeXIBbkcOvaZbIYnAIkEyqP2pNSckM= -github.com/hashicorp/terraform-plugin-go v0.14.0 h1:ttnSlS8bz3ZPYbMb84DpcPhY4F5DsQtcAS7cHo8uvP4= -github.com/hashicorp/terraform-plugin-go v0.14.0/go.mod h1:2nNCBeRLaenyQEi78xrGrs9hMbulveqG/zDMQSvVJTE= -github.com/hashicorp/terraform-plugin-log v0.7.0 h1:SDxJUyT8TwN4l5b5/VkiTIaQgY6R+Y2BQ0sRZftGKQs= -github.com/hashicorp/terraform-plugin-log v0.7.0/go.mod h1:p4R1jWBXRTvL4odmEkFfDdhUjHf9zcs/BCoNHAc7IK4= -github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.0 h1:FtCLTiTcykdsURXPt/ku7fYXm3y19nbzbZcUxHx9RbI= -github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.0/go.mod h1:80wf5oad1tW+oLnbXS4UTYmDCrl7BuN1Q+IA91X1a4Y= -github.com/hashicorp/vault/api v1.3.1 h1:pkDkcgTh47PRjY1NEFeofqR4W/HkNUi9qIakESO2aRM= -github.com/hashicorp/vault/api v1.3.1/go.mod h1:QeJoWxMFt+MsuWcYhmwRLwKEXrjwAFFywzhptMsTIUw= -github.com/hashicorp/vault/sdk v0.3.0 h1:kR3dpxNkhh/wr6ycaJYqp6AFT/i2xaftbfnwZduTKEY= -github.com/hashicorp/vault/sdk v0.3.0/go.mod h1:aZ3fNuL5VNydQk8GcLJ2TV8YCRVvyaakYkhZRoVuhj0= -github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= +github.com/hashicorp/terraform-json v0.17.1 h1:eMfvh/uWggKmY7Pmb3T85u86E2EQg6EQHgyRwf3RkyA= +github.com/hashicorp/terraform-json v0.17.1/go.mod h1:Huy6zt6euxaY9knPAFKjUITn8QxUFIe9VuSzb4zn/0o= +github.com/hashicorp/terraform-plugin-framework v1.4.1 h1:ZC29MoB3Nbov6axHdgPbMz7799pT5H8kIrM8YAsaVrs= +github.com/hashicorp/terraform-plugin-framework v1.4.1/go.mod h1:XC0hPcQbBvlbxwmjxuV/8sn8SbZRg4XwGMs22f+kqV0= +github.com/hashicorp/terraform-plugin-go v0.19.0 h1:BuZx/6Cp+lkmiG0cOBk6Zps0Cb2tmqQpDM3iAtnhDQU= +github.com/hashicorp/terraform-plugin-go v0.19.0/go.mod h1:EhRSkEPNoylLQntYsk5KrDHTZJh9HQoumZXbOGOXmec= +github.com/hashicorp/terraform-plugin-log v0.9.0 h1:i7hOA+vdAItN1/7UrfBqBwvYPQ9TFvymaRGZED3FCV0= +github.com/hashicorp/terraform-plugin-log v0.9.0/go.mod h1:rKL8egZQ/eXSyDqzLUuwUYLVdlYeamldAHSxjUFADow= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.30.0 h1:X7vB6vn5tON2b49ILa4W7mFAsndeqJ7bZFOGbVO+0Cc= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.30.0/go.mod h1:ydFcxbdj6klCqYEPkPvdvFKiNGKZLUs+896ODUXCyao= +github.com/hashicorp/terraform-registry-address v0.2.2 h1:lPQBg403El8PPicg/qONZJDC6YlgCVbWDtNmmZKtBno= +github.com/hashicorp/terraform-registry-address v0.2.2/go.mod h1:LtwNbCihUoUZ3RYriyS2wF/lGPB6gF9ICLRtuDk7hSo= +github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ= +github.com/hashicorp/terraform-svchost v0.1.1/go.mod h1:mNsjQfZyf/Jhz35v6/0LWcv26+X7JPS+buii2c9/ctc= github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d h1:kJCB4vdITiW1eC1vq2e6IsrXKrZit1bv/TDYFGMp4BQ= github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/iancoleman/strcase v0.2.0 h1:05I4QRnGpI0m37iZQRuskXh+w77mr6Z41lwQzuHLwW0= github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= -github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= -github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE= -github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= -github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= +github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= +github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= +github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= -github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= -github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= -github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -461,774 +154,257 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.6 h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA= -github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= -github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= +github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= -github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= -github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= -github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI= -github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= -github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= -github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= -github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= -github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= -github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= +github.com/mitchellh/go-ps v1.0.0 h1:i6ampVEEF4wQFF+bkYfwYgY+F/uYJDktmvLPf7qIgjc= +github.com/mitchellh/go-ps v1.0.0/go.mod h1:J4lOc8z8yJs6vUwklHw2XEIiT4z4C40KtWVN3nvg8Pg= github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8= github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= -github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= -github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= -github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= -github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/mapstructure v1.4.2/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= -github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6/go.mod h1:E2VnQOmVuvZB6UYnnDB0qG5Nq/1tD9acaOpo6xmt0Kw= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/muvaf/typewriter v0.0.0-20220131201631-921e94e8e8d7 h1:CxRHKnh1YJXgNKxcos9rrKL6AcmOl1AS/fygmxFDzh4= github.com/muvaf/typewriter v0.0.0-20220131201631-921e94e8e8d7/go.mod h1:SAAdeMEiFXR8LcHffvIdiLI1w243DCH2DuHq7UrA5YQ= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/nsf/jsondiff v0.0.0-20200515183724-f29ed568f4ce h1:RPclfga2SEJmgMmz2k+Mg7cowZ8yv4Trqw9UsJby758= -github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= +github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= -github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= -github.com/onsi/ginkgo/v2 v2.1.4 h1:GNapqRSid3zijZ9H77KrgVG4/8KqiyRsxcSxe+7ApXY= -github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.19.0 h1:4ieX6qQjPP/BfC3mpsAtIGGlxTWPeA3Inl/7DtXw1tw= -github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= -github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= -github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY= -github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= -github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/pierrec/lz4 v2.5.2+incompatible h1:WCjObylUIOlKy/+7Abdn34TLIkXiA4UWUMhxq9m9ZXI= -github.com/pierrec/lz4 v2.5.2+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= +github.com/onsi/ginkgo/v2 v2.14.0 h1:vSmGj2Z5YPb9JwCWT6z6ihcUvDhuXLc3sJiqd3jMKAY= +github.com/onsi/ginkgo/v2 v2.14.0/go.mod h1:JkUdW7JkN0V6rFvsHcJ478egV3XH9NxpD27Hal/PhZw= +github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= +github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= -github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= -github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= -github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU= -github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= -github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= -github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= -github.com/prometheus/client_golang v1.12.2 h1:51L9cDoUHVrXx4zWYlcLQIZ+d+VXHgqnYKkIuq4g/34= -github.com/prometheus/client_golang v1.12.2/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= -github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4= -github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= -github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= -github.com/prometheus/common v0.32.1 h1:hWIdL3N2HoUx3B8j3YN9mWor0qhY/NlEKZEaXxuIRh4= -github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= -github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.7.3 h1:4jVXhlkAyzOScmCkXBTOLRLTz8EeU+eyjrwB/EPq0VU= -github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= -github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk= +github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA= +github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= +github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= +github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= +github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= +github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= +github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= -github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= -github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= -github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4= +github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= -github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= -github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0= -github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= -github.com/spf13/afero v1.8.0 h1:5MmtuhAgYeU6qpa7w7bP0dv6MBYuup0vekhSpSkoq60= -github.com/spf13/afero v1.8.0/go.mod h1:CtAatgMJh6bJEIs48Ay/FOnkljP3WeGUG0MC1RfAqwo= -github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= -github.com/spf13/cobra v1.4.0 h1:y+wJpx64xcgO1V+RcnwW0LEHxTKRi2ZDPSBjWnrg88Q= -github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= -github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= +github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= +github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= +github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= +github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= -github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1 h1:2vfRuCMp5sSVIDSqO8oNnWJq7mPa6KVP3iPIwFBuy8A= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.2 h1:4jaiDzPyXQvSd7D0EjG45355tLlV3VOECpq10pLC+8s= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= -github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= -github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/tmccombs/hcl2json v0.3.3 h1:+DLNYqpWE0CsOQiEZu+OZm5ZBImake3wtITYxQ8uLFQ= github.com/tmccombs/hcl2json v0.3.3/go.mod h1:Y2chtz2x9bAeRTvSibVRVgbLJhLJXKlUeIvjeVdnm4w= -github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= -github.com/upbound/upjet v0.8.0-rc.0.0.20221024111721-c82119f5ef34 h1:TXehSax5YEurPY8vMnRx7n8xIHENGAiOhISxxqthcX0= -github.com/upbound/upjet v0.8.0-rc.0.0.20221024111721-c82119f5ef34/go.mod h1:QyDjh8h49niORvHLHZE8ZS4fiCa6Dkcsw3aBJBfK3I8= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= github.com/vmihailenco/msgpack v4.0.4+incompatible h1:dSLoQfGFAo3F6OoNhwUmLwVgaUXK79GlxNBwueZn0xI= github.com/vmihailenco/msgpack v4.0.4+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= -github.com/vmihailenco/msgpack/v4 v4.3.12 h1:07s4sz9IReOgdikxLTKNbBdqDMLsjPKXwvCazn8G65U= github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= -github.com/vmihailenco/tagparser v0.1.1 h1:quXMXlA39OCbd2wAdTsGDlK9RkOk6Wuw+x37wVyIuWY= +github.com/vmihailenco/msgpack/v5 v5.3.5 h1:5gO0H1iULLWGhs2H5tbAHIZTV8/cYafcFOr9znI5mJU= +github.com/vmihailenco/msgpack/v5 v5.3.5/go.mod h1:7xyJ9e+0+9SaZT0Wt1RGleJXzli6Q/V5KbhBonMG9jc= github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= -github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= +github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13 h1:fVcFKWvrslecOb/tg+Cc05dkeYx540o0FuFt3nUVDoE= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= github.com/zclconf/go-cty v1.8.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty v1.8.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= -github.com/zclconf/go-cty v1.10.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= -github.com/zclconf/go-cty v1.11.0 h1:726SxLdi2SDnjY+BStqB9J1hNp4+2WlzyXLuimibIe0= -github.com/zclconf/go-cty v1.11.0/go.mod h1:s9IfD1LK5ccNMSWCVFCE2rJfHiZgi7JijgeWIMfhLvA= +github.com/zclconf/go-cty v1.14.1 h1:t9fyA35fwjjUMcmL5hLER+e/rEPqrbCK1/OSE4SI9KA= +github.com/zclconf/go-cty v1.14.1/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= -go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4= -go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= -go.etcd.io/etcd/api/v3 v3.5.1/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= -go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= -go.etcd.io/etcd/client/pkg/v3 v3.5.1/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= -go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ= -go.etcd.io/etcd/client/v3 v3.5.0/go.mod h1:AIKXXVX/DQXtfTEqBryiLTUXwON+GuvO6Z7lLS/oTh0= -go.etcd.io/etcd/client/v3 v3.5.1/go.mod h1:OnjH4M8OnAotwaB2l9bVgZzRFKru7/ZMoS46OtKyd3Q= -go.etcd.io/etcd/pkg/v3 v3.5.0/go.mod h1:UzJGatBQ1lXChBkQF0AuAtkRQMYnHubxAEYIrC3MSsE= -go.etcd.io/etcd/raft/v3 v3.5.0/go.mod h1:UFOHSIvO/nKwd4lhkwabrTD3cqW5yVyYYf/KlD00Szc= -go.etcd.io/etcd/server/v3 v3.5.0/go.mod h1:3Ah5ruV+M+7RZr0+Y/5mNLwC+eQlni+mQmOVdCRJoS4= -go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= -go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= -go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= -go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= -go.opentelemetry.io/contrib v0.20.0/go.mod h1:G/EtFaa6qaN7+LxqfIAT3GiZa7Wv5DTBUzl5H4LY0Kc= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0/go.mod h1:oVGt1LRbBOBq1A5BQLlUg9UaU/54aiHw8cgjV3aWZ/E= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0/go.mod h1:2AboqHi0CiIZU0qwhtUfCYD1GeUzvvIXWNkhDt7ZMG4= -go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo= -go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM= -go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU= -go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw= -go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc= -go.opentelemetry.io/otel/sdk/export/metric v0.20.0/go.mod h1:h7RBNMsDJ5pmI1zExLi+bJK+Dr8NQCh0qGhm1KDnNlE= -go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4/0TjTXukfxjzSTpHE= -go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw= -go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= -go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= -go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/goleak v1.1.11-0.20210813005559-691160354723/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= -go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA= -go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/multierr v1.7.0 h1:zaiO/rmgFjbmCXdSYJWQcdvOCsthmdaHfr3Gm2Kx4Ec= -go.uber.org/multierr v1.7.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= -go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= -go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= -go.uber.org/zap v1.19.1 h1:ue41HOKd1vGURxrmeKIgELGb3jPW9DMUDGtsinblHwI= -go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +github.com/zclconf/go-cty-yaml v1.0.3 h1:og/eOQ7lvA/WWhHGFETVWNduJM7Rjsv2RRpx1sdFMLc= +github.com/zclconf/go-cty-yaml v1.0.3/go.mod h1:9YLUH4g7lOhVWqUbctnVlZ5KLpg7JAprQNgxSZ1Gyxs= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= +go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220517005047-85d78b3ac167 h1:O8uGbHCqlTp2P6QJSLmCojM4mN6UemYv8K+dCnmHmu0= -golang.org/x/crypto v0.0.0-20220517005047-85d78b3ac167/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= -golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= -golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= -golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= -golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3 h1:hNQpMuAJe5CtcUqCXaWga3FHu+kQvCqcsoVaQgSV60o= +golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= +golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200421231249-e086a090c8fd/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b h1:PxfKdU9lEEDYjdIzOtC4qFWgkU2rGHdKlKowJSMN9h0= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg= -golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= +golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= +golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ= +golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= +golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200923182605-d9f96fdee20d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f h1:v4INt8xihDGvnrfjMDVXGxw9wrfxYyCjk0KbXjhR55s= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= +golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE= +golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20220210224613-90d013bbcef8/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20220609170525-579cf78fd858 h1:Dpdu/EMxGMFgq0CeYMh4fazTD2vtlZRYE7wyynxJb9U= -golang.org/x/time v0.0.0-20220609170525-579cf78fd858/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= -golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= -golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.10-0.20220218145154-897bd77cd717/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= -golang.org/x/tools v0.1.12 h1:VveCTK38A2rkS8ZqFY25HIDFscX5X9OoEhJd3quQmXU= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc= +golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gomodules.xyz/jsonpatch/v2 v2.2.0 h1:4pT439QV83L+G9FkcCriY6EkpcK6r6bK+A5FBUMI7qY= -gomodules.xyz/jsonpatch/v2 v2.2.0/go.mod h1:WXp+iVDkoLQqPudfQ9GBlwB2eZ5DKOnjQZCYdOS8GPY= -google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= -google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= -google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= -google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= -google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= -google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= -google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= -google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= +gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= +gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/genproto v0.0.0-20170818010345-ee236bd376b0/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= -google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= -google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201102152239-715cce707fb0/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= -google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21 h1:hrbNEivu7Zn1pxvHk6MBrq9iE22woVILTHqexqBxe6I= -google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= -google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= -google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= -google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= -google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= -google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= -google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= -google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k= -google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= -google.golang.org/grpc v1.48.0 h1:rQOsyJ/8+ufEDJd/Gdsz7HG220Mh9HAhFHRGnIjda0w= -google.golang.org/grpc v1.48.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= -google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= +google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f h1:ultW7fxlIvee4HYrtnaRPon9HpEgFk5zYpmfMgtKB5I= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f/go.mod h1:L9KNLi232K1/xB6f7AlSX692koaRnKaWSR0stBki0Yc= +google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0= +google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= -google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w= -gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= -gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.24.0/go.mod h1:5Jl90IUrJHUJYEMANRURMiVvJ0g7Ax7r3R1bqO8zx8I= -k8s.io/api v0.25.0 h1:H+Q4ma2U/ww0iGB78ijZx6DRByPz6/733jIuFpX70e0= -k8s.io/api v0.25.0/go.mod h1:ttceV1GyV1i1rnmvzT3BST08N6nGt+dudGrquzVQWPk= -k8s.io/apiextensions-apiserver v0.24.0 h1:JfgFqbA8gKJ/uDT++feAqk9jBIwNnL9YGdQvaI9DLtY= -k8s.io/apiextensions-apiserver v0.24.0/go.mod h1:iuVe4aEpe6827lvO6yWQVxiPSpPoSKVjkq+MIdg84cM= -k8s.io/apimachinery v0.24.0/go.mod h1:82Bi4sCzVBdpYjyI4jY6aHX+YCUchUIrZrXKedjd2UM= -k8s.io/apimachinery v0.25.0 h1:MlP0r6+3XbkUG2itd6vp3oxbtdQLQI94fD5gCS+gnoU= -k8s.io/apimachinery v0.25.0/go.mod h1:qMx9eAk0sZQGsXGu86fab8tZdffHbwUfsvzqKn4mfB0= -k8s.io/apiserver v0.24.0/go.mod h1:WFx2yiOMawnogNToVvUYT9nn1jaIkMKj41ZYCVycsBA= -k8s.io/client-go v0.24.0/go.mod h1:VFPQET+cAFpYxh6Bq6f4xyMY80G6jKKktU6G0m00VDw= -k8s.io/client-go v0.25.0 h1:CVWIaCETLMBNiTUta3d5nzRbXvY5Hy9Dpl+VvREpu5E= -k8s.io/client-go v0.25.0/go.mod h1:lxykvypVfKilxhTklov0wz1FoaUZ8X4EwbhS6rpRfN8= -k8s.io/code-generator v0.24.0/go.mod h1:dpVhs00hTuTdTY6jvVxvTFCk6gSMrtfRydbhZwHI15w= -k8s.io/component-base v0.24.0/go.mod h1:Dgazgon0i7KYUsS8krG8muGiMVtUZxG037l1MKyXgrA= -k8s.io/component-base v0.25.0 h1:haVKlLkPCFZhkcqB6WCvpVxftrg6+FK5x1ZuaIDaQ5Y= -k8s.io/component-base v0.25.0/go.mod h1:F2Sumv9CnbBlqrpdf7rKZTmmd2meJq0HizeyY/yAFxk= -k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/gengo v0.0.0-20211129171323-c02415ce4185/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.60.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/klog/v2 v2.70.1 h1:7aaoSdahviPmR+XkS7FyxlkkXs6tHISSG03RxleQAVQ= -k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20220328201542-3ee0da9b0b42/go.mod h1:Z/45zLw8lUo4wdiUkI+v/ImEGAvu3WatcZl3lPMR4Rk= -k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 h1:MQ8BAZPZlWk3S9K4a9NCkIFQtZShWqoha7snGixVgEA= -k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU= -k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed h1:jAne/RjBTyawwAy0utX5eqigAwz/lQhTmy+Hr/Cpue4= -k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= -rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.30/go.mod h1:fEO7lRTdivWO2qYVCVG7dEADOMo/MLDCVr8So2g88Uw= -sigs.k8s.io/controller-runtime v0.12.1 h1:4BJY01xe9zKQti8oRjj/NeHKRXthf1YkYJAgLONFFoI= -sigs.k8s.io/controller-runtime v0.12.1/go.mod h1:BKhxlA4l7FPK4AQcsuL4X6vZeWnKDXez/vp1Y8dxTU0= -sigs.k8s.io/controller-tools v0.8.0 h1:uUkfTGEwrguqYYfcI2RRGUnC8mYdCFDqfwPKUcNJh1o= -sigs.k8s.io/controller-tools v0.8.0/go.mod h1:qE2DXhVOiEq5ijmINcFbqi9GZrrUjzB1TuJU0xa6eoY= -sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2/go.mod h1:B+TnT182UBxE84DiCz4CVE26eOSDAeYCpfDnC2kdKMY= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +k8s.io/api v0.29.3 h1:2ORfZ7+bGC3YJqGpV0KSDDEVf8hdGQ6A03/50vj8pmw= +k8s.io/api v0.29.3/go.mod h1:y2yg2NTyHUUkIoTC+phinTnEa3KFM6RZ3szxt014a80= +k8s.io/apiextensions-apiserver v0.29.1 h1:S9xOtyk9M3Sk1tIpQMu9wXHm5O2MX6Y1kIpPMimZBZw= +k8s.io/apiextensions-apiserver v0.29.1/go.mod h1:zZECpujY5yTW58co8V2EQR4BD6A9pktVgHhvc0uLfeU= +k8s.io/apimachinery v0.29.3 h1:2tbx+5L7RNvqJjn7RIuIKu9XTsIZ9Z5wX2G22XAa5EU= +k8s.io/apimachinery v0.29.3/go.mod h1:hx/S4V2PNW4OMg3WizRrHutyB5la0iCUbZym+W0EQIU= +k8s.io/client-go v0.29.3 h1:R/zaZbEAxqComZ9FHeQwOh3Y1ZUs7FaHKZdQtIc2WZg= +k8s.io/client-go v0.29.3/go.mod h1:tkDisCvgPfiRpxGnOORfkljmS+UrW+WtXAy2fTvXJB0= +k8s.io/component-base v0.29.1 h1:MUimqJPCRnnHsskTTjKD+IC1EHBbRCVyi37IoFBrkYw= +k8s.io/component-base v0.29.1/go.mod h1:fP9GFjxYrLERq1GcWWZAE3bqbNcDKDytn2srWuHTtKc= +k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= +k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= +k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= +k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.17.2 h1:FwHwD1CTUemg0pW2otk7/U5/i5m2ymzvOXdbeGOUvw0= +sigs.k8s.io/controller-runtime v0.17.2/go.mod h1:+MngTvIQQQhfXtwfdGw/UOQ/aIaqsYywfCINOtwMO/s= +sigs.k8s.io/controller-tools v0.14.0 h1:rnNoCC5wSXlrNoBKKzL70LNJKIQKEzT6lloG6/LF73A= +sigs.k8s.io/controller-tools v0.14.0/go.mod h1:TV7uOtNNnnR72SpzhStvPkoS/U5ir0nMudrkrC4M9Sc= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/internal/clients/cloudflare.go b/internal/clients/cloudflare.go index 3005897..7707d55 100644 --- a/internal/clients/cloudflare.go +++ b/internal/clients/cloudflare.go @@ -13,7 +13,7 @@ import ( "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" - "github.com/upbound/upjet/pkg/terraform" + "github.com/crossplane/upjet/pkg/terraform" "github.com/cdloh/provider-cloudflare/apis/v1beta1" ) diff --git a/internal/controller/access/application/zz_controller.go b/internal/controller/access/application/zz_controller.go index 656b2c4..6fae531 100755 --- a/internal/controller/access/application/zz_controller.go +++ b/internal/controller/access/application/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/access/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Application_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_application"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Application_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Application_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Application_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_application"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Application + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Application{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Application") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Application_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Application{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Application{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/access/bookmark/zz_controller.go b/internal/controller/access/bookmark/zz_controller.go index 28dcedb..1cd4d81 100755 --- a/internal/controller/access/bookmark/zz_controller.go +++ b/internal/controller/access/bookmark/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/access/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Bookmark_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_bookmark"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Bookmark_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Bookmark_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Bookmark_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_bookmark"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Bookmark + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Bookmark{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Bookmark") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Bookmark_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Bookmark{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Bookmark{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/access/cacertificate/zz_controller.go b/internal/controller/access/cacertificate/zz_controller.go index 5e33050..91f5df0 100755 --- a/internal/controller/access/cacertificate/zz_controller.go +++ b/internal/controller/access/cacertificate/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/access/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.CACertificate_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_ca_certificate"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.CACertificate_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.CACertificate_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.CACertificate_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_ca_certificate"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.CACertificate + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.CACertificate{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.CACertificate") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.CACertificate_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.CACertificate{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.CACertificate{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/access/group/zz_controller.go b/internal/controller/access/group/zz_controller.go index a82347d..7b127b6 100755 --- a/internal/controller/access/group/zz_controller.go +++ b/internal/controller/access/group/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/access/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Group_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_group"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Group_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Group_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Group_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_group"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Group + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Group{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Group") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Group_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Group{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Group{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/access/identityprovider/zz_controller.go b/internal/controller/access/identityprovider/zz_controller.go index e085f31..35896b5 100755 --- a/internal/controller/access/identityprovider/zz_controller.go +++ b/internal/controller/access/identityprovider/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/access/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.IdentityProvider_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_identity_provider"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.IdentityProvider_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.IdentityProvider_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.IdentityProvider_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_identity_provider"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.IdentityProvider + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.IdentityProvider{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.IdentityProvider") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.IdentityProvider_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.IdentityProvider{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.IdentityProvider{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/access/keysconfiguration/zz_controller.go b/internal/controller/access/keysconfiguration/zz_controller.go index e524b51..6da1cde 100755 --- a/internal/controller/access/keysconfiguration/zz_controller.go +++ b/internal/controller/access/keysconfiguration/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/access/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.KeysConfiguration_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_keys_configuration"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.KeysConfiguration_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.KeysConfiguration_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.KeysConfiguration_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_keys_configuration"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.KeysConfiguration + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.KeysConfiguration{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.KeysConfiguration") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.KeysConfiguration_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.KeysConfiguration{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.KeysConfiguration{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/access/mutualtlscertificate/zz_controller.go b/internal/controller/access/mutualtlscertificate/zz_controller.go index fb100d8..db98c9a 100755 --- a/internal/controller/access/mutualtlscertificate/zz_controller.go +++ b/internal/controller/access/mutualtlscertificate/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/access/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.MutualTLSCertificate_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_mutual_tls_certificate"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.MutualTLSCertificate_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.MutualTLSCertificate_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.MutualTLSCertificate_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_mutual_tls_certificate"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.MutualTLSCertificate + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.MutualTLSCertificate{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.MutualTLSCertificate") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.MutualTLSCertificate_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.MutualTLSCertificate{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.MutualTLSCertificate{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/access/organization/zz_controller.go b/internal/controller/access/organization/zz_controller.go index feb4c03..c23535c 100755 --- a/internal/controller/access/organization/zz_controller.go +++ b/internal/controller/access/organization/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/access/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Organization_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_organization"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Organization_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Organization_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Organization_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_organization"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Organization + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Organization{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Organization") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Organization_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Organization{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Organization{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/access/policy/zz_controller.go b/internal/controller/access/policy/zz_controller.go index 03ab952..77054eb 100755 --- a/internal/controller/access/policy/zz_controller.go +++ b/internal/controller/access/policy/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/access/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Policy_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_policy"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Policy_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Policy_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Policy_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_policy"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Policy + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Policy{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Policy") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Policy_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Policy{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Policy{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/access/rule/zz_controller.go b/internal/controller/access/rule/zz_controller.go index c8cf432..ec6c92f 100755 --- a/internal/controller/access/rule/zz_controller.go +++ b/internal/controller/access/rule/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/access/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_rule"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Rule_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_rule"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Rule + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Rule{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Rule") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Rule{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Rule{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/access/servicetoken/zz_controller.go b/internal/controller/access/servicetoken/zz_controller.go index 4ce7d40..c435687 100755 --- a/internal/controller/access/servicetoken/zz_controller.go +++ b/internal/controller/access/servicetoken/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/access/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.ServiceToken_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_service_token"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.ServiceToken_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.ServiceToken_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.ServiceToken_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_access_service_token"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.ServiceToken + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.ServiceToken{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.ServiceToken") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.ServiceToken_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.ServiceToken{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.ServiceToken{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/account/account/zz_controller.go b/internal/controller/account/account/zz_controller.go index 4a47bfc..47e95e2 100755 --- a/internal/controller/account/account/zz_controller.go +++ b/internal/controller/account/account/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/account/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Account_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_account"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Account_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Account_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Account_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_account"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Account + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Account{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Account") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Account_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Account{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Account{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/account/apitoken/zz_controller.go b/internal/controller/account/apitoken/zz_controller.go index 46bb30b..8b32a8b 100755 --- a/internal/controller/account/apitoken/zz_controller.go +++ b/internal/controller/account/apitoken/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/account/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.APIToken_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_api_token"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.APIToken_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.APIToken_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.APIToken_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_api_token"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.APIToken + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.APIToken{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.APIToken") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.APIToken_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.APIToken{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.APIToken{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/account/member/zz_controller.go b/internal/controller/account/member/zz_controller.go index b6daecf..2888f3c 100755 --- a/internal/controller/account/member/zz_controller.go +++ b/internal/controller/account/member/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/account/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Member_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_account_member"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Member_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Member_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Member_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_account_member"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Member + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Member{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Member") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Member_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Member{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Member{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/apishield/apishield/zz_controller.go b/internal/controller/apishield/apishield/zz_controller.go index 7a56e7e..b7e0908 100755 --- a/internal/controller/apishield/apishield/zz_controller.go +++ b/internal/controller/apishield/apishield/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/apishield/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.APIShield_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_api_shield"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.APIShield_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.APIShield_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.APIShield_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_api_shield"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.APIShield + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.APIShield{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.APIShield") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.APIShield_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.APIShield{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.APIShield{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/argo/argo/zz_controller.go b/internal/controller/argo/argo/zz_controller.go index 7638488..356812f 100755 --- a/internal/controller/argo/argo/zz_controller.go +++ b/internal/controller/argo/argo/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/argo/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Argo_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_argo"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Argo_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Argo_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Argo_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_argo"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Argo + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Argo{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Argo") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Argo_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Argo{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Argo{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/argo/tunnel/zz_controller.go b/internal/controller/argo/tunnel/zz_controller.go index 7e13b53..e8f89fd 100755 --- a/internal/controller/argo/tunnel/zz_controller.go +++ b/internal/controller/argo/tunnel/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/argo/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Tunnel_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_argo_tunnel"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Tunnel_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Tunnel_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Tunnel_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_argo_tunnel"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Tunnel + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Tunnel{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Tunnel") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Tunnel_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Tunnel{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Tunnel{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/argo/tunnelconfig/zz_controller.go b/internal/controller/argo/tunnelconfig/zz_controller.go index d2dd328..6ed9c19 100755 --- a/internal/controller/argo/tunnelconfig/zz_controller.go +++ b/internal/controller/argo/tunnelconfig/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/argo/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.TunnelConfig_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_tunnel_config"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.TunnelConfig_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.TunnelConfig_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.TunnelConfig_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_tunnel_config"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.TunnelConfig + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.TunnelConfig{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.TunnelConfig") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.TunnelConfig_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.TunnelConfig{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.TunnelConfig{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/argo/tunnelroute/zz_controller.go b/internal/controller/argo/tunnelroute/zz_controller.go index bd8d084..620ba38 100755 --- a/internal/controller/argo/tunnelroute/zz_controller.go +++ b/internal/controller/argo/tunnelroute/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/argo/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.TunnelRoute_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_tunnel_route"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.TunnelRoute_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.TunnelRoute_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.TunnelRoute_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_tunnel_route"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.TunnelRoute + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.TunnelRoute{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.TunnelRoute") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.TunnelRoute_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.TunnelRoute{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.TunnelRoute{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/argo/tunnelvirtualnetwork/zz_controller.go b/internal/controller/argo/tunnelvirtualnetwork/zz_controller.go index 3b52af9..2ec09d7 100755 --- a/internal/controller/argo/tunnelvirtualnetwork/zz_controller.go +++ b/internal/controller/argo/tunnelvirtualnetwork/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/argo/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.TunnelVirtualNetwork_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_tunnel_virtual_network"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.TunnelVirtualNetwork_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.TunnelVirtualNetwork_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.TunnelVirtualNetwork_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_tunnel_virtual_network"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.TunnelVirtualNetwork + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.TunnelVirtualNetwork{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.TunnelVirtualNetwork") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.TunnelVirtualNetwork_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.TunnelVirtualNetwork{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.TunnelVirtualNetwork{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/authenticatedoriginpulls/authenticatedoriginspulls/zz_controller.go b/internal/controller/authenticatedoriginpulls/authenticatedoriginspulls/zz_controller.go index 5faff41..0eae335 100755 --- a/internal/controller/authenticatedoriginpulls/authenticatedoriginspulls/zz_controller.go +++ b/internal/controller/authenticatedoriginpulls/authenticatedoriginspulls/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/authenticatedoriginpulls/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.AuthenticatedOriginsPulls_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_authenticated_origin_pulls"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.AuthenticatedOriginsPulls_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.AuthenticatedOriginsPulls_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.AuthenticatedOriginsPulls_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_authenticated_origin_pulls"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.AuthenticatedOriginsPulls + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.AuthenticatedOriginsPulls{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.AuthenticatedOriginsPulls") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.AuthenticatedOriginsPulls_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.AuthenticatedOriginsPulls{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.AuthenticatedOriginsPulls{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/authenticatedoriginpulls/certificate/zz_controller.go b/internal/controller/authenticatedoriginpulls/certificate/zz_controller.go index f684284..da167dc 100755 --- a/internal/controller/authenticatedoriginpulls/certificate/zz_controller.go +++ b/internal/controller/authenticatedoriginpulls/certificate/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/authenticatedoriginpulls/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Certificate_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_authenticated_origin_pulls_certificate"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Certificate_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Certificate_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Certificate_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_authenticated_origin_pulls_certificate"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Certificate + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Certificate{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Certificate") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Certificate_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Certificate{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Certificate{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/byoip/ipprefix/zz_controller.go b/internal/controller/byoip/ipprefix/zz_controller.go index 43fdd2c..b893064 100755 --- a/internal/controller/byoip/ipprefix/zz_controller.go +++ b/internal/controller/byoip/ipprefix/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/byoip/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.IPPrefix_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_byo_ip_prefix"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.IPPrefix_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.IPPrefix_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.IPPrefix_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_byo_ip_prefix"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.IPPrefix + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.IPPrefix{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.IPPrefix") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.IPPrefix_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.IPPrefix{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.IPPrefix{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/certificate/pack/zz_controller.go b/internal/controller/certificate/pack/zz_controller.go index 05b2ffe..bbec00c 100755 --- a/internal/controller/certificate/pack/zz_controller.go +++ b/internal/controller/certificate/pack/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/certificate/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Pack_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_certificate_pack"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Pack_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Pack_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Pack_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_certificate_pack"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Pack + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Pack{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Pack") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Pack_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Pack{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Pack{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/custom/pages/zz_controller.go b/internal/controller/custom/pages/zz_controller.go index d268d16..80c47e5 100755 --- a/internal/controller/custom/pages/zz_controller.go +++ b/internal/controller/custom/pages/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/custom/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Pages_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_custom_pages"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Pages_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Pages_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Pages_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_custom_pages"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Pages + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Pages{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Pages") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Pages_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Pages{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Pages{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/custom/ssl/zz_controller.go b/internal/controller/custom/ssl/zz_controller.go index b180079..85dd553 100755 --- a/internal/controller/custom/ssl/zz_controller.go +++ b/internal/controller/custom/ssl/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/custom/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.SSL_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_custom_ssl"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.SSL_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.SSL_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.SSL_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_custom_ssl"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.SSL + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.SSL{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.SSL") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.SSL_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.SSL{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.SSL{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/customhostname/fallbackorigin/zz_controller.go b/internal/controller/customhostname/fallbackorigin/zz_controller.go index 9a6fad7..8c63c6e 100755 --- a/internal/controller/customhostname/fallbackorigin/zz_controller.go +++ b/internal/controller/customhostname/fallbackorigin/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/customhostname/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.FallbackOrigin_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_custom_hostname_fallback_origin"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.FallbackOrigin_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.FallbackOrigin_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.FallbackOrigin_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_custom_hostname_fallback_origin"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.FallbackOrigin + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.FallbackOrigin{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.FallbackOrigin") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.FallbackOrigin_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.FallbackOrigin{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.FallbackOrigin{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/customhostname/hostname/zz_controller.go b/internal/controller/customhostname/hostname/zz_controller.go index 8ee110d..5946fcd 100755 --- a/internal/controller/customhostname/hostname/zz_controller.go +++ b/internal/controller/customhostname/hostname/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/customhostname/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Hostname_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_custom_hostname"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Hostname_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Hostname_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Hostname_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_custom_hostname"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Hostname + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Hostname{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Hostname") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Hostname_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Hostname{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Hostname{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/dlp/profile/zz_controller.go b/internal/controller/dlp/profile/zz_controller.go index 5bc24ad..cde6080 100755 --- a/internal/controller/dlp/profile/zz_controller.go +++ b/internal/controller/dlp/profile/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/dlp/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Profile_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_dlp_profile"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Profile_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Profile_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Profile_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_dlp_profile"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Profile + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Profile{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Profile") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Profile_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Profile{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Profile{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/dns/record/zz_controller.go b/internal/controller/dns/record/zz_controller.go index 196b878..e77c26b 100755 --- a/internal/controller/dns/record/zz_controller.go +++ b/internal/controller/dns/record/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/dns/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Record_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_record"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Record_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Record_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Record_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_record"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Record + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Record{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Record") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Record_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Record{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Record{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/emailrouting/address/zz_controller.go b/internal/controller/emailrouting/address/zz_controller.go index ec95271..838d0f5 100755 --- a/internal/controller/emailrouting/address/zz_controller.go +++ b/internal/controller/emailrouting/address/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/emailrouting/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Address_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_email_routing_address"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Address_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Address_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Address_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_email_routing_address"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Address + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Address{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Address") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Address_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Address{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Address{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/emailrouting/catchall/zz_controller.go b/internal/controller/emailrouting/catchall/zz_controller.go index 7e5477b..b0fbcf6 100755 --- a/internal/controller/emailrouting/catchall/zz_controller.go +++ b/internal/controller/emailrouting/catchall/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/emailrouting/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.CatchAll_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_email_routing_catch_all"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.CatchAll_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.CatchAll_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.CatchAll_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_email_routing_catch_all"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.CatchAll + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.CatchAll{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.CatchAll") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.CatchAll_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.CatchAll{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.CatchAll{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/emailrouting/rule/zz_controller.go b/internal/controller/emailrouting/rule/zz_controller.go index 733a134..a725e20 100755 --- a/internal/controller/emailrouting/rule/zz_controller.go +++ b/internal/controller/emailrouting/rule/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/emailrouting/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_email_routing_rule"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Rule_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_email_routing_rule"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Rule + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Rule{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Rule") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Rule{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Rule{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/emailrouting/settings/zz_controller.go b/internal/controller/emailrouting/settings/zz_controller.go index 6cd1dbd..9c0ada2 100755 --- a/internal/controller/emailrouting/settings/zz_controller.go +++ b/internal/controller/emailrouting/settings/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/emailrouting/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Settings_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_email_routing_settings"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Settings_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Settings_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Settings_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_email_routing_settings"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Settings + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Settings{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Settings") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Settings_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Settings{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Settings{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/filters/filter/zz_controller.go b/internal/controller/filters/filter/zz_controller.go index 59cfc42..43dc915 100755 --- a/internal/controller/filters/filter/zz_controller.go +++ b/internal/controller/filters/filter/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/filters/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Filter_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_filter"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Filter_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Filter_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Filter_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_filter"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Filter + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Filter{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Filter") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Filter_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Filter{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Filter{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/firewall/rule/zz_controller.go b/internal/controller/firewall/rule/zz_controller.go index 51fe060..ec8c99e 100755 --- a/internal/controller/firewall/rule/zz_controller.go +++ b/internal/controller/firewall/rule/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/firewall/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_firewall_rule"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Rule_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_firewall_rule"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Rule + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Rule{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Rule") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Rule{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Rule{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/lists/iplist/zz_controller.go b/internal/controller/lists/iplist/zz_controller.go index fe5f9c7..71255a9 100755 --- a/internal/controller/lists/iplist/zz_controller.go +++ b/internal/controller/lists/iplist/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/lists/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.IPList_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_ip_list"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.IPList_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.IPList_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.IPList_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_ip_list"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.IPList + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.IPList{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.IPList") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.IPList_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.IPList{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.IPList{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/lists/list/zz_controller.go b/internal/controller/lists/list/zz_controller.go index cdaa34e..0e9c9b6 100755 --- a/internal/controller/lists/list/zz_controller.go +++ b/internal/controller/lists/list/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/lists/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.List_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_list"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.List_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.List_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.List_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_list"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.List + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.List{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.List") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.List_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.List{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.List{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/loadbalancer/loadbalancer/zz_controller.go b/internal/controller/loadbalancer/loadbalancer/zz_controller.go index c605cfb..ded190a 100755 --- a/internal/controller/loadbalancer/loadbalancer/zz_controller.go +++ b/internal/controller/loadbalancer/loadbalancer/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/loadbalancer/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.LoadBalancer_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_load_balancer"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.LoadBalancer_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.LoadBalancer_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.LoadBalancer_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_load_balancer"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.LoadBalancer + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.LoadBalancer{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.LoadBalancer") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.LoadBalancer_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.LoadBalancer{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.LoadBalancer{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/loadbalancer/monitor/zz_controller.go b/internal/controller/loadbalancer/monitor/zz_controller.go index 9d08fee..4ce29f1 100755 --- a/internal/controller/loadbalancer/monitor/zz_controller.go +++ b/internal/controller/loadbalancer/monitor/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/loadbalancer/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Monitor_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_load_balancer_monitor"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Monitor_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Monitor_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Monitor_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_load_balancer_monitor"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Monitor + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Monitor{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Monitor") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Monitor_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Monitor{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Monitor{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/loadbalancer/pool/zz_controller.go b/internal/controller/loadbalancer/pool/zz_controller.go index 612649c..af80b92 100755 --- a/internal/controller/loadbalancer/pool/zz_controller.go +++ b/internal/controller/loadbalancer/pool/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/loadbalancer/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Pool_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_load_balancer_pool"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Pool_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Pool_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Pool_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_load_balancer_pool"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Pool + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Pool{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Pool") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Pool_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Pool{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Pool{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/logpush/job/zz_controller.go b/internal/controller/logpush/job/zz_controller.go index 78b78d5..0fcd76e 100755 --- a/internal/controller/logpush/job/zz_controller.go +++ b/internal/controller/logpush/job/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/logpush/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Job_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_logpush_job"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Job_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Job_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Job_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_logpush_job"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Job + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Job{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Job") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Job_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Job{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Job{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/logpush/ownershipchallenge/zz_controller.go b/internal/controller/logpush/ownershipchallenge/zz_controller.go index 4190547..8c35bcf 100755 --- a/internal/controller/logpush/ownershipchallenge/zz_controller.go +++ b/internal/controller/logpush/ownershipchallenge/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/logpush/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.OwnershipChallenge_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_logpush_ownership_challenge"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.OwnershipChallenge_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.OwnershipChallenge_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.OwnershipChallenge_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_logpush_ownership_challenge"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.OwnershipChallenge + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.OwnershipChallenge{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.OwnershipChallenge") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.OwnershipChallenge_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.OwnershipChallenge{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.OwnershipChallenge{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/magic/firewallruleset/zz_controller.go b/internal/controller/magic/firewallruleset/zz_controller.go index 396944e..e1cdac0 100755 --- a/internal/controller/magic/firewallruleset/zz_controller.go +++ b/internal/controller/magic/firewallruleset/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/magic/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.FirewallRuleset_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_magic_firewall_ruleset"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.FirewallRuleset_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.FirewallRuleset_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.FirewallRuleset_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_magic_firewall_ruleset"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.FirewallRuleset + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.FirewallRuleset{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.FirewallRuleset") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.FirewallRuleset_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.FirewallRuleset{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.FirewallRuleset{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/magic/gretunnel/zz_controller.go b/internal/controller/magic/gretunnel/zz_controller.go index e893f39..8892ca2 100755 --- a/internal/controller/magic/gretunnel/zz_controller.go +++ b/internal/controller/magic/gretunnel/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/magic/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.GRETunnel_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_gre_tunnel"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.GRETunnel_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.GRETunnel_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.GRETunnel_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_gre_tunnel"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.GRETunnel + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.GRETunnel{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.GRETunnel") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.GRETunnel_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.GRETunnel{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.GRETunnel{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/magic/ipsectunnel/zz_controller.go b/internal/controller/magic/ipsectunnel/zz_controller.go index c9ca3ba..eade82e 100755 --- a/internal/controller/magic/ipsectunnel/zz_controller.go +++ b/internal/controller/magic/ipsectunnel/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/magic/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.IPsecTunnel_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_ipsec_tunnel"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.IPsecTunnel_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.IPsecTunnel_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.IPsecTunnel_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_ipsec_tunnel"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.IPsecTunnel + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.IPsecTunnel{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.IPsecTunnel") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.IPsecTunnel_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.IPsecTunnel{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.IPsecTunnel{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/magic/staticroute/zz_controller.go b/internal/controller/magic/staticroute/zz_controller.go index 118f8f6..4880cad 100755 --- a/internal/controller/magic/staticroute/zz_controller.go +++ b/internal/controller/magic/staticroute/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/magic/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.StaticRoute_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_static_route"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.StaticRoute_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.StaticRoute_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.StaticRoute_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_static_route"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.StaticRoute + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.StaticRoute{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.StaticRoute") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.StaticRoute_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.StaticRoute{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.StaticRoute{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/notification/policy/zz_controller.go b/internal/controller/notification/policy/zz_controller.go index 3bbe3f1..436cbab 100755 --- a/internal/controller/notification/policy/zz_controller.go +++ b/internal/controller/notification/policy/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/notification/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Policy_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_notification_policy"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Policy_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Policy_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Policy_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_notification_policy"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Policy + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Policy{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Policy") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Policy_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Policy{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Policy{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/notification/policywebhooks/zz_controller.go b/internal/controller/notification/policywebhooks/zz_controller.go index c2ff11d..2a623eb 100755 --- a/internal/controller/notification/policywebhooks/zz_controller.go +++ b/internal/controller/notification/policywebhooks/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/notification/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.PolicyWebhooks_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_notification_policy_webhooks"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.PolicyWebhooks_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.PolicyWebhooks_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.PolicyWebhooks_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_notification_policy_webhooks"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.PolicyWebhooks + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.PolicyWebhooks{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.PolicyWebhooks") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.PolicyWebhooks_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.PolicyWebhooks{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.PolicyWebhooks{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/originca/certificate/zz_controller.go b/internal/controller/originca/certificate/zz_controller.go index 2e3994e..485ddd8 100755 --- a/internal/controller/originca/certificate/zz_controller.go +++ b/internal/controller/originca/certificate/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/originca/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Certificate_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_origin_ca_certificate"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Certificate_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Certificate_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Certificate_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_origin_ca_certificate"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Certificate + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Certificate{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Certificate") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Certificate_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Certificate{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Certificate{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/page/rule/zz_controller.go b/internal/controller/page/rule/zz_controller.go index f6acdd8..61d143f 100755 --- a/internal/controller/page/rule/zz_controller.go +++ b/internal/controller/page/rule/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/page/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_page_rule"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Rule_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_page_rule"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Rule + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Rule{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Rule") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Rule{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Rule{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/pages/domain/zz_controller.go b/internal/controller/pages/domain/zz_controller.go index 0eb123f..9bd0f16 100755 --- a/internal/controller/pages/domain/zz_controller.go +++ b/internal/controller/pages/domain/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/pages/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Domain_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_pages_domain"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Domain_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Domain_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Domain_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_pages_domain"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Domain + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Domain{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Domain") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Domain_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Domain{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Domain{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/pages/project/zz_controller.go b/internal/controller/pages/project/zz_controller.go index b75f165..55a154a 100755 --- a/internal/controller/pages/project/zz_controller.go +++ b/internal/controller/pages/project/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/pages/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Project_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_pages_project"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Project_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Project_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Project_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_pages_project"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Project + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Project{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Project") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Project_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Project{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Project{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/providerconfig/config.go b/internal/controller/providerconfig/config.go index 945344b..937b326 100644 --- a/internal/controller/providerconfig/config.go +++ b/internal/controller/providerconfig/config.go @@ -6,12 +6,11 @@ package providerconfig import ( ctrl "sigs.k8s.io/controller-runtime" - "sigs.k8s.io/controller-runtime/pkg/source" "github.com/crossplane/crossplane-runtime/pkg/event" "github.com/crossplane/crossplane-runtime/pkg/reconciler/providerconfig" "github.com/crossplane/crossplane-runtime/pkg/resource" - "github.com/upbound/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller" "github.com/cdloh/provider-cloudflare/apis/v1beta1" ) @@ -30,7 +29,7 @@ func Setup(mgr ctrl.Manager, o controller.Options) error { Named(name). WithOptions(o.ForControllerRuntime()). For(&v1beta1.ProviderConfig{}). - Watches(&source.Kind{Type: &v1beta1.ProviderConfigUsage{}}, &resource.EnqueueRequestForProviderConfig{}). + Watches(&v1beta1.ProviderConfigUsage{}, &resource.EnqueueRequestForProviderConfig{}). Complete(providerconfig.NewReconciler(mgr, of, providerconfig.WithLogger(o.Logger.WithValues("controller", name)), providerconfig.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))))) diff --git a/internal/controller/ruleset/ruleset/zz_controller.go b/internal/controller/ruleset/ruleset/zz_controller.go index 32903bf..37455f3 100755 --- a/internal/controller/ruleset/ruleset/zz_controller.go +++ b/internal/controller/ruleset/ruleset/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/ruleset/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Ruleset_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_ruleset"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Ruleset_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Ruleset_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Ruleset_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_ruleset"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Ruleset + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Ruleset{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Ruleset") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Ruleset_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Ruleset{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Ruleset{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/spectrum/application/zz_controller.go b/internal/controller/spectrum/application/zz_controller.go index 2291cb2..1cb914d 100755 --- a/internal/controller/spectrum/application/zz_controller.go +++ b/internal/controller/spectrum/application/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/spectrum/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Application_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_spectrum_application"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Application_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Application_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Application_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_spectrum_application"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Application + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Application{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Application") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Application_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Application{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Application{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/teams/account/zz_controller.go b/internal/controller/teams/account/zz_controller.go index ed68da6..19dd97c 100755 --- a/internal/controller/teams/account/zz_controller.go +++ b/internal/controller/teams/account/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/teams/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Account_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_teams_account"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Account_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Account_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Account_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_teams_account"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Account + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Account{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Account") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Account_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Account{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Account{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/teams/list/zz_controller.go b/internal/controller/teams/list/zz_controller.go index 4b1f382..d465755 100755 --- a/internal/controller/teams/list/zz_controller.go +++ b/internal/controller/teams/list/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/teams/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.List_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_teams_list"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.List_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.List_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.List_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_teams_list"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.List + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.List{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.List") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.List_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.List{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.List{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/teams/location/zz_controller.go b/internal/controller/teams/location/zz_controller.go index 94ee111..ad53a39 100755 --- a/internal/controller/teams/location/zz_controller.go +++ b/internal/controller/teams/location/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/teams/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Location_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_teams_location"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Location_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Location_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Location_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_teams_location"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Location + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Location{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Location") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Location_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Location{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Location{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/teams/proxyendpoint/zz_controller.go b/internal/controller/teams/proxyendpoint/zz_controller.go index 6f37498..4fa7069 100755 --- a/internal/controller/teams/proxyendpoint/zz_controller.go +++ b/internal/controller/teams/proxyendpoint/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/teams/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.ProxyEndpoint_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_teams_proxy_endpoint"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.ProxyEndpoint_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.ProxyEndpoint_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.ProxyEndpoint_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_teams_proxy_endpoint"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.ProxyEndpoint + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.ProxyEndpoint{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.ProxyEndpoint") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.ProxyEndpoint_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.ProxyEndpoint{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.ProxyEndpoint{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/teams/rule/zz_controller.go b/internal/controller/teams/rule/zz_controller.go index 9f81259..ff918c4 100755 --- a/internal/controller/teams/rule/zz_controller.go +++ b/internal/controller/teams/rule/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/teams/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_teams_rule"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Rule_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_teams_rule"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Rule + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Rule{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Rule") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Rule{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Rule{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/waf/group/zz_controller.go b/internal/controller/waf/group/zz_controller.go index 6a00e3a..d385960 100755 --- a/internal/controller/waf/group/zz_controller.go +++ b/internal/controller/waf/group/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/waf/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Group_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waf_group"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Group_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Group_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Group_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waf_group"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Group + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Group{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Group") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Group_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Group{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Group{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/waf/override/zz_controller.go b/internal/controller/waf/override/zz_controller.go index 07f6e01..8cf666a 100755 --- a/internal/controller/waf/override/zz_controller.go +++ b/internal/controller/waf/override/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/waf/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Override_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waf_override"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Override_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Override_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Override_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waf_override"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Override + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Override{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Override") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Override_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Override{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Override{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/waf/rule/zz_controller.go b/internal/controller/waf/rule/zz_controller.go index 706c424..2556a84 100755 --- a/internal/controller/waf/rule/zz_controller.go +++ b/internal/controller/waf/rule/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/waf/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waf_rule"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Rule_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waf_rule"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Rule + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Rule{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Rule") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Rule_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Rule{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Rule{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/waf/wafpackage/zz_controller.go b/internal/controller/waf/wafpackage/zz_controller.go index d9a590a..f0f67cb 100755 --- a/internal/controller/waf/wafpackage/zz_controller.go +++ b/internal/controller/waf/wafpackage/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/waf/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.WAFPackage_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waf_package"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.WAFPackage_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.WAFPackage_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.WAFPackage_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waf_package"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.WAFPackage + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.WAFPackage{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.WAFPackage") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.WAFPackage_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.WAFPackage{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.WAFPackage{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/waitingroom/event/zz_controller.go b/internal/controller/waitingroom/event/zz_controller.go index bb08a2d..c922a63 100755 --- a/internal/controller/waitingroom/event/zz_controller.go +++ b/internal/controller/waitingroom/event/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/waitingroom/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Event_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waiting_room_event"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Event_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Event_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Event_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waiting_room_event"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Event + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Event{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Event") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Event_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Event{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Event{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/waitingroom/room/zz_controller.go b/internal/controller/waitingroom/room/zz_controller.go index d4f6723..3df2714 100755 --- a/internal/controller/waitingroom/room/zz_controller.go +++ b/internal/controller/waitingroom/room/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/waitingroom/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Room_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waiting_room"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Room_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Room_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Room_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waiting_room"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Room + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Room{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Room") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Room_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Room{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Room{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/waitingroom/rules/zz_controller.go b/internal/controller/waitingroom/rules/zz_controller.go index 590ac58..2f3e650 100755 --- a/internal/controller/waitingroom/rules/zz_controller.go +++ b/internal/controller/waitingroom/rules/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/waitingroom/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Rules_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waiting_room_rules"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rules_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Rules_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Rules_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_waiting_room_rules"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Rules + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Rules{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Rules") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Rules_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Rules{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Rules{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/warp/devicepolicycertificates/zz_controller.go b/internal/controller/warp/devicepolicycertificates/zz_controller.go index daad62c..7f61628 100755 --- a/internal/controller/warp/devicepolicycertificates/zz_controller.go +++ b/internal/controller/warp/devicepolicycertificates/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/warp/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.DevicePolicyCertificates_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_device_policy_certificates"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.DevicePolicyCertificates_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.DevicePolicyCertificates_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.DevicePolicyCertificates_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_device_policy_certificates"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.DevicePolicyCertificates + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.DevicePolicyCertificates{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.DevicePolicyCertificates") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.DevicePolicyCertificates_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.DevicePolicyCertificates{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.DevicePolicyCertificates{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/warp/devicepostureintegration/zz_controller.go b/internal/controller/warp/devicepostureintegration/zz_controller.go index ec5c2e1..15ad062 100755 --- a/internal/controller/warp/devicepostureintegration/zz_controller.go +++ b/internal/controller/warp/devicepostureintegration/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/warp/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.DevicePostureIntegration_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_device_posture_integration"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.DevicePostureIntegration_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.DevicePostureIntegration_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.DevicePostureIntegration_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_device_posture_integration"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.DevicePostureIntegration + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.DevicePostureIntegration{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.DevicePostureIntegration") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.DevicePostureIntegration_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.DevicePostureIntegration{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.DevicePostureIntegration{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/warp/deviceposturerule/zz_controller.go b/internal/controller/warp/deviceposturerule/zz_controller.go index 9b92b13..5e14990 100755 --- a/internal/controller/warp/deviceposturerule/zz_controller.go +++ b/internal/controller/warp/deviceposturerule/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/warp/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.DevicePostureRule_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_device_posture_rule"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.DevicePostureRule_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.DevicePostureRule_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.DevicePostureRule_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_device_posture_rule"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.DevicePostureRule + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.DevicePostureRule{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.DevicePostureRule") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.DevicePostureRule_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.DevicePostureRule{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.DevicePostureRule{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/warp/devicesettingspolicy/zz_controller.go b/internal/controller/warp/devicesettingspolicy/zz_controller.go index 5d46f66..c2ff8e8 100755 --- a/internal/controller/warp/devicesettingspolicy/zz_controller.go +++ b/internal/controller/warp/devicesettingspolicy/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/warp/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.DeviceSettingsPolicy_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_device_settings_policy"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.DeviceSettingsPolicy_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.DeviceSettingsPolicy_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.DeviceSettingsPolicy_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_device_settings_policy"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.DeviceSettingsPolicy + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.DeviceSettingsPolicy{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.DeviceSettingsPolicy") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.DeviceSettingsPolicy_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.DeviceSettingsPolicy{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.DeviceSettingsPolicy{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/warp/fallbackdomain/zz_controller.go b/internal/controller/warp/fallbackdomain/zz_controller.go index e2e636d..c79a3f4 100755 --- a/internal/controller/warp/fallbackdomain/zz_controller.go +++ b/internal/controller/warp/fallbackdomain/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/warp/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.FallbackDomain_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_fallback_domain"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.FallbackDomain_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.FallbackDomain_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.FallbackDomain_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_fallback_domain"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.FallbackDomain + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.FallbackDomain{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.FallbackDomain") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.FallbackDomain_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.FallbackDomain{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.FallbackDomain{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/warp/splittunnel/zz_controller.go b/internal/controller/warp/splittunnel/zz_controller.go index d5f629a..d8d5da5 100755 --- a/internal/controller/warp/splittunnel/zz_controller.go +++ b/internal/controller/warp/splittunnel/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/warp/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.SplitTunnel_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_split_tunnel"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.SplitTunnel_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.SplitTunnel_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.SplitTunnel_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_split_tunnel"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.SplitTunnel + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.SplitTunnel{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.SplitTunnel") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.SplitTunnel_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.SplitTunnel{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.SplitTunnel{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/web3/hostname/zz_controller.go b/internal/controller/web3/hostname/zz_controller.go index 6cdf738..8120881 100755 --- a/internal/controller/web3/hostname/zz_controller.go +++ b/internal/controller/web3/hostname/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/web3/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Hostname_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_web3_hostname"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Hostname_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Hostname_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Hostname_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_web3_hostname"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Hostname + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Hostname{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Hostname") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Hostname_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Hostname{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Hostname{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/worker/crontrigger/zz_controller.go b/internal/controller/worker/crontrigger/zz_controller.go index 00ed88f..23819bf 100755 --- a/internal/controller/worker/crontrigger/zz_controller.go +++ b/internal/controller/worker/crontrigger/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/worker/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.CronTrigger_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_worker_cron_trigger"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.CronTrigger_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.CronTrigger_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.CronTrigger_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_worker_cron_trigger"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.CronTrigger + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.CronTrigger{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.CronTrigger") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.CronTrigger_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.CronTrigger{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.CronTrigger{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/worker/kv/zz_controller.go b/internal/controller/worker/kv/zz_controller.go index fa3e6e7..2724a20 100755 --- a/internal/controller/worker/kv/zz_controller.go +++ b/internal/controller/worker/kv/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/worker/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.KV_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_workers_kv"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.KV_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.KV_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.KV_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_workers_kv"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.KV + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.KV{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.KV") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.KV_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.KV{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.KV{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/worker/kvnamespace/zz_controller.go b/internal/controller/worker/kvnamespace/zz_controller.go index 1ce780d..226d87c 100755 --- a/internal/controller/worker/kvnamespace/zz_controller.go +++ b/internal/controller/worker/kvnamespace/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/worker/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.KVNamespace_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_workers_kv_namespace"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.KVNamespace_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.KVNamespace_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.KVNamespace_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_workers_kv_namespace"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.KVNamespace + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.KVNamespace{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.KVNamespace") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.KVNamespace_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.KVNamespace{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.KVNamespace{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/worker/route/zz_controller.go b/internal/controller/worker/route/zz_controller.go index c7449b5..18e78c6 100755 --- a/internal/controller/worker/route/zz_controller.go +++ b/internal/controller/worker/route/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/worker/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Route_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_worker_route"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Route_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Route_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Route_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_worker_route"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Route + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Route{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Route") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Route_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Route{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Route{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/worker/script/zz_controller.go b/internal/controller/worker/script/zz_controller.go index 56a3a33..870622d 100755 --- a/internal/controller/worker/script/zz_controller.go +++ b/internal/controller/worker/script/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/worker/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Script_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_worker_script"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Script_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Script_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Script_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_worker_script"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Script + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Script{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Script") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Script_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Script{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Script{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/zone/dnssec/zz_controller.go b/internal/controller/zone/dnssec/zz_controller.go index 4ff4a9e..10b47df 100755 --- a/internal/controller/zone/dnssec/zz_controller.go +++ b/internal/controller/zone/dnssec/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.DNSSEC_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_zone_dnssec"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.DNSSEC_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.DNSSEC_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.DNSSEC_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_zone_dnssec"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.DNSSEC + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.DNSSEC{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.DNSSEC") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.DNSSEC_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.DNSSEC{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.DNSSEC{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/zone/healthcheck/zz_controller.go b/internal/controller/zone/healthcheck/zz_controller.go index 19edc8c..64589bd 100755 --- a/internal/controller/zone/healthcheck/zz_controller.go +++ b/internal/controller/zone/healthcheck/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Healthcheck_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_healthcheck"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Healthcheck_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Healthcheck_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Healthcheck_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_healthcheck"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Healthcheck + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Healthcheck{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Healthcheck") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Healthcheck_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Healthcheck{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Healthcheck{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/zone/logpullretention/zz_controller.go b/internal/controller/zone/logpullretention/zz_controller.go index ed92360..3ccea94 100755 --- a/internal/controller/zone/logpullretention/zz_controller.go +++ b/internal/controller/zone/logpullretention/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.LogpullRetention_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_logpull_retention"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.LogpullRetention_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.LogpullRetention_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.LogpullRetention_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_logpull_retention"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.LogpullRetention + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.LogpullRetention{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.LogpullRetention") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.LogpullRetention_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.LogpullRetention{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.LogpullRetention{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/zone/managedheaders/zz_controller.go b/internal/controller/zone/managedheaders/zz_controller.go index 043b664..270d5e9 100755 --- a/internal/controller/zone/managedheaders/zz_controller.go +++ b/internal/controller/zone/managedheaders/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.ManagedHeaders_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_managed_headers"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.ManagedHeaders_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.ManagedHeaders_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.ManagedHeaders_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_managed_headers"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.ManagedHeaders + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.ManagedHeaders{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.ManagedHeaders") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.ManagedHeaders_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.ManagedHeaders{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.ManagedHeaders{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/zone/ratelimit/zz_controller.go b/internal/controller/zone/ratelimit/zz_controller.go index a7bf6b3..683f060 100755 --- a/internal/controller/zone/ratelimit/zz_controller.go +++ b/internal/controller/zone/ratelimit/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.RateLimit_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_rate_limit"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.RateLimit_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.RateLimit_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.RateLimit_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_rate_limit"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.RateLimit + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.RateLimit{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.RateLimit") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.RateLimit_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.RateLimit{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.RateLimit{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/zone/settingsoverride/zz_controller.go b/internal/controller/zone/settingsoverride/zz_controller.go index 6cc8d64..883edd0 100755 --- a/internal/controller/zone/settingsoverride/zz_controller.go +++ b/internal/controller/zone/settingsoverride/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.SettingsOverride_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_zone_settings_override"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.SettingsOverride_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.SettingsOverride_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.SettingsOverride_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_zone_settings_override"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.SettingsOverride + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.SettingsOverride{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.SettingsOverride") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.SettingsOverride_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.SettingsOverride{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.SettingsOverride{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/zone/tieredcache/zz_controller.go b/internal/controller/zone/tieredcache/zz_controller.go index 80920a7..b230241 100755 --- a/internal/controller/zone/tieredcache/zz_controller.go +++ b/internal/controller/zone/tieredcache/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.TieredCache_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_tiered_cache"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.TieredCache_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.TieredCache_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.TieredCache_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_tiered_cache"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.TieredCache + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.TieredCache{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.TieredCache") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.TieredCache_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.TieredCache{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.TieredCache{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/zone/totaltls/zz_controller.go b/internal/controller/zone/totaltls/zz_controller.go index e87c173..54e9833 100755 --- a/internal/controller/zone/totaltls/zz_controller.go +++ b/internal/controller/zone/totaltls/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.TotalTLS_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_total_tls"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.TotalTLS_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.TotalTLS_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.TotalTLS_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_total_tls"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.TotalTLS + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.TotalTLS{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.TotalTLS") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.TotalTLS_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.TotalTLS{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.TotalTLS{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/zone/urlnormalizationsettings/zz_controller.go b/internal/controller/zone/urlnormalizationsettings/zz_controller.go index 1f49fd1..f8fc55e 100755 --- a/internal/controller/zone/urlnormalizationsettings/zz_controller.go +++ b/internal/controller/zone/urlnormalizationsettings/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.URLNormalizationSettings_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_url_normalization_settings"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.URLNormalizationSettings_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.URLNormalizationSettings_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.URLNormalizationSettings_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_url_normalization_settings"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.URLNormalizationSettings + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.URLNormalizationSettings{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.URLNormalizationSettings") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.URLNormalizationSettings_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.URLNormalizationSettings{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.URLNormalizationSettings{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/zone/useragentblockingrule/zz_controller.go b/internal/controller/zone/useragentblockingrule/zz_controller.go index 6c6fc60..d7bdc58 100755 --- a/internal/controller/zone/useragentblockingrule/zz_controller.go +++ b/internal/controller/zone/useragentblockingrule/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.UserAgentBlockingRule_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_user_agent_blocking_rule"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.UserAgentBlockingRule_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.UserAgentBlockingRule_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.UserAgentBlockingRule_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_user_agent_blocking_rule"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.UserAgentBlockingRule + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.UserAgentBlockingRule{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.UserAgentBlockingRule") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.UserAgentBlockingRule_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.UserAgentBlockingRule{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.UserAgentBlockingRule{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/zone/zone/zz_controller.go b/internal/controller/zone/zone/zz_controller.go index f744a77..f2eeff2 100755 --- a/internal/controller/zone/zone/zz_controller.go +++ b/internal/controller/zone/zone/zz_controller.go @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 + /* Copyright 2022 Upbound Inc. */ @@ -14,8 +18,10 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" - tjcontroller "github.com/upbound/upjet/pkg/controller" - "github.com/upbound/upjet/pkg/terraform" + tjcontroller "github.com/crossplane/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller/handler" + "github.com/crossplane/upjet/pkg/terraform" + "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" v1alpha1 "github.com/cdloh/provider-cloudflare/apis/zone/v1alpha1" @@ -27,25 +33,42 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { var initializers managed.InitializerChain cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} if o.SecretStoreConfigGVK != nil { - cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } - r := managed.NewReconciler(mgr, - xpresource.ManagedKind(v1alpha1.Zone_GroupVersionKind), - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_zone"], - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Zone_GroupVersionKind))), + eventHandler := handler.NewEventHandler(handler.WithLogger(o.Logger.WithValues("gvk", v1alpha1.Zone_GroupVersionKind))) + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1alpha1.Zone_GroupVersionKind), tjcontroller.WithEventHandler(eventHandler)) + opts := []managed.ReconcilerOption{ + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["cloudflare_zone"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(eventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), - managed.WithTimeout(3*time.Minute), + managed.WithTimeout(3 * time.Minute), managed.WithInitializers(initializers), managed.WithConnectionPublishers(cps...), managed.WithPollInterval(o.PollInterval), - ) + } + if o.PollJitter != 0 { + opts = append(opts, managed.WithPollJitterHook(o.PollJitter)) + } + + // register webhooks for the kind v1alpha1.Zone + // if they're enabled. + if o.StartWebhooks { + if err := ctrl.NewWebhookManagedBy(mgr). + For(&v1alpha1.Zone{}). + Complete(); err != nil { + return errors.Wrap(err, "cannot register webhook for the kind v1alpha1.Zone") + } + } + + r := managed.NewReconciler(mgr, xpresource.ManagedKind(v1alpha1.Zone_GroupVersionKind), opts...) return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1alpha1.Zone{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1alpha1.Zone{}, eventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/zz_setup.go b/internal/controller/zz_setup.go index 0777714..d183958 100755 --- a/internal/controller/zz_setup.go +++ b/internal/controller/zz_setup.go @@ -1,13 +1,13 @@ -/* -Copyright 2021 Upbound Inc. -*/ +// SPDX-FileCopyrightText: 2023 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 package controller import ( ctrl "sigs.k8s.io/controller-runtime" - "github.com/upbound/upjet/pkg/controller" + "github.com/crossplane/upjet/pkg/controller" application "github.com/cdloh/provider-cloudflare/internal/controller/access/application" bookmark "github.com/cdloh/provider-cloudflare/internal/controller/access/bookmark" diff --git a/internal/features/features.go b/internal/features/features.go index 420cd55..96fd480 100644 --- a/internal/features/features.go +++ b/internal/features/features.go @@ -4,12 +4,19 @@ package features -import "github.com/crossplane/crossplane-runtime/pkg/feature" +import ( + xpfeature "github.com/crossplane/crossplane-runtime/pkg/feature" +) // Feature flags. const ( // EnableAlphaExternalSecretStores enables alpha support for // External Secret Stores. See the below design for more details. // https://github.com/crossplane/crossplane/blob/390ddd/design/design-doc-external-secret-stores.md - EnableAlphaExternalSecretStores feature.Flag = "EnableAlphaExternalSecretStores" + EnableAlphaExternalSecretStores xpfeature.Flag = "EnableAlphaExternalSecretStores" + + // EnableBetaManagementPolicies enables beta support for + // Management Policies. See the below design for more details. + // https://github.com/crossplane/crossplane/pull/3531 + EnableBetaManagementPolicies xpfeature.Flag = xpfeature.EnableBetaManagementPolicies ) diff --git a/package/crds/access.cloudflare.upbound.io_applications.yaml b/package/crds/access.cloudflare.upbound.io_applications.yaml index 0e7e139..31054ef 100644 --- a/package/crds/access.cloudflare.upbound.io_applications.yaml +++ b/package/crds/access.cloudflare.upbound.io_applications.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: applications.access.cloudflare.upbound.io spec: group: access.cloudflare.upbound.io @@ -35,17 +34,25 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Application is the Schema for the Applications API. + description: Application is the Schema for the Applications API. Provides + a Cloudflare Access Application resource. Access Applications are used to + restrict access to a whole application using an authorisation gateway managed + by Cloudflare. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +61,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +76,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Conflicts with `zone_id`. + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +91,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +118,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +133,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,134 +155,167 @@ spec: type: object type: object allowedIdps: - description: The identity providers selected for the application. + description: |- + (Set of String) The identity providers selected for the application. + The identity providers selected for the application. items: type: string type: array + x-kubernetes-list-type: set appLauncherVisible: - description: Option to show/hide applications in App Launcher. - Defaults to `true`. + description: |- + (Boolean) Option to show/hide applications in App Launcher. Defaults to true. + Option to show/hide applications in App Launcher. Defaults to `true`. type: boolean autoRedirectToIdentity: - description: Option to skip identity provider selection if only - one is configured in `allowed_idps`. Defaults to `false`. + description: |- + (Boolean) Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false. + Option to skip identity provider selection if only one is configured in `allowed_idps`. Defaults to `false`. type: boolean corsHeaders: - description: CORS configuration for the Access Application. See - below for reference structure. + description: |- + (Block List) CORS configuration for the Access Application. See below for reference structure. (see below for nested schema) + CORS configuration for the Access Application. See below for reference structure. items: properties: allowAllHeaders: - description: Value to determine whether all HTTP headers - are exposed. + description: |- + (Boolean) Value to determine whether all HTTP headers are exposed. + Value to determine whether all HTTP headers are exposed. type: boolean allowAllMethods: - description: Value to determine whether all methods are - exposed. + description: |- + (Boolean) Value to determine whether all methods are exposed. + Value to determine whether all methods are exposed. type: boolean allowAllOrigins: - description: Value to determine whether all origins are - permitted to make CORS requests. + description: |- + (Boolean) Value to determine whether all origins are permitted to make CORS requests. + Value to determine whether all origins are permitted to make CORS requests. type: boolean allowCredentials: - description: Value to determine if credentials (cookies, - authorization headers, or TLS client certificates) are - included with requests. + description: |- + (Boolean) Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. + Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. type: boolean allowedHeaders: - description: List of HTTP headers to expose via CORS. + description: |- + (Set of String) List of HTTP headers to expose via CORS. + List of HTTP headers to expose via CORS. items: type: string type: array + x-kubernetes-list-type: set allowedMethods: - description: List of methods to expose via CORS. + description: |- + (Set of String) List of methods to expose via CORS. + List of methods to expose via CORS. items: type: string type: array + x-kubernetes-list-type: set allowedOrigins: - description: List of origins permitted to make CORS requests. + description: |- + (Set of String) List of origins permitted to make CORS requests. + List of origins permitted to make CORS requests. items: type: string type: array + x-kubernetes-list-type: set maxAge: - description: The maximum time a preflight request will be - cached. + description: |- + (Number) The maximum time a preflight request will be cached. + The maximum time a preflight request will be cached. type: number type: object type: array customDenyMessage: - description: Option that returns a custom error message when a - user is denied access to the application. + description: |- + (String) Option that returns a custom error message when a user is denied access to the application. + Option that returns a custom error message when a user is denied access to the application. type: string customDenyUrl: - description: Option that redirects to a custom URL when a user - is denied access to the application. + description: |- + (String) Option that redirects to a custom URL when a user is denied access to the application. + Option that redirects to a custom URL when a user is denied access to the application. type: string domain: - description: The complete URL of the asset you wish to put Cloudflare - Access in front of. Can include subdomains or paths. Or both. + description: |- + (String) The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. + The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. type: string enableBindingCookie: - description: Option to provide increased security against compromised - authorization tokens and CSRF attacks by requiring an additional - "binding" cookie on requests. Defaults to `false`. + description: |- + (Boolean) Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false. + Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to `false`. type: boolean httpOnlyCookieAttribute: - description: Option to add the `HttpOnly` cookie flag to access - tokens. + description: |- + (Boolean) Option to add the HttpOnly cookie flag to access tokens. + Option to add the `HttpOnly` cookie flag to access tokens. type: boolean logoUrl: - description: Image URL for the logo shown in the app launcher - dashboard. + description: |- + (String) Image URL for the logo shown in the app launcher dashboard. + Image URL for the logo shown in the app launcher dashboard. type: string name: - description: Friendly name of the Access Application. + description: |- + (String) Friendly name of the Access Application. + Friendly name of the Access Application. type: string saasApp: - description: SaaS configuration for the Access Application. + description: |- + (Block List, Max: 1) SaaS configuration for the Access Application. (see below for nested schema) + SaaS configuration for the Access Application. items: properties: consumerServiceUrl: - description: The service provider's endpoint that is responsible - for receiving and parsing a SAML assertion. + description: |- + (String) The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. + The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. type: string nameIdFormat: - description: The format of the name identifier sent to the - SaaS application. Defaults to `email`. + description: |- + (String) The format of the name identifier sent to the SaaS application. Defaults to email. + The format of the name identifier sent to the SaaS application. Defaults to `email`. type: string spEntityId: - description: A globally unique name for an identity or service - provider. + description: |- + (String) A globally unique name for an identity or service provider. + A globally unique name for an identity or service provider. type: string - required: - - consumerServiceUrl - - spEntityId type: object type: array sameSiteCookieAttribute: - description: 'Defines the same-site cookie setting for access - tokens. Available values: `none`, `lax`, `strict`.' + description: |- + site cookie setting for access tokens. Available values: none, lax, strict. + Defines the same-site cookie setting for access tokens. Available values: `none`, `lax`, `strict`. type: string serviceAuth401Redirect: - description: Option to return a 401 status code in service authentication - rules on failed requests. Defaults to `false`. + description: |- + (Boolean) Option to return a 401 status code in service authentication rules on failed requests. Defaults to false. + Option to return a 401 status code in service authentication rules on failed requests. Defaults to `false`. type: boolean sessionDuration: - description: How often a user will be forced to re-authorise. - Must be in the format `48h` or `2h45m`. Defaults to `24h`. + description: |- + authorise. Must be in the format 48h or 2h45m. Defaults to 24h. + How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. Defaults to `24h`. type: string skipInterstitial: - description: Option to skip the authorization interstitial when - using the CLI. Defaults to `false`. + description: |- + (Boolean) Option to skip the authorization interstitial when using the CLI. Defaults to false. + Option to skip the authorization interstitial when using the CLI. Defaults to `false`. type: boolean type: - description: 'The application type. Available values: `app_launcher`, - `bookmark`, `biso`, `dash_sso`, `saas`, `self_hosted`, `ssh`, - `vnc`, `warp`. Defaults to `self_hosted`.' + description: |- + (String) The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted. + The application type. Available values: `app_launcher`, `bookmark`, `biso`, `dash_sso`, `saas`, `self_hosted`, `ssh`, `vnc`, `warp`. Defaults to `self_hosted`. type: string zoneId: - description: The zone identifier to target for the resource. Conflicts - with `account_id`. + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -281,21 +328,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -308,8 +355,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -322,72 +370,392 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + allowedIdps: + description: |- + (Set of String) The identity providers selected for the application. + The identity providers selected for the application. + items: + type: string + type: array + x-kubernetes-list-type: set + appLauncherVisible: + description: |- + (Boolean) Option to show/hide applications in App Launcher. Defaults to true. + Option to show/hide applications in App Launcher. Defaults to `true`. + type: boolean + autoRedirectToIdentity: + description: |- + (Boolean) Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false. + Option to skip identity provider selection if only one is configured in `allowed_idps`. Defaults to `false`. + type: boolean + corsHeaders: + description: |- + (Block List) CORS configuration for the Access Application. See below for reference structure. (see below for nested schema) + CORS configuration for the Access Application. See below for reference structure. + items: + properties: + allowAllHeaders: + description: |- + (Boolean) Value to determine whether all HTTP headers are exposed. + Value to determine whether all HTTP headers are exposed. + type: boolean + allowAllMethods: + description: |- + (Boolean) Value to determine whether all methods are exposed. + Value to determine whether all methods are exposed. + type: boolean + allowAllOrigins: + description: |- + (Boolean) Value to determine whether all origins are permitted to make CORS requests. + Value to determine whether all origins are permitted to make CORS requests. + type: boolean + allowCredentials: + description: |- + (Boolean) Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. + Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. + type: boolean + allowedHeaders: + description: |- + (Set of String) List of HTTP headers to expose via CORS. + List of HTTP headers to expose via CORS. + items: + type: string + type: array + x-kubernetes-list-type: set + allowedMethods: + description: |- + (Set of String) List of methods to expose via CORS. + List of methods to expose via CORS. + items: + type: string + type: array + x-kubernetes-list-type: set + allowedOrigins: + description: |- + (Set of String) List of origins permitted to make CORS requests. + List of origins permitted to make CORS requests. + items: + type: string + type: array + x-kubernetes-list-type: set + maxAge: + description: |- + (Number) The maximum time a preflight request will be cached. + The maximum time a preflight request will be cached. + type: number + type: object + type: array + customDenyMessage: + description: |- + (String) Option that returns a custom error message when a user is denied access to the application. + Option that returns a custom error message when a user is denied access to the application. + type: string + customDenyUrl: + description: |- + (String) Option that redirects to a custom URL when a user is denied access to the application. + Option that redirects to a custom URL when a user is denied access to the application. + type: string + domain: + description: |- + (String) The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. + The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. + type: string + enableBindingCookie: + description: |- + (Boolean) Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false. + Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to `false`. + type: boolean + httpOnlyCookieAttribute: + description: |- + (Boolean) Option to add the HttpOnly cookie flag to access tokens. + Option to add the `HttpOnly` cookie flag to access tokens. + type: boolean + logoUrl: + description: |- + (String) Image URL for the logo shown in the app launcher dashboard. + Image URL for the logo shown in the app launcher dashboard. + type: string + name: + description: |- + (String) Friendly name of the Access Application. + Friendly name of the Access Application. + type: string + saasApp: + description: |- + (Block List, Max: 1) SaaS configuration for the Access Application. (see below for nested schema) + SaaS configuration for the Access Application. + items: + properties: + consumerServiceUrl: + description: |- + (String) The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. + The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. + type: string + nameIdFormat: + description: |- + (String) The format of the name identifier sent to the SaaS application. Defaults to email. + The format of the name identifier sent to the SaaS application. Defaults to `email`. + type: string + spEntityId: + description: |- + (String) A globally unique name for an identity or service provider. + A globally unique name for an identity or service provider. + type: string + type: object + type: array + sameSiteCookieAttribute: + description: |- + site cookie setting for access tokens. Available values: none, lax, strict. + Defines the same-site cookie setting for access tokens. Available values: `none`, `lax`, `strict`. + type: string + serviceAuth401Redirect: + description: |- + (Boolean) Option to return a 401 status code in service authentication rules on failed requests. Defaults to false. + Option to return a 401 status code in service authentication rules on failed requests. Defaults to `false`. + type: boolean + sessionDuration: + description: |- + authorise. Must be in the format 48h or 2h45m. Defaults to 24h. + How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. Defaults to `24h`. + type: string + skipInterstitial: + description: |- + (Boolean) Option to skip the authorization interstitial when using the CLI. Defaults to false. + Option to skip the authorization interstitial when using the CLI. Defaults to `false`. + type: boolean + type: + description: |- + (String) The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted. + The application type. Available values: `app_launcher`, `bookmark`, `biso`, `dash_sso`, `saas`, `self_hosted`, `ssh`, `vnc`, `warp`. Defaults to `self_hosted`. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -397,21 +765,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -421,17 +789,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -441,21 +811,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -470,21 +840,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -495,14 +866,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -517,15 +889,191 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: ApplicationStatus defines the observed state of Application. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. + type: string + allowedIdps: + description: |- + (Set of String) The identity providers selected for the application. + The identity providers selected for the application. + items: + type: string + type: array + x-kubernetes-list-type: set + appLauncherVisible: + description: |- + (Boolean) Option to show/hide applications in App Launcher. Defaults to true. + Option to show/hide applications in App Launcher. Defaults to `true`. + type: boolean aud: - description: Application Audience (AUD) Tag of the application. + description: |- + (String) Application Audience (AUD) Tag of the application. + Application Audience (AUD) Tag of the application. + type: string + autoRedirectToIdentity: + description: |- + (Boolean) Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false. + Option to skip identity provider selection if only one is configured in `allowed_idps`. Defaults to `false`. + type: boolean + corsHeaders: + description: |- + (Block List) CORS configuration for the Access Application. See below for reference structure. (see below for nested schema) + CORS configuration for the Access Application. See below for reference structure. + items: + properties: + allowAllHeaders: + description: |- + (Boolean) Value to determine whether all HTTP headers are exposed. + Value to determine whether all HTTP headers are exposed. + type: boolean + allowAllMethods: + description: |- + (Boolean) Value to determine whether all methods are exposed. + Value to determine whether all methods are exposed. + type: boolean + allowAllOrigins: + description: |- + (Boolean) Value to determine whether all origins are permitted to make CORS requests. + Value to determine whether all origins are permitted to make CORS requests. + type: boolean + allowCredentials: + description: |- + (Boolean) Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. + Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests. + type: boolean + allowedHeaders: + description: |- + (Set of String) List of HTTP headers to expose via CORS. + List of HTTP headers to expose via CORS. + items: + type: string + type: array + x-kubernetes-list-type: set + allowedMethods: + description: |- + (Set of String) List of methods to expose via CORS. + List of methods to expose via CORS. + items: + type: string + type: array + x-kubernetes-list-type: set + allowedOrigins: + description: |- + (Set of String) List of origins permitted to make CORS requests. + List of origins permitted to make CORS requests. + items: + type: string + type: array + x-kubernetes-list-type: set + maxAge: + description: |- + (Number) The maximum time a preflight request will be cached. + The maximum time a preflight request will be cached. + type: number + type: object + type: array + customDenyMessage: + description: |- + (String) Option that returns a custom error message when a user is denied access to the application. + Option that returns a custom error message when a user is denied access to the application. + type: string + customDenyUrl: + description: |- + (String) Option that redirects to a custom URL when a user is denied access to the application. + Option that redirects to a custom URL when a user is denied access to the application. type: string + domain: + description: |- + (String) The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. + The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both. + type: string + enableBindingCookie: + description: |- + (Boolean) Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false. + Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to `false`. + type: boolean + httpOnlyCookieAttribute: + description: |- + (Boolean) Option to add the HttpOnly cookie flag to access tokens. + Option to add the `HttpOnly` cookie flag to access tokens. + type: boolean id: + description: (String) The ID of this resource. + type: string + logoUrl: + description: |- + (String) Image URL for the logo shown in the app launcher dashboard. + Image URL for the logo shown in the app launcher dashboard. + type: string + name: + description: |- + (String) Friendly name of the Access Application. + Friendly name of the Access Application. + type: string + saasApp: + description: |- + (Block List, Max: 1) SaaS configuration for the Access Application. (see below for nested schema) + SaaS configuration for the Access Application. + items: + properties: + consumerServiceUrl: + description: |- + (String) The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. + The service provider's endpoint that is responsible for receiving and parsing a SAML assertion. + type: string + nameIdFormat: + description: |- + (String) The format of the name identifier sent to the SaaS application. Defaults to email. + The format of the name identifier sent to the SaaS application. Defaults to `email`. + type: string + spEntityId: + description: |- + (String) A globally unique name for an identity or service provider. + A globally unique name for an identity or service provider. + type: string + type: object + type: array + sameSiteCookieAttribute: + description: |- + site cookie setting for access tokens. Available values: none, lax, strict. + Defines the same-site cookie setting for access tokens. Available values: `none`, `lax`, `strict`. + type: string + serviceAuth401Redirect: + description: |- + (Boolean) Option to return a 401 status code in service authentication rules on failed requests. Defaults to false. + Option to return a 401 status code in service authentication rules on failed requests. Defaults to `false`. + type: boolean + sessionDuration: + description: |- + authorise. Must be in the format 48h or 2h45m. Defaults to 24h. + How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. Defaults to `24h`. + type: string + skipInterstitial: + description: |- + (Boolean) Option to skip the authorization interstitial when using the CLI. Defaults to false. + Option to skip the authorization interstitial when using the CLI. Defaults to `false`. + type: boolean + type: + description: |- + (String) The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted. + The application type. Available values: `app_launcher`, `bookmark`, `biso`, `dash_sso`, `saas`, `self_hosted`, `ssh`, `vnc`, `warp`. Defaults to `self_hosted`. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string type: object conditions: @@ -534,13 +1082,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -551,8 +1101,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -561,6 +1112,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -569,9 +1123,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/access.cloudflare.upbound.io_bookmarks.yaml b/package/crds/access.cloudflare.upbound.io_bookmarks.yaml index 8d82fc9..a66b04c 100644 --- a/package/crds/access.cloudflare.upbound.io_bookmarks.yaml +++ b/package/crds/access.cloudflare.upbound.io_bookmarks.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: bookmarks.access.cloudflare.upbound.io spec: group: access.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Bookmark is the Schema for the Bookmarks API. + description: Bookmark is the Schema for the Bookmarks API. Provides a Cloudflare + Access Bookmark resource. Access Bookmark applications are not protected + behind Access but are displayed in the App Launcher. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Conflicts with `zone_id`. + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,23 +154,29 @@ spec: type: object type: object appLauncherVisible: - description: Option to show/hide the bookmark in the app launcher. - Defaults to `true`. + description: |- + (Boolean) Option to show/hide the bookmark in the app launcher. Defaults to true. + Option to show/hide the bookmark in the app launcher. Defaults to `true`. type: boolean domain: - description: The domain of the bookmark application. Can include - subdomains, paths, or both. + description: |- + (String) The domain of the bookmark application. Can include subdomains, paths, or both. + The domain of the bookmark application. Can include subdomains, paths, or both. type: string logoUrl: - description: The image URL for the logo shown in the app launcher - dashboard. + description: |- + (String) The image URL for the logo shown in the app launcher dashboard. + The image URL for the logo shown in the app launcher dashboard. type: string name: - description: Name of the bookmark application. + description: |- + (String) Name of the bookmark application. + Name of the bookmark application. type: string zoneId: - description: The zone identifier to target for the resource. Conflicts - with `account_id`. + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -170,21 +189,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -197,8 +216,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -211,73 +231,254 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - domain - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + appLauncherVisible: + description: |- + (Boolean) Option to show/hide the bookmark in the app launcher. Defaults to true. + Option to show/hide the bookmark in the app launcher. Defaults to `true`. + type: boolean + domain: + description: |- + (String) The domain of the bookmark application. Can include subdomains, paths, or both. + The domain of the bookmark application. Can include subdomains, paths, or both. + type: string + logoUrl: + description: |- + (String) The image URL for the logo shown in the app launcher dashboard. + The image URL for the logo shown in the app launcher dashboard. + type: string + name: + description: |- + (String) Name of the bookmark application. + Name of the bookmark application. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -287,21 +488,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -311,17 +512,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -331,21 +534,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -360,21 +563,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -385,14 +589,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -407,12 +612,52 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.domain is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.domain) + || (has(self.initProvider) && has(self.initProvider.domain))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: BookmarkStatus defines the observed state of Bookmark. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. + type: string + appLauncherVisible: + description: |- + (Boolean) Option to show/hide the bookmark in the app launcher. Defaults to true. + Option to show/hide the bookmark in the app launcher. Defaults to `true`. + type: boolean + domain: + description: |- + (String) The domain of the bookmark application. Can include subdomains, paths, or both. + The domain of the bookmark application. Can include subdomains, paths, or both. + type: string id: + description: (String) The ID of this resource. + type: string + logoUrl: + description: |- + (String) The image URL for the logo shown in the app launcher dashboard. + The image URL for the logo shown in the app launcher dashboard. + type: string + name: + description: |- + (String) Name of the bookmark application. + Name of the bookmark application. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string type: object conditions: @@ -421,13 +666,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -438,8 +685,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -448,6 +696,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -456,9 +707,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/access.cloudflare.upbound.io_cacertificates.yaml b/package/crds/access.cloudflare.upbound.io_cacertificates.yaml index cfb0ee7..c7a60d1 100644 --- a/package/crds/access.cloudflare.upbound.io_cacertificates.yaml +++ b/package/crds/access.cloudflare.upbound.io_cacertificates.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: cacertificates.access.cloudflare.upbound.io spec: group: access.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: CACertificate is the Schema for the CACertificates API. + description: CACertificate is the Schema for the CACertificates API. Cloudflare + Access can replace traditional SSH key models with short-lived certificates + issued to your users based on the token generated by their Access login. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Conflicts with `zone_id`. + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,8 +154,9 @@ spec: type: object type: object applicationId: - description: The Access Application ID to associate with the CA - certificate. + description: |- + (String) The Access Application ID to associate with the CA certificate. + The Access Application ID to associate with the CA certificate. type: string applicationIdRef: description: Reference to a Application to populate applicationId. @@ -155,21 +169,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -182,8 +196,9 @@ spec: description: Selector for a Application to populate applicationId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -196,21 +211,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -218,8 +233,9 @@ spec: type: object type: object zoneId: - description: The zone identifier to target for the resource. Conflicts - with `account_id`. + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -232,21 +248,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -259,8 +275,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -273,21 +290,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -295,48 +312,291 @@ spec: type: object type: object type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + applicationId: + description: |- + (String) The Access Application ID to associate with the CA certificate. + The Access Application ID to associate with the CA certificate. + type: string + applicationIdRef: + description: Reference to a Application to populate applicationId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + applicationIdSelector: + description: Selector for a Application to populate applicationId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -346,21 +606,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -370,17 +630,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -390,21 +652,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -419,21 +681,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -444,14 +707,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -471,13 +735,33 @@ spec: properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. + type: string + applicationId: + description: |- + (String) The Access Application ID to associate with the CA certificate. + The Access Application ID to associate with the CA certificate. + type: string aud: - description: Application Audience (AUD) Tag of the CA certificate. + description: |- + (String) Application Audience (AUD) Tag of the CA certificate. + Application Audience (AUD) Tag of the CA certificate. type: string id: + description: (String) The ID of this resource. type: string publicKey: - description: Cryptographic public key of the generated CA certificate. + description: |- + (String) Cryptographic public key of the generated CA certificate. + Cryptographic public key of the generated CA certificate. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string type: object conditions: @@ -486,13 +770,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -503,8 +789,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -513,6 +800,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -521,9 +811,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/access.cloudflare.upbound.io_groups.yaml b/package/crds/access.cloudflare.upbound.io_groups.yaml index 4621a30..19e802c 100644 --- a/package/crds/access.cloudflare.upbound.io_groups.yaml +++ b/package/crds/access.cloudflare.upbound.io_groups.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: groups.access.cloudflare.upbound.io spec: group: access.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Group is the Schema for the Groups API. + description: Group is the Schema for the Groups API. Provides a Cloudflare + Access Group resource. Access Groups are used in conjunction with Access + Policies to restrict access to a particular resource based on group membership. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,9 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Conflicts with `zone_id`. **Modifying this attribute will force - creation of a new resource.** + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -79,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -106,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -120,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -142,349 +154,456 @@ spec: type: object type: object exclude: + description: (Block List) (see below for nested schema) items: properties: anyValidServiceToken: + description: (Boolean) type: boolean authMethod: + description: (String) type: string azure: + description: (Block List) (see below for nested schema) items: properties: id: + description: (String) The ID of this resource. items: type: string type: array identityProviderId: + description: (String) type: string type: object type: array certificate: + description: (Boolean) type: boolean commonName: + description: (String) type: string devicePosture: + description: (List of String) items: type: string type: array email: + description: (List of String) items: type: string type: array emailDomain: + description: (List of String) items: type: string type: array everyone: + description: (Boolean) type: boolean externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' items: properties: evaluateUrl: + description: (String) type: string keysUrl: + description: (String) type: string type: object type: array geo: + description: (List of String) items: type: string type: array github: + description: (Block List) (see below for nested schema) items: properties: identityProviderId: + description: (String) type: string name: + description: (String) type: string teams: + description: (List of String) items: type: string type: array type: object type: array group: + description: (List of String) items: type: string type: array gsuite: + description: (Block List) (see below for nested schema) items: properties: email: + description: (List of String) items: type: string type: array identityProviderId: + description: (String) type: string type: object type: array ip: + description: (List of String) items: type: string type: array loginMethod: + description: (List of String) items: type: string type: array okta: + description: (Block List) (see below for nested schema) items: properties: identityProviderId: + description: (String) type: string name: + description: (String) items: type: string type: array type: object type: array saml: + description: (Block List) (see below for nested schema) items: properties: attributeName: + description: (String) type: string attributeValue: + description: (String) type: string identityProviderId: + description: (String) type: string type: object type: array serviceToken: + description: (List of String) items: type: string type: array type: object type: array include: + description: '(Block List, Min: 1) (see below for nested schema)' items: properties: anyValidServiceToken: + description: (Boolean) type: boolean authMethod: + description: (String) type: string azure: + description: (Block List) (see below for nested schema) items: properties: id: + description: (String) The ID of this resource. items: type: string type: array identityProviderId: + description: (String) type: string type: object type: array certificate: + description: (Boolean) type: boolean commonName: + description: (String) type: string devicePosture: + description: (List of String) items: type: string type: array email: + description: (List of String) items: type: string type: array emailDomain: + description: (List of String) items: type: string type: array everyone: + description: (Boolean) type: boolean externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' items: properties: evaluateUrl: + description: (String) type: string keysUrl: + description: (String) type: string type: object type: array geo: + description: (List of String) items: type: string type: array github: + description: (Block List) (see below for nested schema) items: properties: identityProviderId: + description: (String) type: string name: + description: (String) type: string teams: + description: (List of String) items: type: string type: array type: object type: array group: + description: (List of String) items: type: string type: array gsuite: + description: (Block List) (see below for nested schema) items: properties: email: + description: (List of String) items: type: string type: array identityProviderId: + description: (String) type: string type: object type: array ip: + description: (List of String) items: type: string type: array loginMethod: + description: (List of String) items: type: string type: array okta: + description: (Block List) (see below for nested schema) items: properties: identityProviderId: + description: (String) type: string name: + description: (String) items: type: string type: array type: object type: array saml: + description: (Block List) (see below for nested schema) items: properties: attributeName: + description: (String) type: string attributeValue: + description: (String) type: string identityProviderId: + description: (String) type: string type: object type: array serviceToken: + description: (List of String) items: type: string type: array type: object type: array name: + description: (String) type: string require: + description: (Block List) (see below for nested schema) items: properties: anyValidServiceToken: + description: (Boolean) type: boolean authMethod: + description: (String) type: string azure: + description: (Block List) (see below for nested schema) items: properties: id: + description: (String) The ID of this resource. items: type: string type: array identityProviderId: + description: (String) type: string type: object type: array certificate: + description: (Boolean) type: boolean commonName: + description: (String) type: string devicePosture: + description: (List of String) items: type: string type: array email: + description: (List of String) items: type: string type: array emailDomain: + description: (List of String) items: type: string type: array everyone: + description: (Boolean) type: boolean externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' items: properties: evaluateUrl: + description: (String) type: string keysUrl: + description: (String) type: string type: object type: array geo: + description: (List of String) items: type: string type: array github: + description: (Block List) (see below for nested schema) items: properties: identityProviderId: + description: (String) type: string name: + description: (String) type: string teams: + description: (List of String) items: type: string type: array type: object type: array group: + description: (List of String) items: type: string type: array gsuite: + description: (Block List) (see below for nested schema) items: properties: email: + description: (List of String) items: type: string type: array identityProviderId: + description: (String) type: string type: object type: array ip: + description: (List of String) items: type: string type: array loginMethod: + description: (List of String) items: type: string type: array okta: + description: (Block List) (see below for nested schema) items: properties: identityProviderId: + description: (String) type: string name: + description: (String) items: type: string type: array type: object type: array saml: + description: (Block List) (see below for nested schema) items: properties: attributeName: + description: (String) type: string attributeValue: + description: (String) type: string identityProviderId: + description: (String) type: string type: object type: array serviceToken: + description: (List of String) items: type: string type: array type: object type: array zoneId: - description: The zone identifier to target for the resource. Conflicts - with `account_id`. + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -497,21 +616,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -524,8 +643,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -538,117 +658,48 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - include - - name - type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. - properties: - configRef: - default: - name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: name: description: Name of the referenced object. @@ -658,21 +709,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -681,65 +732,1213 @@ spec: required: - name type: object - metadata: - description: Metadata is the metadata for connection secret. + accountIdSelector: + description: Selector for a Account in account to populate accountId. properties: - annotations: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: MatchLabels ensures an object with matching labels + is selected. type: object - labels: - additionalProperties: - type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string type: object - type: - description: Type is the SecretType for the connection secret. - - Only valid for Kubernetes Secret Stores. - type: string type: object - name: - description: Name is the name of the connection secret. - type: string - required: - - name - type: object - writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. - properties: - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - name - - namespace - type: object - required: - - forProvider - type: object - status: - description: GroupStatus defines the observed state of Group. - properties: - atProvider: - properties: - id: + exclude: + description: (Block List) (see below for nested schema) + items: + properties: + anyValidServiceToken: + description: (Boolean) + type: boolean + authMethod: + description: (String) + type: string + azure: + description: (Block List) (see below for nested schema) + items: + properties: + id: + description: (String) The ID of this resource. + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + certificate: + description: (Boolean) + type: boolean + commonName: + description: (String) + type: string + devicePosture: + description: (List of String) + items: + type: string + type: array + email: + description: (List of String) + items: + type: string + type: array + emailDomain: + description: (List of String) + items: + type: string + type: array + everyone: + description: (Boolean) + type: boolean + externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + evaluateUrl: + description: (String) + type: string + keysUrl: + description: (String) + type: string + type: object + type: array + geo: + description: (List of String) + items: + type: string + type: array + github: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) + type: string + teams: + description: (List of String) + items: + type: string + type: array + type: object + type: array + group: + description: (List of String) + items: + type: string + type: array + gsuite: + description: (Block List) (see below for nested schema) + items: + properties: + email: + description: (List of String) + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + ip: + description: (List of String) + items: + type: string + type: array + loginMethod: + description: (List of String) + items: + type: string + type: array + okta: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) + items: + type: string + type: array + type: object + type: array + saml: + description: (Block List) (see below for nested schema) + items: + properties: + attributeName: + description: (String) + type: string + attributeValue: + description: (String) + type: string + identityProviderId: + description: (String) + type: string + type: object + type: array + serviceToken: + description: (List of String) + items: + type: string + type: array + type: object + type: array + include: + description: '(Block List, Min: 1) (see below for nested schema)' + items: + properties: + anyValidServiceToken: + description: (Boolean) + type: boolean + authMethod: + description: (String) + type: string + azure: + description: (Block List) (see below for nested schema) + items: + properties: + id: + description: (String) The ID of this resource. + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + certificate: + description: (Boolean) + type: boolean + commonName: + description: (String) + type: string + devicePosture: + description: (List of String) + items: + type: string + type: array + email: + description: (List of String) + items: + type: string + type: array + emailDomain: + description: (List of String) + items: + type: string + type: array + everyone: + description: (Boolean) + type: boolean + externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + evaluateUrl: + description: (String) + type: string + keysUrl: + description: (String) + type: string + type: object + type: array + geo: + description: (List of String) + items: + type: string + type: array + github: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) + type: string + teams: + description: (List of String) + items: + type: string + type: array + type: object + type: array + group: + description: (List of String) + items: + type: string + type: array + gsuite: + description: (Block List) (see below for nested schema) + items: + properties: + email: + description: (List of String) + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + ip: + description: (List of String) + items: + type: string + type: array + loginMethod: + description: (List of String) + items: + type: string + type: array + okta: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) + items: + type: string + type: array + type: object + type: array + saml: + description: (Block List) (see below for nested schema) + items: + properties: + attributeName: + description: (String) + type: string + attributeValue: + description: (String) + type: string + identityProviderId: + description: (String) + type: string + type: object + type: array + serviceToken: + description: (List of String) + items: + type: string + type: array + type: object + type: array + name: + description: (String) + type: string + require: + description: (Block List) (see below for nested schema) + items: + properties: + anyValidServiceToken: + description: (Boolean) + type: boolean + authMethod: + description: (String) + type: string + azure: + description: (Block List) (see below for nested schema) + items: + properties: + id: + description: (String) The ID of this resource. + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + certificate: + description: (Boolean) + type: boolean + commonName: + description: (String) + type: string + devicePosture: + description: (List of String) + items: + type: string + type: array + email: + description: (List of String) + items: + type: string + type: array + emailDomain: + description: (List of String) + items: + type: string + type: array + everyone: + description: (Boolean) + type: boolean + externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + evaluateUrl: + description: (String) + type: string + keysUrl: + description: (String) + type: string + type: object + type: array + geo: + description: (List of String) + items: + type: string + type: array + github: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) + type: string + teams: + description: (List of String) + items: + type: string + type: array + type: object + type: array + group: + description: (List of String) + items: + type: string + type: array + gsuite: + description: (Block List) (see below for nested schema) + items: + properties: + email: + description: (List of String) + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + ip: + description: (List of String) + items: + type: string + type: array + loginMethod: + description: (List of String) + items: + type: string + type: array + okta: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) + items: + type: string + type: array + type: object + type: array + saml: + description: (Block List) (see below for nested schema) + items: + properties: + attributeName: + description: (String) + type: string + attributeValue: + description: (String) + type: string + identityProviderId: + description: (String) + type: string + type: object + type: array + serviceToken: + description: (List of String) + items: + type: string + type: array + type: object + type: array + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + type: object + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + publishConnectionDetailsTo: + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + properties: + configRef: + default: + name: default + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + metadata: + description: Metadata is the metadata for connection secret. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. + type: object + labels: + additionalProperties: + type: string + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. + type: object + type: + description: |- + Type is the SecretType for the connection secret. + - Only valid for Kubernetes Secret Stores. + type: string + type: object + name: + description: Name is the name of the connection secret. + type: string + required: + - name + type: object + writeConnectionSecretToRef: + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. + properties: + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - name + - namespace + type: object + required: + - forProvider + type: object + x-kubernetes-validations: + - message: spec.forProvider.include is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.include) + || (has(self.initProvider) && has(self.initProvider.include))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + status: + description: GroupStatus defines the observed state of Group. + properties: + atProvider: + properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + type: string + exclude: + description: (Block List) (see below for nested schema) + items: + properties: + anyValidServiceToken: + description: (Boolean) + type: boolean + authMethod: + description: (String) + type: string + azure: + description: (Block List) (see below for nested schema) + items: + properties: + id: + description: (String) The ID of this resource. + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + certificate: + description: (Boolean) + type: boolean + commonName: + description: (String) + type: string + devicePosture: + description: (List of String) + items: + type: string + type: array + email: + description: (List of String) + items: + type: string + type: array + emailDomain: + description: (List of String) + items: + type: string + type: array + everyone: + description: (Boolean) + type: boolean + externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + evaluateUrl: + description: (String) + type: string + keysUrl: + description: (String) + type: string + type: object + type: array + geo: + description: (List of String) + items: + type: string + type: array + github: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) + type: string + teams: + description: (List of String) + items: + type: string + type: array + type: object + type: array + group: + description: (List of String) + items: + type: string + type: array + gsuite: + description: (Block List) (see below for nested schema) + items: + properties: + email: + description: (List of String) + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + ip: + description: (List of String) + items: + type: string + type: array + loginMethod: + description: (List of String) + items: + type: string + type: array + okta: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) + items: + type: string + type: array + type: object + type: array + saml: + description: (Block List) (see below for nested schema) + items: + properties: + attributeName: + description: (String) + type: string + attributeValue: + description: (String) + type: string + identityProviderId: + description: (String) + type: string + type: object + type: array + serviceToken: + description: (List of String) + items: + type: string + type: array + type: object + type: array + id: + description: (String) The ID of this resource. + type: string + include: + description: '(Block List, Min: 1) (see below for nested schema)' + items: + properties: + anyValidServiceToken: + description: (Boolean) + type: boolean + authMethod: + description: (String) + type: string + azure: + description: (Block List) (see below for nested schema) + items: + properties: + id: + description: (String) The ID of this resource. + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + certificate: + description: (Boolean) + type: boolean + commonName: + description: (String) + type: string + devicePosture: + description: (List of String) + items: + type: string + type: array + email: + description: (List of String) + items: + type: string + type: array + emailDomain: + description: (List of String) + items: + type: string + type: array + everyone: + description: (Boolean) + type: boolean + externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + evaluateUrl: + description: (String) + type: string + keysUrl: + description: (String) + type: string + type: object + type: array + geo: + description: (List of String) + items: + type: string + type: array + github: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) + type: string + teams: + description: (List of String) + items: + type: string + type: array + type: object + type: array + group: + description: (List of String) + items: + type: string + type: array + gsuite: + description: (Block List) (see below for nested schema) + items: + properties: + email: + description: (List of String) + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + ip: + description: (List of String) + items: + type: string + type: array + loginMethod: + description: (List of String) + items: + type: string + type: array + okta: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) + items: + type: string + type: array + type: object + type: array + saml: + description: (Block List) (see below for nested schema) + items: + properties: + attributeName: + description: (String) + type: string + attributeValue: + description: (String) + type: string + identityProviderId: + description: (String) + type: string + type: object + type: array + serviceToken: + description: (List of String) + items: + type: string + type: array + type: object + type: array + name: + description: (String) + type: string + require: + description: (Block List) (see below for nested schema) + items: + properties: + anyValidServiceToken: + description: (Boolean) + type: boolean + authMethod: + description: (String) + type: string + azure: + description: (Block List) (see below for nested schema) + items: + properties: + id: + description: (String) The ID of this resource. + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + certificate: + description: (Boolean) + type: boolean + commonName: + description: (String) + type: string + devicePosture: + description: (List of String) + items: + type: string + type: array + email: + description: (List of String) + items: + type: string + type: array + emailDomain: + description: (List of String) + items: + type: string + type: array + everyone: + description: (Boolean) + type: boolean + externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + evaluateUrl: + description: (String) + type: string + keysUrl: + description: (String) + type: string + type: object + type: array + geo: + description: (List of String) + items: + type: string + type: array + github: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) + type: string + teams: + description: (List of String) + items: + type: string + type: array + type: object + type: array + group: + description: (List of String) + items: + type: string + type: array + gsuite: + description: (Block List) (see below for nested schema) + items: + properties: + email: + description: (List of String) + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + ip: + description: (List of String) + items: + type: string + type: array + loginMethod: + description: (List of String) + items: + type: string + type: array + okta: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) + items: + type: string + type: array + type: object + type: array + saml: + description: (Block List) (see below for nested schema) + items: + properties: + attributeName: + description: (String) + type: string + attributeValue: + description: (String) + type: string + identityProviderId: + description: (String) + type: string + type: object + type: array + serviceToken: + description: (List of String) + items: + type: string + type: array + type: object + type: array + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string type: object conditions: @@ -748,13 +1947,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -765,8 +1966,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -775,6 +1977,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -783,9 +1988,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/access.cloudflare.upbound.io_identityproviders.yaml b/package/crds/access.cloudflare.upbound.io_identityproviders.yaml index 6bff932..e8b545e 100644 --- a/package/crds/access.cloudflare.upbound.io_identityproviders.yaml +++ b/package/crds/access.cloudflare.upbound.io_identityproviders.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: identityproviders.access.cloudflare.upbound.io spec: group: access.cloudflare.upbound.io @@ -36,17 +35,23 @@ spec: schema: openAPIV3Schema: description: IdentityProvider is the Schema for the IdentityProviders API. - + Provides a Cloudflare Access Identity Provider resource. Identity Providers + are used as an authentication or authorisation source within Access. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,9 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Conflicts with `zone_id`. **Modifying this attribute will force - creation of a new resource.** + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -80,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -107,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -121,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -143,67 +154,92 @@ spec: type: object type: object config: - description: Provider configuration from the [developer documentation](https://developers.cloudflare.com/access/configuring-identity-providers/). + description: |- + (Block List) Provider configuration from the developer documentation. (see below for nested schema) + Provider configuration from the [developer documentation](https://developers.cloudflare.com/access/configuring-identity-providers/). items: properties: apiToken: + description: (String) type: string appsDomain: + description: (String) type: string attributes: + description: (List of String) items: type: string type: array authUrl: + description: (String) type: string centrifyAccount: + description: (String) type: string centrifyAppId: + description: (String) type: string certsUrl: + description: (String) type: string clientId: + description: (String) type: string clientSecret: + description: (String) type: string directoryId: + description: (String) type: string emailAttributeName: + description: (String) type: string idpPublicCert: + description: (String) type: string issuerUrl: + description: (String) type: string oktaAccount: + description: (String) type: string oneloginAccount: + description: (String) type: string pkceEnabled: + description: (Boolean) type: boolean redirectUrl: + description: (String) type: string signRequest: + description: (Boolean) type: boolean ssoTargetUrl: + description: (String) type: string supportGroups: + description: (Boolean) type: boolean tokenUrl: + description: (String) type: string type: object type: array name: - description: Friendly name of the Access Identity Provider configuration. + description: |- + (String) Friendly name of the Access Identity Provider configuration. + Friendly name of the Access Identity Provider configuration. type: string type: - description: 'The provider type to use. Available values: `centrify`, - `facebook`, `google-apps`, `oidc`, `github`, `google`, `saml`, - `linkedin`, `azureAD`, `okta`, `onetimepin`, `onelogin`, `yandex`.' + description: |- + apps, oidc, github, google, saml, linkedin, azureAD, okta, onetimepin, onelogin, yandex. + The provider type to use. Available values: `centrify`, `facebook`, `google-apps`, `oidc`, `github`, `google`, `saml`, `linkedin`, `azureAD`, `okta`, `onetimepin`, `onelogin`, `yandex`. type: string zoneId: - description: The zone identifier to target for the resource. Conflicts - with `account_id`. **Modifying this attribute will force creation - of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -216,21 +252,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -243,8 +279,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -257,73 +294,317 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - name - - type type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + config: + description: |- + (Block List) Provider configuration from the developer documentation. (see below for nested schema) + Provider configuration from the [developer documentation](https://developers.cloudflare.com/access/configuring-identity-providers/). + items: + properties: + apiToken: + description: (String) + type: string + appsDomain: + description: (String) + type: string + attributes: + description: (List of String) + items: + type: string + type: array + authUrl: + description: (String) + type: string + centrifyAccount: + description: (String) + type: string + centrifyAppId: + description: (String) + type: string + certsUrl: + description: (String) + type: string + clientId: + description: (String) + type: string + clientSecret: + description: (String) + type: string + directoryId: + description: (String) + type: string + emailAttributeName: + description: (String) + type: string + idpPublicCert: + description: (String) + type: string + issuerUrl: + description: (String) + type: string + oktaAccount: + description: (String) + type: string + oneloginAccount: + description: (String) + type: string + pkceEnabled: + description: (Boolean) + type: boolean + redirectUrl: + description: (String) + type: string + signRequest: + description: (Boolean) + type: boolean + ssoTargetUrl: + description: (String) + type: string + supportGroups: + description: (Boolean) + type: boolean + tokenUrl: + description: (String) + type: string + type: object + type: array + name: + description: |- + (String) Friendly name of the Access Identity Provider configuration. + Friendly name of the Access Identity Provider configuration. + type: string + type: + description: |- + apps, oidc, github, google, saml, linkedin, azureAD, okta, onetimepin, onelogin, yandex. + The provider type to use. Available values: `centrify`, `facebook`, `google-apps`, `oidc`, `github`, `google`, `saml`, `linkedin`, `azureAD`, `okta`, `onetimepin`, `onelogin`, `yandex`. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -333,21 +614,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -357,17 +638,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -377,21 +660,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -406,21 +689,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -431,14 +715,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -453,12 +738,115 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.type is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.type) + || (has(self.initProvider) && has(self.initProvider.type))' status: description: IdentityProviderStatus defines the observed state of IdentityProvider. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + type: string + config: + description: |- + (Block List) Provider configuration from the developer documentation. (see below for nested schema) + Provider configuration from the [developer documentation](https://developers.cloudflare.com/access/configuring-identity-providers/). + items: + properties: + apiToken: + description: (String) + type: string + appsDomain: + description: (String) + type: string + attributes: + description: (List of String) + items: + type: string + type: array + authUrl: + description: (String) + type: string + centrifyAccount: + description: (String) + type: string + centrifyAppId: + description: (String) + type: string + certsUrl: + description: (String) + type: string + clientId: + description: (String) + type: string + clientSecret: + description: (String) + type: string + directoryId: + description: (String) + type: string + emailAttributeName: + description: (String) + type: string + idpPublicCert: + description: (String) + type: string + issuerUrl: + description: (String) + type: string + oktaAccount: + description: (String) + type: string + oneloginAccount: + description: (String) + type: string + pkceEnabled: + description: (Boolean) + type: boolean + redirectUrl: + description: (String) + type: string + signRequest: + description: (Boolean) + type: boolean + ssoTargetUrl: + description: (String) + type: string + supportGroups: + description: (Boolean) + type: boolean + tokenUrl: + description: (String) + type: string + type: object + type: array id: + description: (String) The ID of this resource. + type: string + name: + description: |- + (String) Friendly name of the Access Identity Provider configuration. + Friendly name of the Access Identity Provider configuration. + type: string + type: + description: |- + apps, oidc, github, google, saml, linkedin, azureAD, okta, onetimepin, onelogin, yandex. + The provider type to use. Available values: `centrify`, `facebook`, `google-apps`, `oidc`, `github`, `google`, `saml`, `linkedin`, `azureAD`, `okta`, `onetimepin`, `onelogin`, `yandex`. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -467,13 +855,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -484,8 +874,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -494,6 +885,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -502,9 +896,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/access.cloudflare.upbound.io_keysconfigurations.yaml b/package/crds/access.cloudflare.upbound.io_keysconfigurations.yaml index 0c4250c..9543854 100644 --- a/package/crds/access.cloudflare.upbound.io_keysconfigurations.yaml +++ b/package/crds/access.cloudflare.upbound.io_keysconfigurations.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: keysconfigurations.access.cloudflare.upbound.io spec: group: access.cloudflare.upbound.io @@ -39,14 +38,19 @@ spec: properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -78,21 +87,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +114,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +129,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -144,48 +154,134 @@ spec: description: Number of days to trigger a rotation of the keys. type: number type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + keyRotationIntervalDays: + description: Number of days to trigger a rotation of the keys. + type: number type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -195,21 +291,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -219,17 +315,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -239,21 +337,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -268,21 +366,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -293,14 +392,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -320,8 +420,14 @@ spec: properties: atProvider: properties: + accountId: + description: The account identifier to target for the resource. + type: string id: type: string + keyRotationIntervalDays: + description: Number of days to trigger a rotation of the keys. + type: number type: object conditions: description: Conditions of the resource. @@ -329,13 +435,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -346,8 +454,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -356,6 +465,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -364,9 +476,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/access.cloudflare.upbound.io_mutualtlscertificates.yaml b/package/crds/access.cloudflare.upbound.io_mutualtlscertificates.yaml index c04f3a7..f8e32df 100644 --- a/package/crds/access.cloudflare.upbound.io_mutualtlscertificates.yaml +++ b/package/crds/access.cloudflare.upbound.io_mutualtlscertificates.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: mutualtlscertificates.access.cloudflare.upbound.io spec: group: access.cloudflare.upbound.io @@ -36,17 +35,25 @@ spec: schema: openAPIV3Schema: description: MutualTLSCertificate is the Schema for the MutualTLSCertificates - API. + API. Provides a Cloudflare Access Mutual TLS Certificate resource. Mutual + TLS authentication ensures that the traffic is secure and trusted in both + directions between a client and server and can be used with Access to only + allows requests from devices with a corresponding client certificate. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +62,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,8 +77,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Conflicts with `zone_id`. + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -79,21 +92,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -106,8 +119,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -120,21 +134,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -142,19 +156,26 @@ spec: type: object type: object associatedHostnames: - description: The hostnames that will be prompted for this certificate. + description: |- + (List of String) The hostnames that will be prompted for this certificate. + The hostnames that will be prompted for this certificate. items: type: string type: array certificate: - description: The Root CA for your certificates. + description: |- + (String) The Root CA for your certificates. + The Root CA for your certificates. type: string name: - description: The name of the certificate. + description: |- + (String) The name of the certificate. + The name of the certificate. type: string zoneId: - description: The zone identifier to target for the resource. Conflicts - with `account_id`. + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -167,21 +188,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -194,8 +215,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -208,72 +230,251 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + associatedHostnames: + description: |- + (List of String) The hostnames that will be prompted for this certificate. + The hostnames that will be prompted for this certificate. + items: + type: string + type: array + certificate: + description: |- + (String) The Root CA for your certificates. + The Root CA for your certificates. + type: string + name: + description: |- + (String) The name of the certificate. + The name of the certificate. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -283,21 +484,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -307,17 +508,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -327,21 +530,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -356,21 +559,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -381,14 +585,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -403,15 +608,49 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: MutualTLSCertificateStatus defines the observed state of MutualTLSCertificate. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. + type: string + associatedHostnames: + description: |- + (List of String) The hostnames that will be prompted for this certificate. + The hostnames that will be prompted for this certificate. + items: + type: string + type: array + certificate: + description: |- + (String) The Root CA for your certificates. + The Root CA for your certificates. + type: string fingerprint: + description: (String) type: string id: + description: (String) The ID of this resource. + type: string + name: + description: |- + (String) The name of the certificate. + The name of the certificate. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string type: object conditions: @@ -420,13 +659,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -437,8 +678,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -447,6 +689,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -455,9 +700,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/access.cloudflare.upbound.io_organizations.yaml b/package/crds/access.cloudflare.upbound.io_organizations.yaml index d160ae2..46ffcbf 100644 --- a/package/crds/access.cloudflare.upbound.io_organizations.yaml +++ b/package/crds/access.cloudflare.upbound.io_organizations.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: organizations.access.cloudflare.upbound.io spec: group: access.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Organization is the Schema for the Organizations API. + description: Organization is the Schema for the Organizations API. A Zero + Trust organization defines the user login experience. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Conflicts with `zone_id`. + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,39 +153,55 @@ spec: type: object type: object authDomain: - description: The unique subdomain assigned to your Zero Trust - organization. + description: |- + (String) The unique subdomain assigned to your Zero Trust organization. + The unique subdomain assigned to your Zero Trust organization. type: string isUiReadOnly: - description: When set to true, this will disable all editing of - Access resources via the Zero Trust Dashboard. + description: |- + (Boolean) When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. + When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. type: boolean loginDesign: + description: (Block List) (see below for nested schema) items: properties: backgroundColor: - description: The background color on the login page. + description: |- + (String) The background color on the login page. + The background color on the login page. type: string footerText: - description: The text at the bottom of the login page. + description: |- + (String) The text at the bottom of the login page. + The text at the bottom of the login page. type: string headerText: - description: The text at the top of the login page. + description: |- + (String) The text at the top of the login page. + The text at the top of the login page. type: string logoPath: - description: The URL of the logo on the login page. + description: |- + (String) The URL of the logo on the login page. + The URL of the logo on the login page. type: string textColor: - description: The text color on the login page. + description: |- + (String) The text color on the login page. + The text color on the login page. type: string type: object type: array name: - description: The name of your Zero Trust organization. + description: |- + (String) The name of your Zero Trust organization. + The name of your Zero Trust organization. type: string zoneId: - description: The zone identifier to target for the resource. Conflicts - with `account_id`. + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -186,21 +214,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -213,8 +241,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -227,72 +256,280 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - authDomain type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + authDomain: + description: |- + (String) The unique subdomain assigned to your Zero Trust organization. + The unique subdomain assigned to your Zero Trust organization. + type: string + isUiReadOnly: + description: |- + (Boolean) When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. + When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. + type: boolean + loginDesign: + description: (Block List) (see below for nested schema) + items: + properties: + backgroundColor: + description: |- + (String) The background color on the login page. + The background color on the login page. + type: string + footerText: + description: |- + (String) The text at the bottom of the login page. + The text at the bottom of the login page. + type: string + headerText: + description: |- + (String) The text at the top of the login page. + The text at the top of the login page. + type: string + logoPath: + description: |- + (String) The URL of the logo on the login page. + The URL of the logo on the login page. + type: string + textColor: + description: |- + (String) The text color on the login page. + The text color on the login page. + type: string + type: object + type: array + name: + description: |- + (String) The name of your Zero Trust organization. + The name of your Zero Trust organization. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -302,21 +539,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -326,17 +563,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -346,21 +585,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -375,21 +614,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -400,14 +640,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -422,12 +663,74 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.authDomain is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.authDomain) + || (has(self.initProvider) && has(self.initProvider.authDomain))' status: description: OrganizationStatus defines the observed state of Organization. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. + type: string + authDomain: + description: |- + (String) The unique subdomain assigned to your Zero Trust organization. + The unique subdomain assigned to your Zero Trust organization. + type: string id: + description: (String) The ID of this resource. + type: string + isUiReadOnly: + description: |- + (Boolean) When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. + When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard. + type: boolean + loginDesign: + description: (Block List) (see below for nested schema) + items: + properties: + backgroundColor: + description: |- + (String) The background color on the login page. + The background color on the login page. + type: string + footerText: + description: |- + (String) The text at the bottom of the login page. + The text at the bottom of the login page. + type: string + headerText: + description: |- + (String) The text at the top of the login page. + The text at the top of the login page. + type: string + logoPath: + description: |- + (String) The URL of the logo on the login page. + The URL of the logo on the login page. + type: string + textColor: + description: |- + (String) The text color on the login page. + The text color on the login page. + type: string + type: object + type: array + name: + description: |- + (String) The name of your Zero Trust organization. + The name of your Zero Trust organization. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string type: object conditions: @@ -436,13 +739,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -453,8 +758,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -463,6 +769,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -471,9 +780,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/access.cloudflare.upbound.io_policies.yaml b/package/crds/access.cloudflare.upbound.io_policies.yaml index 4239739..7479fd6 100644 --- a/package/crds/access.cloudflare.upbound.io_policies.yaml +++ b/package/crds/access.cloudflare.upbound.io_policies.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: policies.access.cloudflare.upbound.io spec: group: access.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Policy is the Schema for the Policys API. + description: Policy is the Schema for the Policys API. Provides a Cloudflare + Access Policy resource. Access Policies are used in conjunction with Access + Applications to restrict access to a particular resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Conflicts with `zone_id`. + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,8 +154,9 @@ spec: type: object type: object applicationId: - description: The ID of the application the policy is associated - with. + description: |- + (String) The ID of the application the policy is associated with. + The ID of the application the policy is associated with. type: string applicationIdRef: description: Reference to a Application to populate applicationId. @@ -155,21 +169,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -182,8 +196,9 @@ spec: description: Selector for a Application to populate applicationId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -196,21 +211,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -218,388 +233,514 @@ spec: type: object type: object approvalGroup: + description: (Block List) (see below for nested schema) items: properties: approvalsNeeded: - description: Number of approvals needed. + description: |- + (Number) Number of approvals needed. + Number of approvals needed. type: number emailAddresses: - description: List of emails to request approval from. + description: |- + (List of String) List of emails to request approval from. + List of emails to request approval from. items: type: string type: array emailListUuid: + description: (String) type: string - required: - - approvalsNeeded type: object type: array approvalRequired: + description: (Boolean) type: boolean decision: - description: 'Defines the action Access will take if the policy - matches the user. Available values: `allow`, `deny`, `non_identity`, - `bypass`.' + description: |- + (String) Defines the action Access will take if the policy matches the user. Available values: allow, deny, non_identity, bypass. + Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. type: string exclude: - description: A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + description: |- + (Block List) A series of access conditions, see Access Groups. (see below for nested schema) + A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). items: properties: anyValidServiceToken: + description: (Boolean) type: boolean authMethod: + description: (String) type: string azure: + description: (Block List) (see below for nested schema) items: properties: id: + description: (String) The ID of this resource. items: type: string type: array identityProviderId: + description: (String) type: string type: object type: array certificate: + description: (Boolean) type: boolean commonName: + description: (String) type: string devicePosture: + description: (List of String) items: type: string type: array email: + description: (List of String) items: type: string type: array emailDomain: + description: (List of String) items: type: string type: array everyone: + description: (Boolean) type: boolean externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' items: properties: evaluateUrl: + description: (String) type: string keysUrl: + description: (String) type: string type: object type: array geo: + description: (List of String) items: type: string type: array github: + description: (Block List) (see below for nested schema) items: properties: identityProviderId: + description: (String) type: string name: + description: (String) Friendly name of the Access + Policy. type: string teams: + description: (List of String) items: type: string type: array type: object type: array group: + description: (List of String) items: type: string type: array gsuite: + description: (Block List) (see below for nested schema) items: properties: email: + description: (List of String) items: type: string type: array identityProviderId: + description: (String) type: string type: object type: array ip: + description: (List of String) items: type: string type: array loginMethod: + description: (List of String) items: type: string type: array okta: + description: (Block List) (see below for nested schema) items: properties: identityProviderId: + description: (String) type: string name: + description: (String) Friendly name of the Access + Policy. items: type: string type: array type: object type: array saml: + description: (Block List) (see below for nested schema) items: properties: attributeName: + description: (String) type: string attributeValue: + description: (String) type: string identityProviderId: + description: (String) type: string type: object type: array serviceToken: + description: (List of String) items: type: string type: array type: object type: array include: - description: A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + description: |- + (Block List, Min: 1) A series of access conditions, see Access Groups. (see below for nested schema) + A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). items: properties: anyValidServiceToken: + description: (Boolean) type: boolean authMethod: + description: (String) type: string azure: + description: (Block List) (see below for nested schema) items: properties: id: + description: (String) The ID of this resource. items: type: string type: array identityProviderId: + description: (String) type: string type: object type: array certificate: + description: (Boolean) type: boolean commonName: + description: (String) type: string devicePosture: + description: (List of String) items: type: string type: array email: + description: (List of String) items: type: string type: array emailDomain: + description: (List of String) items: type: string type: array everyone: + description: (Boolean) type: boolean externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' items: properties: evaluateUrl: + description: (String) type: string keysUrl: + description: (String) type: string type: object type: array geo: + description: (List of String) items: type: string type: array github: + description: (Block List) (see below for nested schema) items: properties: identityProviderId: + description: (String) type: string name: + description: (String) Friendly name of the Access + Policy. type: string teams: + description: (List of String) items: type: string type: array type: object type: array group: + description: (List of String) items: type: string type: array gsuite: + description: (Block List) (see below for nested schema) items: properties: email: + description: (List of String) items: type: string type: array identityProviderId: + description: (String) type: string type: object type: array ip: + description: (List of String) items: type: string type: array loginMethod: + description: (List of String) items: type: string type: array okta: + description: (Block List) (see below for nested schema) items: properties: identityProviderId: + description: (String) type: string name: + description: (String) Friendly name of the Access + Policy. items: type: string type: array type: object type: array saml: + description: (Block List) (see below for nested schema) items: properties: attributeName: + description: (String) type: string attributeValue: + description: (String) type: string identityProviderId: + description: (String) type: string type: object type: array serviceToken: + description: (List of String) items: type: string type: array type: object type: array name: - description: Friendly name of the Access Policy. + description: |- + (String) Friendly name of the Access Policy. + Friendly name of the Access Policy. type: string precedence: - description: The unique precedence for policies on a single application. + description: |- + (Number) The unique precedence for policies on a single application. + The unique precedence for policies on a single application. type: number purposeJustificationPrompt: - description: The prompt to display to the user for a justification - for accessing the resource. Required when using `purpose_justification_required`. + description: |- + (String) The prompt to display to the user for a justification for accessing the resource. Required when using purpose_justification_required. + The prompt to display to the user for a justification for accessing the resource. Required when using `purpose_justification_required`. type: string purposeJustificationRequired: - description: Whether to prompt the user for a justification for - accessing the resource. + description: |- + (Boolean) Whether to prompt the user for a justification for accessing the resource. + Whether to prompt the user for a justification for accessing the resource. type: boolean require: - description: A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + description: |- + (Block List) A series of access conditions, see Access Groups. (see below for nested schema) + A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). items: properties: anyValidServiceToken: + description: (Boolean) type: boolean authMethod: + description: (String) type: string azure: + description: (Block List) (see below for nested schema) items: properties: id: + description: (String) The ID of this resource. items: type: string type: array identityProviderId: + description: (String) type: string type: object type: array certificate: + description: (Boolean) type: boolean commonName: + description: (String) type: string devicePosture: + description: (List of String) items: type: string type: array email: + description: (List of String) items: type: string type: array emailDomain: + description: (List of String) items: type: string type: array everyone: + description: (Boolean) type: boolean externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' items: properties: evaluateUrl: + description: (String) type: string keysUrl: + description: (String) type: string type: object type: array geo: + description: (List of String) items: type: string type: array github: + description: (Block List) (see below for nested schema) items: properties: identityProviderId: + description: (String) type: string name: + description: (String) Friendly name of the Access + Policy. type: string teams: + description: (List of String) items: type: string type: array type: object type: array group: + description: (List of String) items: type: string type: array gsuite: + description: (Block List) (see below for nested schema) items: properties: email: + description: (List of String) items: type: string type: array identityProviderId: + description: (String) type: string type: object type: array ip: + description: (List of String) items: type: string type: array loginMethod: + description: (List of String) items: type: string type: array okta: + description: (Block List) (see below for nested schema) items: properties: identityProviderId: + description: (String) type: string name: + description: (String) Friendly name of the Access + Policy. items: type: string type: array type: object type: array saml: + description: (Block List) (see below for nested schema) items: properties: attributeName: + description: (String) type: string attributeValue: + description: (String) type: string identityProviderId: + description: (String) type: string type: object type: array serviceToken: + description: (List of String) items: type: string type: array type: object type: array zoneId: - description: The zone identifier to target for the resource. Conflicts - with `account_id`. + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -612,21 +753,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -639,8 +780,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -653,119 +795,127 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - decision - - include - - name - - precedence type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name - type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. + accountIdSelector: + description: Selector for a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name - type: object - publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. - properties: - configRef: - default: - name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + applicationId: + description: |- + (String) The ID of the application the policy is associated with. + The ID of the application the policy is associated with. + type: string + applicationIdRef: + description: Reference to a Application to populate applicationId. properties: name: description: Name of the referenced object. @@ -775,21 +925,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -798,65 +948,1342 @@ spec: required: - name type: object - metadata: - description: Metadata is the metadata for connection secret. + applicationIdSelector: + description: Selector for a Application to populate applicationId. properties: - annotations: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: MatchLabels ensures an object with matching labels + is selected. type: object - labels: - additionalProperties: - type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string type: object - type: - description: Type is the SecretType for the connection secret. - - Only valid for Kubernetes Secret Stores. - type: string type: object - name: - description: Name is the name of the connection secret. - type: string - required: - - name - type: object - writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. - properties: - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. + approvalGroup: + description: (Block List) (see below for nested schema) + items: + properties: + approvalsNeeded: + description: |- + (Number) Number of approvals needed. + Number of approvals needed. + type: number + emailAddresses: + description: |- + (List of String) List of emails to request approval from. + List of emails to request approval from. + items: + type: string + type: array + emailListUuid: + description: (String) + type: string + type: object + type: array + approvalRequired: + description: (Boolean) + type: boolean + decision: + description: |- + (String) Defines the action Access will take if the policy matches the user. Available values: allow, deny, non_identity, bypass. + Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. type: string - required: - - name - - namespace - type: object - required: - - forProvider - type: object - status: - description: PolicyStatus defines the observed state of Policy. - properties: - atProvider: - properties: - id: + exclude: + description: |- + (Block List) A series of access conditions, see Access Groups. (see below for nested schema) + A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + items: + properties: + anyValidServiceToken: + description: (Boolean) + type: boolean + authMethod: + description: (String) + type: string + azure: + description: (Block List) (see below for nested schema) + items: + properties: + id: + description: (String) The ID of this resource. + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + certificate: + description: (Boolean) + type: boolean + commonName: + description: (String) + type: string + devicePosture: + description: (List of String) + items: + type: string + type: array + email: + description: (List of String) + items: + type: string + type: array + emailDomain: + description: (List of String) + items: + type: string + type: array + everyone: + description: (Boolean) + type: boolean + externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + evaluateUrl: + description: (String) + type: string + keysUrl: + description: (String) + type: string + type: object + type: array + geo: + description: (List of String) + items: + type: string + type: array + github: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) Friendly name of the Access + Policy. + type: string + teams: + description: (List of String) + items: + type: string + type: array + type: object + type: array + group: + description: (List of String) + items: + type: string + type: array + gsuite: + description: (Block List) (see below for nested schema) + items: + properties: + email: + description: (List of String) + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + ip: + description: (List of String) + items: + type: string + type: array + loginMethod: + description: (List of String) + items: + type: string + type: array + okta: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) Friendly name of the Access + Policy. + items: + type: string + type: array + type: object + type: array + saml: + description: (Block List) (see below for nested schema) + items: + properties: + attributeName: + description: (String) + type: string + attributeValue: + description: (String) + type: string + identityProviderId: + description: (String) + type: string + type: object + type: array + serviceToken: + description: (List of String) + items: + type: string + type: array + type: object + type: array + include: + description: |- + (Block List, Min: 1) A series of access conditions, see Access Groups. (see below for nested schema) + A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + items: + properties: + anyValidServiceToken: + description: (Boolean) + type: boolean + authMethod: + description: (String) + type: string + azure: + description: (Block List) (see below for nested schema) + items: + properties: + id: + description: (String) The ID of this resource. + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + certificate: + description: (Boolean) + type: boolean + commonName: + description: (String) + type: string + devicePosture: + description: (List of String) + items: + type: string + type: array + email: + description: (List of String) + items: + type: string + type: array + emailDomain: + description: (List of String) + items: + type: string + type: array + everyone: + description: (Boolean) + type: boolean + externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + evaluateUrl: + description: (String) + type: string + keysUrl: + description: (String) + type: string + type: object + type: array + geo: + description: (List of String) + items: + type: string + type: array + github: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) Friendly name of the Access + Policy. + type: string + teams: + description: (List of String) + items: + type: string + type: array + type: object + type: array + group: + description: (List of String) + items: + type: string + type: array + gsuite: + description: (Block List) (see below for nested schema) + items: + properties: + email: + description: (List of String) + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + ip: + description: (List of String) + items: + type: string + type: array + loginMethod: + description: (List of String) + items: + type: string + type: array + okta: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) Friendly name of the Access + Policy. + items: + type: string + type: array + type: object + type: array + saml: + description: (Block List) (see below for nested schema) + items: + properties: + attributeName: + description: (String) + type: string + attributeValue: + description: (String) + type: string + identityProviderId: + description: (String) + type: string + type: object + type: array + serviceToken: + description: (List of String) + items: + type: string + type: array + type: object + type: array + name: + description: |- + (String) Friendly name of the Access Policy. + Friendly name of the Access Policy. + type: string + precedence: + description: |- + (Number) The unique precedence for policies on a single application. + The unique precedence for policies on a single application. + type: number + purposeJustificationPrompt: + description: |- + (String) The prompt to display to the user for a justification for accessing the resource. Required when using purpose_justification_required. + The prompt to display to the user for a justification for accessing the resource. Required when using `purpose_justification_required`. + type: string + purposeJustificationRequired: + description: |- + (Boolean) Whether to prompt the user for a justification for accessing the resource. + Whether to prompt the user for a justification for accessing the resource. + type: boolean + require: + description: |- + (Block List) A series of access conditions, see Access Groups. (see below for nested schema) + A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + items: + properties: + anyValidServiceToken: + description: (Boolean) + type: boolean + authMethod: + description: (String) + type: string + azure: + description: (Block List) (see below for nested schema) + items: + properties: + id: + description: (String) The ID of this resource. + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + certificate: + description: (Boolean) + type: boolean + commonName: + description: (String) + type: string + devicePosture: + description: (List of String) + items: + type: string + type: array + email: + description: (List of String) + items: + type: string + type: array + emailDomain: + description: (List of String) + items: + type: string + type: array + everyone: + description: (Boolean) + type: boolean + externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + evaluateUrl: + description: (String) + type: string + keysUrl: + description: (String) + type: string + type: object + type: array + geo: + description: (List of String) + items: + type: string + type: array + github: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) Friendly name of the Access + Policy. + type: string + teams: + description: (List of String) + items: + type: string + type: array + type: object + type: array + group: + description: (List of String) + items: + type: string + type: array + gsuite: + description: (Block List) (see below for nested schema) + items: + properties: + email: + description: (List of String) + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + ip: + description: (List of String) + items: + type: string + type: array + loginMethod: + description: (List of String) + items: + type: string + type: array + okta: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) Friendly name of the Access + Policy. + items: + type: string + type: array + type: object + type: array + saml: + description: (Block List) (see below for nested schema) + items: + properties: + attributeName: + description: (String) + type: string + attributeValue: + description: (String) + type: string + identityProviderId: + description: (String) + type: string + type: object + type: array + serviceToken: + description: (List of String) + items: + type: string + type: array + type: object + type: array + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + type: object + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + publishConnectionDetailsTo: + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + properties: + configRef: + default: + name: default + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + metadata: + description: Metadata is the metadata for connection secret. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. + type: object + labels: + additionalProperties: + type: string + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. + type: object + type: + description: |- + Type is the SecretType for the connection secret. + - Only valid for Kubernetes Secret Stores. + type: string + type: object + name: + description: Name is the name of the connection secret. + type: string + required: + - name + type: object + writeConnectionSecretToRef: + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. + properties: + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - name + - namespace + type: object + required: + - forProvider + type: object + x-kubernetes-validations: + - message: spec.forProvider.decision is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.decision) + || (has(self.initProvider) && has(self.initProvider.decision))' + - message: spec.forProvider.include is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.include) + || (has(self.initProvider) && has(self.initProvider.include))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.precedence is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.precedence) + || (has(self.initProvider) && has(self.initProvider.precedence))' + status: + description: PolicyStatus defines the observed state of Policy. + properties: + atProvider: + properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. + type: string + applicationId: + description: |- + (String) The ID of the application the policy is associated with. + The ID of the application the policy is associated with. + type: string + approvalGroup: + description: (Block List) (see below for nested schema) + items: + properties: + approvalsNeeded: + description: |- + (Number) Number of approvals needed. + Number of approvals needed. + type: number + emailAddresses: + description: |- + (List of String) List of emails to request approval from. + List of emails to request approval from. + items: + type: string + type: array + emailListUuid: + description: (String) + type: string + type: object + type: array + approvalRequired: + description: (Boolean) + type: boolean + decision: + description: |- + (String) Defines the action Access will take if the policy matches the user. Available values: allow, deny, non_identity, bypass. + Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. + type: string + exclude: + description: |- + (Block List) A series of access conditions, see Access Groups. (see below for nested schema) + A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + items: + properties: + anyValidServiceToken: + description: (Boolean) + type: boolean + authMethod: + description: (String) + type: string + azure: + description: (Block List) (see below for nested schema) + items: + properties: + id: + description: (String) The ID of this resource. + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + certificate: + description: (Boolean) + type: boolean + commonName: + description: (String) + type: string + devicePosture: + description: (List of String) + items: + type: string + type: array + email: + description: (List of String) + items: + type: string + type: array + emailDomain: + description: (List of String) + items: + type: string + type: array + everyone: + description: (Boolean) + type: boolean + externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + evaluateUrl: + description: (String) + type: string + keysUrl: + description: (String) + type: string + type: object + type: array + geo: + description: (List of String) + items: + type: string + type: array + github: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) Friendly name of the Access + Policy. + type: string + teams: + description: (List of String) + items: + type: string + type: array + type: object + type: array + group: + description: (List of String) + items: + type: string + type: array + gsuite: + description: (Block List) (see below for nested schema) + items: + properties: + email: + description: (List of String) + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + ip: + description: (List of String) + items: + type: string + type: array + loginMethod: + description: (List of String) + items: + type: string + type: array + okta: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) Friendly name of the Access + Policy. + items: + type: string + type: array + type: object + type: array + saml: + description: (Block List) (see below for nested schema) + items: + properties: + attributeName: + description: (String) + type: string + attributeValue: + description: (String) + type: string + identityProviderId: + description: (String) + type: string + type: object + type: array + serviceToken: + description: (List of String) + items: + type: string + type: array + type: object + type: array + id: + description: (String) The ID of this resource. + type: string + include: + description: |- + (Block List, Min: 1) A series of access conditions, see Access Groups. (see below for nested schema) + A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + items: + properties: + anyValidServiceToken: + description: (Boolean) + type: boolean + authMethod: + description: (String) + type: string + azure: + description: (Block List) (see below for nested schema) + items: + properties: + id: + description: (String) The ID of this resource. + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + certificate: + description: (Boolean) + type: boolean + commonName: + description: (String) + type: string + devicePosture: + description: (List of String) + items: + type: string + type: array + email: + description: (List of String) + items: + type: string + type: array + emailDomain: + description: (List of String) + items: + type: string + type: array + everyone: + description: (Boolean) + type: boolean + externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + evaluateUrl: + description: (String) + type: string + keysUrl: + description: (String) + type: string + type: object + type: array + geo: + description: (List of String) + items: + type: string + type: array + github: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) Friendly name of the Access + Policy. + type: string + teams: + description: (List of String) + items: + type: string + type: array + type: object + type: array + group: + description: (List of String) + items: + type: string + type: array + gsuite: + description: (Block List) (see below for nested schema) + items: + properties: + email: + description: (List of String) + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + ip: + description: (List of String) + items: + type: string + type: array + loginMethod: + description: (List of String) + items: + type: string + type: array + okta: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) Friendly name of the Access + Policy. + items: + type: string + type: array + type: object + type: array + saml: + description: (Block List) (see below for nested schema) + items: + properties: + attributeName: + description: (String) + type: string + attributeValue: + description: (String) + type: string + identityProviderId: + description: (String) + type: string + type: object + type: array + serviceToken: + description: (List of String) + items: + type: string + type: array + type: object + type: array + name: + description: |- + (String) Friendly name of the Access Policy. + Friendly name of the Access Policy. + type: string + precedence: + description: |- + (Number) The unique precedence for policies on a single application. + The unique precedence for policies on a single application. + type: number + purposeJustificationPrompt: + description: |- + (String) The prompt to display to the user for a justification for accessing the resource. Required when using purpose_justification_required. + The prompt to display to the user for a justification for accessing the resource. Required when using `purpose_justification_required`. + type: string + purposeJustificationRequired: + description: |- + (Boolean) Whether to prompt the user for a justification for accessing the resource. + Whether to prompt the user for a justification for accessing the resource. + type: boolean + require: + description: |- + (Block List) A series of access conditions, see Access Groups. (see below for nested schema) + A series of access conditions, see [Access Groups](https://registry.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). + items: + properties: + anyValidServiceToken: + description: (Boolean) + type: boolean + authMethod: + description: (String) + type: string + azure: + description: (Block List) (see below for nested schema) + items: + properties: + id: + description: (String) The ID of this resource. + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + certificate: + description: (Boolean) + type: boolean + commonName: + description: (String) + type: string + devicePosture: + description: (List of String) + items: + type: string + type: array + email: + description: (List of String) + items: + type: string + type: array + emailDomain: + description: (List of String) + items: + type: string + type: array + everyone: + description: (Boolean) + type: boolean + externalEvaluation: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + evaluateUrl: + description: (String) + type: string + keysUrl: + description: (String) + type: string + type: object + type: array + geo: + description: (List of String) + items: + type: string + type: array + github: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) Friendly name of the Access + Policy. + type: string + teams: + description: (List of String) + items: + type: string + type: array + type: object + type: array + group: + description: (List of String) + items: + type: string + type: array + gsuite: + description: (Block List) (see below for nested schema) + items: + properties: + email: + description: (List of String) + items: + type: string + type: array + identityProviderId: + description: (String) + type: string + type: object + type: array + ip: + description: (List of String) + items: + type: string + type: array + loginMethod: + description: (List of String) + items: + type: string + type: array + okta: + description: (Block List) (see below for nested schema) + items: + properties: + identityProviderId: + description: (String) + type: string + name: + description: (String) Friendly name of the Access + Policy. + items: + type: string + type: array + type: object + type: array + saml: + description: (Block List) (see below for nested schema) + items: + properties: + attributeName: + description: (String) + type: string + attributeValue: + description: (String) + type: string + identityProviderId: + description: (String) + type: string + type: object + type: array + serviceToken: + description: (List of String) + items: + type: string + type: array + type: object + type: array + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string type: object conditions: @@ -865,13 +2292,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -882,8 +2311,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -892,6 +2322,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -900,9 +2333,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/access.cloudflare.upbound.io_rules.yaml b/package/crds/access.cloudflare.upbound.io_rules.yaml index c91f9e9..27ddc5a 100644 --- a/package/crds/access.cloudflare.upbound.io_rules.yaml +++ b/package/crds/access.cloudflare.upbound.io_rules.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: rules.access.cloudflare.upbound.io spec: group: access.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Rule is the Schema for the Rules API. + description: Rule is the Schema for the Rules API. Provides a Cloudflare IP + Firewall Access Rule resource. Access control can be applied on basis of + IP addresses, IP ranges, AS numbers or countries. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - **Modifying this attribute will force creation of a new resource.** + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,36 +154,37 @@ spec: type: object type: object configuration: - description: Rule configuration to apply to a matched request. - **Modifying this attribute will force creation of a new resource.** + description: |- + (Block List, Min: 1, Max: 1) Rule configuration to apply to a matched request. Modifying this attribute will force creation of a new resource. (see below for nested schema) + Rule configuration to apply to a matched request. **Modifying this attribute will force creation of a new resource.** items: properties: target: - description: 'The request property to target. Available - values: `ip`, `ip6`, `ip_range`, `asn`, `country`. **Modifying - this attribute will force creation of a new resource.**' + description: |- + (String) The request property to target. Available values: ip, ip6, ip_range, asn, country. Modifying this attribute will force creation of a new resource. + The request property to target. Available values: `ip`, `ip6`, `ip_range`, `asn`, `country`. **Modifying this attribute will force creation of a new resource.** type: string value: - description: The value to target. Depends on target's type. - **Modifying this attribute will force creation of a new - resource.** + description: |- + (String) The value to target. Depends on target's type. Modifying this attribute will force creation of a new resource. + The value to target. Depends on target's type. **Modifying this attribute will force creation of a new resource.** type: string - required: - - target - - value type: object type: array mode: - description: 'The action to apply to a matched request. Available - values: `block`, `challenge`, `whitelist`, `js_challenge`, `managed_challenge`.' + description: |- + (String) The action to apply to a matched request. Available values: block, challenge, whitelist, js_challenge, managed_challenge. + The action to apply to a matched request. Available values: `block`, `challenge`, `whitelist`, `js_challenge`, `managed_challenge`. type: string notes: - description: A personal note about the rule. Typically used as - a reminder or explanation for the rule. + description: |- + (String) A personal note about the rule. Typically used as a reminder or explanation for the rule. + A personal note about the rule. Typically used as a reminder or explanation for the rule. type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -183,21 +197,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -210,8 +224,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -224,73 +239,262 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - configuration - - mode type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + configuration: + description: |- + (Block List, Min: 1, Max: 1) Rule configuration to apply to a matched request. Modifying this attribute will force creation of a new resource. (see below for nested schema) + Rule configuration to apply to a matched request. **Modifying this attribute will force creation of a new resource.** + items: + properties: + target: + description: |- + (String) The request property to target. Available values: ip, ip6, ip_range, asn, country. Modifying this attribute will force creation of a new resource. + The request property to target. Available values: `ip`, `ip6`, `ip_range`, `asn`, `country`. **Modifying this attribute will force creation of a new resource.** + type: string + value: + description: |- + (String) The value to target. Depends on target's type. Modifying this attribute will force creation of a new resource. + The value to target. Depends on target's type. **Modifying this attribute will force creation of a new resource.** + type: string + type: object + type: array + mode: + description: |- + (String) The action to apply to a matched request. Available values: block, challenge, whitelist, js_challenge, managed_challenge. + The action to apply to a matched request. Available values: `block`, `challenge`, `whitelist`, `js_challenge`, `managed_challenge`. + type: string + notes: + description: |- + (String) A personal note about the rule. Typically used as a reminder or explanation for the rule. + A personal note about the rule. Typically used as a reminder or explanation for the rule. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -300,21 +504,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -324,17 +528,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -344,21 +550,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -373,21 +579,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -398,14 +605,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -420,12 +628,60 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.configuration is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.configuration) + || (has(self.initProvider) && has(self.initProvider.configuration))' + - message: spec.forProvider.mode is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.mode) + || (has(self.initProvider) && has(self.initProvider.mode))' status: description: RuleStatus defines the observed state of Rule. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + configuration: + description: |- + (Block List, Min: 1, Max: 1) Rule configuration to apply to a matched request. Modifying this attribute will force creation of a new resource. (see below for nested schema) + Rule configuration to apply to a matched request. **Modifying this attribute will force creation of a new resource.** + items: + properties: + target: + description: |- + (String) The request property to target. Available values: ip, ip6, ip_range, asn, country. Modifying this attribute will force creation of a new resource. + The request property to target. Available values: `ip`, `ip6`, `ip_range`, `asn`, `country`. **Modifying this attribute will force creation of a new resource.** + type: string + value: + description: |- + (String) The value to target. Depends on target's type. Modifying this attribute will force creation of a new resource. + The value to target. Depends on target's type. **Modifying this attribute will force creation of a new resource.** + type: string + type: object + type: array id: + description: (String) The ID of this resource. + type: string + mode: + description: |- + (String) The action to apply to a matched request. Available values: block, challenge, whitelist, js_challenge, managed_challenge. + The action to apply to a matched request. Available values: `block`, `challenge`, `whitelist`, `js_challenge`, `managed_challenge`. + type: string + notes: + description: |- + (String) A personal note about the rule. Typically used as a reminder or explanation for the rule. + A personal note about the rule. Typically used as a reminder or explanation for the rule. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -434,13 +690,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -451,8 +709,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -461,6 +720,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -469,9 +731,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/access.cloudflare.upbound.io_servicetokens.yaml b/package/crds/access.cloudflare.upbound.io_servicetokens.yaml index 26aa79f..9467247 100644 --- a/package/crds/access.cloudflare.upbound.io_servicetokens.yaml +++ b/package/crds/access.cloudflare.upbound.io_servicetokens.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: servicetokens.access.cloudflare.upbound.io spec: group: access.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: ServiceToken is the Schema for the ServiceTokens API. + description: ServiceToken is the Schema for the ServiceTokens API. Access + Service Tokens are used for service-to-service communication when an application + is behind Cloudflare Access. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Conflicts with `zone_id`. + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,14 +154,17 @@ spec: type: object type: object minDaysForRenewal: - description: Defaults to `0`. + description: Defaults to 0. Defaults to `0`. type: number name: - description: Friendly name of the token's intent. + description: |- + (String) Friendly name of the token's intent. + Friendly name of the token's intent. type: string zoneId: - description: The zone identifier to target for the resource. Conflicts - with `account_id`. + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -161,21 +177,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -188,8 +204,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -202,72 +219,242 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + minDaysForRenewal: + description: Defaults to 0. Defaults to `0`. + type: number + name: + description: |- + (String) Friendly name of the token's intent. + Friendly name of the token's intent. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -277,21 +464,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -301,17 +488,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -321,21 +510,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -350,21 +539,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -375,14 +565,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -397,19 +588,46 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: ServiceTokenStatus defines the observed state of ServiceToken. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. + type: string clientId: - description: UUID client ID associated with the Service Token. - **Modifying this attribute will force creation of a new resource.** + description: |- + (String) UUID client ID associated with the Service Token. Modifying this attribute will force creation of a new resource. + UUID client ID associated with the Service Token. **Modifying this attribute will force creation of a new resource.** type: string expiresAt: - description: Date when the token expires. + description: |- + (String) Date when the token expires. + Date when the token expires. type: string id: + description: (String) The ID of this resource. + type: string + minDaysForRenewal: + description: Defaults to 0. Defaults to `0`. + type: number + name: + description: |- + (String) Friendly name of the token's intent. + Friendly name of the token's intent. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string type: object conditions: @@ -418,13 +636,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -435,8 +655,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -445,6 +666,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -453,9 +677,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/account.cloudflare.upbound.io_accounts.yaml b/package/crds/account.cloudflare.upbound.io_accounts.yaml index 09d9cde..914d41b 100644 --- a/package/crds/account.cloudflare.upbound.io_accounts.yaml +++ b/package/crds/account.cloudflare.upbound.io_accounts.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: accounts.account.cloudflare.upbound.io spec: group: account.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Account is the Schema for the Accounts API. + description: Account is the Schema for the Accounts API. Provides a Cloudflare + Account resource. Account is the basic resource for working with Cloudflare + zones, teams and users. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,63 +75,84 @@ spec: forProvider: properties: enforceTwofactor: - description: Whether 2FA is enforced on the account. Defaults - to `false`. + description: |- + (Boolean) Whether 2FA is enforced on the account. Defaults to false. + Whether 2FA is enforced on the account. Defaults to `false`. type: boolean name: - description: The name of the account that is displayed in the - Cloudflare dashboard. + description: |- + (String) The name of the account that is displayed in the Cloudflare dashboard. + The name of the account that is displayed in the Cloudflare dashboard. type: string type: - description: 'Account type. Available values: `enterprise`, `standard`. - Defaults to `standard`. **Modifying this attribute will force - creation of a new resource.**' + description: |- + (String) Account type. Available values: enterprise, standard. Defaults to standard. Modifying this attribute will force creation of a new resource. + Account type. Available values: `enterprise`, `standard`. Defaults to `standard`. **Modifying this attribute will force creation of a new resource.** type: string - required: - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: + enforceTwofactor: + description: |- + (Boolean) Whether 2FA is enforced on the account. Defaults to false. + Whether 2FA is enforced on the account. Defaults to `false`. + type: boolean name: - description: Name of the referenced object. + description: |- + (String) The name of the account that is displayed in the Cloudflare dashboard. + The name of the account that is displayed in the Cloudflare dashboard. + type: string + type: + description: |- + (String) Account type. Available values: enterprise, standard. Defaults to standard. Modifying this attribute will force creation of a new resource. + Account type. Available values: `enterprise`, `standard`. Defaults to `standard`. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -130,21 +162,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -154,17 +186,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -174,21 +208,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -203,21 +237,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -228,14 +263,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -250,12 +286,33 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: AccountStatus defines the observed state of Account. properties: atProvider: properties: + enforceTwofactor: + description: |- + (Boolean) Whether 2FA is enforced on the account. Defaults to false. + Whether 2FA is enforced on the account. Defaults to `false`. + type: boolean id: + description: (String) The ID of this resource. + type: string + name: + description: |- + (String) The name of the account that is displayed in the Cloudflare dashboard. + The name of the account that is displayed in the Cloudflare dashboard. + type: string + type: + description: |- + (String) Account type. Available values: enterprise, standard. Defaults to standard. Modifying this attribute will force creation of a new resource. + Account type. Available values: `enterprise`, `standard`. Defaults to `standard`. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -264,13 +321,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -281,8 +340,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -291,6 +351,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -299,9 +362,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/account.cloudflare.upbound.io_apitokens.yaml b/package/crds/account.cloudflare.upbound.io_apitokens.yaml index 19c7ca1..b6c519c 100644 --- a/package/crds/account.cloudflare.upbound.io_apitokens.yaml +++ b/package/crds/account.cloudflare.upbound.io_apitokens.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: apitokens.account.cloudflare.upbound.io spec: group: account.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: APIToken is the Schema for the APITokens API. + description: APIToken is the Schema for the APITokens API. Provides a resource + which manages Cloudflare API tokens. Read more about permission groups and + their applicable scopes in the developer documentation https://developers.cloudflare.com/api/tokens/create/permissions. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,114 +75,206 @@ spec: forProvider: properties: condition: - description: Conditions under which the token should be considered - valid. + description: |- + (Block List, Max: 1) Conditions under which the token should be considered valid. (see below for nested schema) + Conditions under which the token should be considered valid. items: properties: requestIp: - description: Request IP related conditions. + description: |- + (Block List, Max: 1) Request IP related conditions. (see below for nested schema) + Request IP related conditions. items: properties: in: - description: List of IP addresses or CIDR notation - where the token may be used from. If not specified, - the token will be valid for all IP addresses. + description: |- + (Set of String) List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. + List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. items: type: string type: array + x-kubernetes-list-type: set notIn: - description: List of IP addresses or CIDR notation - where the token should not be used from. + description: |- + (Set of String) List of IP addresses or CIDR notation where the token should not be used from. + List of IP addresses or CIDR notation where the token should not be used from. items: type: string type: array + x-kubernetes-list-type: set type: object type: array type: object type: array expiresOn: - description: The expiration time on or after which the token MUST - NOT be accepted for processing. + description: |- + (String) The expiration time on or after which the token MUST NOT be accepted for processing. + The expiration time on or after which the token MUST NOT be accepted for processing. type: string name: - description: Name of the API Token. + description: |- + (String) Name of the API Token. + Name of the API Token. type: string notBefore: - description: The time before which the token MUST NOT be accepted - for processing. + description: |- + (String) The time before which the token MUST NOT be accepted for processing. + The time before which the token MUST NOT be accepted for processing. type: string policy: - description: Permissions policy. Multiple policy blocks can be - defined. + description: |- + (Block Set, Min: 1) Permissions policy. Multiple policy blocks can be defined. (see below for nested schema) + Permissions policy. Multiple policy blocks can be defined. items: properties: effect: - description: 'Effect of the policy. Available values: `allow`, - `deny`. Defaults to `allow`.' + description: |- + (String) Effect of the policy. Available values: allow, deny. Defaults to allow. + Effect of the policy. Available values: `allow`, `deny`. Defaults to `allow`. type: string permissionGroups: - description: List of permissions groups IDs. See [documentation](https://developers.cloudflare.com/api/tokens/create/permissions) - for more information. + description: |- + (Set of String) List of permissions groups IDs. See documentation for more information. + List of permissions groups IDs. See [documentation](https://developers.cloudflare.com/api/tokens/create/permissions) for more information. items: type: string type: array + x-kubernetes-list-type: set resources: additionalProperties: type: string - description: Describes what operations against which resources - are allowed or denied. + description: |- + (Map of String) Describes what operations against which resources are allowed or denied. + Describes what operations against which resources are allowed or denied. type: object - required: - - permissionGroups - - resources + x-kubernetes-map-type: granular type: object type: array - required: - - name - - policy type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: + condition: + description: |- + (Block List, Max: 1) Conditions under which the token should be considered valid. (see below for nested schema) + Conditions under which the token should be considered valid. + items: + properties: + requestIp: + description: |- + (Block List, Max: 1) Request IP related conditions. (see below for nested schema) + Request IP related conditions. + items: + properties: + in: + description: |- + (Set of String) List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. + List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. + items: + type: string + type: array + x-kubernetes-list-type: set + notIn: + description: |- + (Set of String) List of IP addresses or CIDR notation where the token should not be used from. + List of IP addresses or CIDR notation where the token should not be used from. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + type: object + type: array + expiresOn: + description: |- + (String) The expiration time on or after which the token MUST NOT be accepted for processing. + The expiration time on or after which the token MUST NOT be accepted for processing. + type: string name: - description: Name of the referenced object. + description: |- + (String) Name of the API Token. + Name of the API Token. + type: string + notBefore: + description: |- + (String) The time before which the token MUST NOT be accepted for processing. + The time before which the token MUST NOT be accepted for processing. type: string policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name + description: |- + (Block Set, Min: 1) Permissions policy. Multiple policy blocks can be defined. (see below for nested schema) + Permissions policy. Multiple policy blocks can be defined. + items: + properties: + effect: + description: |- + (String) Effect of the policy. Available values: allow, deny. Defaults to allow. + Effect of the policy. Available values: `allow`, `deny`. Defaults to `allow`. + type: string + permissionGroups: + description: |- + (Set of String) List of permissions groups IDs. See documentation for more information. + List of permissions groups IDs. See [documentation](https://developers.cloudflare.com/api/tokens/create/permissions) for more information. + items: + type: string + type: array + x-kubernetes-list-type: set + resources: + additionalProperties: + type: string + description: |- + (Map of String) Describes what operations against which resources are allowed or denied. + Describes what operations against which resources are allowed or denied. + type: object + x-kubernetes-map-type: granular + type: object + type: array type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -181,21 +284,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -205,17 +308,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -225,21 +330,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -254,21 +359,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -279,14 +385,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -301,20 +408,111 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.policy is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.policy) + || (has(self.initProvider) && has(self.initProvider.policy))' status: description: APITokenStatus defines the observed state of APIToken. properties: atProvider: properties: + condition: + description: |- + (Block List, Max: 1) Conditions under which the token should be considered valid. (see below for nested schema) + Conditions under which the token should be considered valid. + items: + properties: + requestIp: + description: |- + (Block List, Max: 1) Request IP related conditions. (see below for nested schema) + Request IP related conditions. + items: + properties: + in: + description: |- + (Set of String) List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. + List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. + items: + type: string + type: array + x-kubernetes-list-type: set + notIn: + description: |- + (Set of String) List of IP addresses or CIDR notation where the token should not be used from. + List of IP addresses or CIDR notation where the token should not be used from. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + type: object + type: array + expiresOn: + description: |- + (String) The expiration time on or after which the token MUST NOT be accepted for processing. + The expiration time on or after which the token MUST NOT be accepted for processing. + type: string id: + description: (String) The ID of this resource. type: string issuedOn: - description: Timestamp of when the token was issued. + description: |- + (String) Timestamp of when the token was issued. + Timestamp of when the token was issued. type: string modifiedOn: - description: Timestamp of when the token was last modified. + description: |- + (String) Timestamp of when the token was last modified. + Timestamp of when the token was last modified. type: string + name: + description: |- + (String) Name of the API Token. + Name of the API Token. + type: string + notBefore: + description: |- + (String) The time before which the token MUST NOT be accepted for processing. + The time before which the token MUST NOT be accepted for processing. + type: string + policy: + description: |- + (Block Set, Min: 1) Permissions policy. Multiple policy blocks can be defined. (see below for nested schema) + Permissions policy. Multiple policy blocks can be defined. + items: + properties: + effect: + description: |- + (String) Effect of the policy. Available values: allow, deny. Defaults to allow. + Effect of the policy. Available values: `allow`, `deny`. Defaults to `allow`. + type: string + permissionGroups: + description: |- + (Set of String) List of permissions groups IDs. See documentation for more information. + List of permissions groups IDs. See [documentation](https://developers.cloudflare.com/api/tokens/create/permissions) for more information. + items: + type: string + type: array + x-kubernetes-list-type: set + resources: + additionalProperties: + type: string + description: |- + (Map of String) Describes what operations against which resources are allowed or denied. + Describes what operations against which resources are allowed or denied. + type: object + x-kubernetes-map-type: granular + type: object + type: array status: + description: (String) type: string type: object conditions: @@ -323,13 +521,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -340,8 +540,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -350,6 +551,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -358,9 +562,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/account.cloudflare.upbound.io_members.yaml b/package/crds/account.cloudflare.upbound.io_members.yaml index 1576117..0078779 100644 --- a/package/crds/account.cloudflare.upbound.io_members.yaml +++ b/package/crds/account.cloudflare.upbound.io_members.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: members.account.cloudflare.upbound.io spec: group: account.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Member is the Schema for the Members API. + description: Member is the Schema for the Members API. Provides a resource + which manages Cloudflare account members. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: Account ID to create the account member in. + description: |- + (String) Account ID to create the account member in. + Account ID to create the account member in. type: string accountIdRef: description: Reference to a Account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,66 +153,169 @@ spec: type: object type: object emailAddress: - description: The email address of the user who you wish to manage. - Following creation, this field becomes read only via the API - and cannot be updated. + description: |- + (String) The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. + The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. type: string roleIds: - description: List of account role IDs that you want to assign - to a member. + description: |- + (Set of String) List of account role IDs that you want to assign to a member. + List of account role IDs that you want to assign to a member. items: type: string type: array + x-kubernetes-list-type: set status: - description: 'A member''s status in the account. Available values: - `accepted`, `pending`.' + description: |- + (String) A member's status in the account. Available values: accepted, pending. + A member's status in the account. Available values: `accepted`, `pending`. type: string - required: - - emailAddress - - roleIds type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) Account ID to create the account member in. + Account ID to create the account member in. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + emailAddress: + description: |- + (String) The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. + The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. + type: string + roleIds: + description: |- + (Set of String) List of account role IDs that you want to assign to a member. + List of account role IDs that you want to assign to a member. + items: + type: string + type: array + x-kubernetes-list-type: set + status: + description: |- + (String) A member's status in the account. Available values: accepted, pending. + A member's status in the account. Available values: `accepted`, `pending`. + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -209,21 +325,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -233,17 +349,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -253,21 +371,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -282,21 +400,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -307,14 +426,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -329,12 +449,45 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.emailAddress is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.emailAddress) + || (has(self.initProvider) && has(self.initProvider.emailAddress))' + - message: spec.forProvider.roleIds is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.roleIds) + || (has(self.initProvider) && has(self.initProvider.roleIds))' status: description: MemberStatus defines the observed state of Member. properties: atProvider: properties: + accountId: + description: |- + (String) Account ID to create the account member in. + Account ID to create the account member in. + type: string + emailAddress: + description: |- + (String) The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. + The email address of the user who you wish to manage. Following creation, this field becomes read only via the API and cannot be updated. + type: string id: + description: (String) The ID of this resource. + type: string + roleIds: + description: |- + (Set of String) List of account role IDs that you want to assign to a member. + List of account role IDs that you want to assign to a member. + items: + type: string + type: array + x-kubernetes-list-type: set + status: + description: |- + (String) A member's status in the account. Available values: accepted, pending. + A member's status in the account. Available values: `accepted`, `pending`. type: string type: object conditions: @@ -343,13 +496,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -360,8 +515,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -370,6 +526,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -378,9 +537,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/apishield.cloudflare.upbound.io_apishields.yaml b/package/crds/apishield.cloudflare.upbound.io_apishields.yaml index bfdb66a..1ba9c2c 100644 --- a/package/crds/apishield.cloudflare.upbound.io_apishields.yaml +++ b/package/crds/apishield.cloudflare.upbound.io_apishields.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: apishields.apishield.cloudflare.upbound.io spec: group: apishield.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: APIShield is the Schema for the APIShields API. + description: APIShield is the Schema for the APIShields API. Provides a resource + to manage API Shield configurations. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,22 +74,27 @@ spec: forProvider: properties: authIdCharacteristics: - description: Characteristics define properties across which auth-ids - can be computed in a privacy-preserving manner. + description: |- + ids can be computed in a privacy-preserving manner. (see below for nested schema) + Characteristics define properties across which auth-ids can be computed in a privacy-preserving manner. items: properties: name: - description: The name of the characteristic. + description: |- + (String) The name of the characteristic. + The name of the characteristic. type: string type: - description: 'The type of characteristic. Available values: - `header`, `cookie`.' + description: |- + (String) The type of characteristic. Available values: header, cookie. + The type of characteristic. Available values: `header`, `cookie`. type: string type: object type: array zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -92,21 +107,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -119,8 +134,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -133,21 +149,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -155,48 +171,151 @@ spec: type: object type: object type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + authIdCharacteristics: + description: |- + ids can be computed in a privacy-preserving manner. (see below for nested schema) + Characteristics define properties across which auth-ids can be computed in a privacy-preserving manner. + items: + properties: + name: + description: |- + (String) The name of the characteristic. + The name of the characteristic. + type: string + type: + description: |- + (String) The type of characteristic. Available values: header, cookie. + The type of characteristic. Available values: `header`, `cookie`. + type: string + type: object + type: array + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -206,21 +325,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -230,17 +349,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -250,21 +371,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -279,21 +400,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -304,14 +426,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -331,7 +454,31 @@ spec: properties: atProvider: properties: + authIdCharacteristics: + description: |- + ids can be computed in a privacy-preserving manner. (see below for nested schema) + Characteristics define properties across which auth-ids can be computed in a privacy-preserving manner. + items: + properties: + name: + description: |- + (String) The name of the characteristic. + The name of the characteristic. + type: string + type: + description: |- + (String) The type of characteristic. Available values: header, cookie. + The type of characteristic. Available values: `header`, `cookie`. + type: string + type: object + type: array id: + description: (String) The ID of this resource. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -340,13 +487,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -357,8 +506,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -367,6 +517,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -375,9 +528,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/argo.cloudflare.upbound.io_argoes.yaml b/package/crds/argo.cloudflare.upbound.io_argoes.yaml index 9a34eb8..dd1dd6f 100644 --- a/package/crds/argo.cloudflare.upbound.io_argoes.yaml +++ b/package/crds/argo.cloudflare.upbound.io_argoes.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: argoes.argo.cloudflare.upbound.io spec: group: argo.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Argo is the Schema for the Argos API. + description: Argo is the Schema for the Argos API. Cloudflare Argo controls + the routing to your origin and tiered caching options to speed up your website + browsing experience. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,15 +75,19 @@ spec: forProvider: properties: smartRouting: - description: 'Whether smart routing is enabled. Available values: - `on`, `off`.' + description: |- + (String) Whether smart routing is enabled. Available values: on, off. + Whether smart routing is enabled. Available values: `on`, `off`. type: string tieredCaching: - description: 'Whether tiered caching is enabled. Available values: - `on`, `off`.' + description: |- + (String) Whether tiered caching is enabled. Available values: on, off. + Whether tiered caching is enabled. Available values: `on`, `off`. type: string zoneId: - description: The zone identifier to target for the resource. + description: |- + (String) The zone identifier to target for the resource. + The zone identifier to target for the resource. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -85,21 +100,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -112,8 +127,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -126,21 +142,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -148,48 +164,143 @@ spec: type: object type: object type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + smartRouting: + description: |- + (String) Whether smart routing is enabled. Available values: on, off. + Whether smart routing is enabled. Available values: `on`, `off`. type: string - policy: - description: Policies for referencing. + tieredCaching: + description: |- + (String) Whether tiered caching is enabled. Available values: on, off. + Whether tiered caching is enabled. Available values: `on`, `off`. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. + The zone identifier to target for the resource. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -199,21 +310,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -223,17 +334,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -243,21 +356,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -272,21 +385,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -297,14 +411,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -325,6 +440,22 @@ spec: atProvider: properties: id: + description: (String) The ID of this resource. + type: string + smartRouting: + description: |- + (String) Whether smart routing is enabled. Available values: on, off. + Whether smart routing is enabled. Available values: `on`, `off`. + type: string + tieredCaching: + description: |- + (String) Whether tiered caching is enabled. Available values: on, off. + Whether tiered caching is enabled. Available values: `on`, `off`. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. + The zone identifier to target for the resource. type: string type: object conditions: @@ -333,13 +464,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -350,8 +483,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -360,6 +494,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -368,9 +505,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/argo.cloudflare.upbound.io_tunnelconfigs.yaml b/package/crds/argo.cloudflare.upbound.io_tunnelconfigs.yaml index 9ef1492..d772d22 100644 --- a/package/crds/argo.cloudflare.upbound.io_tunnelconfigs.yaml +++ b/package/crds/argo.cloudflare.upbound.io_tunnelconfigs.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: tunnelconfigs.argo.cloudflare.upbound.io spec: group: argo.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: TunnelConfig is the Schema for the TunnelConfigs API. + description: TunnelConfig is the Schema for the TunnelConfigs API. Provides + a Cloudflare Tunnel configuration resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,152 +153,160 @@ spec: type: object type: object config: - description: Configuration block for Tunnel Configuration. + description: |- + (Block List, Min: 1, Max: 1) Configuration block for Tunnel Configuration. (see below for nested schema) + Configuration block for Tunnel Configuration. items: properties: ingressRule: - description: Each incoming request received by cloudflared - causes cloudflared to send a request to a local service. - This section configures the rules that determine which - requests are sent to which local services. [Read more](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/local-management/ingress/). + description: |- + (Block List, Min: 1) Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more. (see below for nested schema) + Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. [Read more](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/local-management/ingress/). items: properties: hostname: - description: Hostname to match the incoming request - with. If the hostname matches, the request will - be sent to the service. + description: |- + (String) Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. + Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. type: string path: - description: Path of the incoming request. If the - path matches, the request will be sent to the local - service. + description: |- + (String) Path of the incoming request. If the path matches, the request will be sent to the local service. + Path of the incoming request. If the path matches, the request will be sent to the local service. type: string service: - description: Name of the service to which the request - will be sent. + description: |- + (String) Name of the service to which the request will be sent. + Name of the service to which the request will be sent. type: string - required: - - service type: object type: array originRequest: + description: '(Block List, Max: 1) (see below for nested + schema)' items: properties: bastionMode: - description: Runs as jump host. + description: |- + (Boolean) Runs as jump host. + Runs as jump host. type: boolean caPool: - description: Path to the certificate authority (CA) - for the certificate of your origin. This option - should be used only if your certificate is not signed - by Cloudflare. Defaults to `""`. + description: |- + (String) Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to "". + Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to `""`. type: string connectTimeout: - description: Timeout for establishing a new TCP connection - to your origin server. This excludes the time taken - to establish TLS, which is controlled by `tlsTimeout`. - Defaults to `30s`. + description: |- + (String) Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout. Defaults to 30s. + Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by `tlsTimeout`. Defaults to `30s`. type: string disableChunkedEncoding: - description: Disables chunked transfer encoding. Useful - if you are running a Web Server Gateway Interface - (WSGI) server. Defaults to `false`. + description: |- + (Boolean) Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to false. + Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to `false`. type: boolean httpHostHeader: - description: Sets the HTTP Host header on requests - sent to the local service. Defaults to `""`. + description: |- + (String) Sets the HTTP Host header on requests sent to the local service. Defaults to "". + Sets the HTTP Host header on requests sent to the local service. Defaults to `""`. type: string ipRules: - description: IP rules for the proxy service. + description: |- + (Block Set) IP rules for the proxy service. (see below for nested schema) + IP rules for the proxy service. items: properties: allow: - description: Whether to allow the IP prefix. + description: |- + (Boolean) Whether to allow the IP prefix. + Whether to allow the IP prefix. type: boolean ports: - description: Ports to use within the IP rule. + description: |- + (List of Number) Ports to use within the IP rule. + Ports to use within the IP rule. items: type: number type: array prefix: - description: IP rule prefix. + description: |- + (String) IP rule prefix. + IP rule prefix. type: string type: object type: array keepAliveConnections: - description: Maximum number of idle keepalive connections - between Tunnel and your origin. This does not restrict - the total number of concurrent connections. Defaults - to `100`. + description: |- + (Number) Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to 100. + Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to `100`. type: number keepAliveTimeout: - description: Timeout after which an idle keepalive - connection can be discarded. Defaults to `1m30s`. + description: |- + (String) Timeout after which an idle keepalive connection can be discarded. Defaults to 1m30s. + Timeout after which an idle keepalive connection can be discarded. Defaults to `1m30s`. type: string noHappyEyeballs: - description: Disable the “happy eyeballs” algorithm - for IPv4/IPv6 fallback if your local network has - misconfigured one of the protocols. Defaults to - `false`. + description: |- + (Boolean) Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to false. + Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to `false`. type: boolean noTlsVerify: - description: Disables TLS verification of the certificate - presented by your origin. Will allow any certificate - from the origin to be accepted. Defaults to `false`. + description: |- + (Boolean) Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to false. + Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to `false`. type: boolean originServerName: - description: Hostname that cloudflared should expect - from your origin server certificate. Defaults to - `""`. + description: |- + (String) Hostname that cloudflared should expect from your origin server certificate. Defaults to "". + Hostname that cloudflared should expect from your origin server certificate. Defaults to `""`. type: string proxyAddress: - description: cloudflared starts a proxy server to - translate HTTP traffic into TCP when proxying, for - example, SSH or RDP. This configures the listen - address for that proxy. Defaults to `127.0.0.1`. + description: |- + (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to 127.0.0.1. + cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to `127.0.0.1`. type: string proxyPort: - description: cloudflared starts a proxy server to - translate HTTP traffic into TCP when proxying, for - example, SSH or RDP. This configures the listen - port for that proxy. If set to zero, an unused port - will randomly be chosen. Defaults to `0`. + description: |- + (Number) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to 0. + cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to `0`. type: number proxyType: - description: 'cloudflared starts a proxy server to - translate HTTP traffic into TCP when proxying, for - example, SSH or RDP. This configures what type of - proxy will be started. Available values: “, `socks`. - Defaults to `""`.' + description: |- + (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: “, socks. Defaults to "". + cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: “, `socks`. Defaults to `""`. type: string tcpKeepAlive: - description: The timeout after which a TCP keepalive - packet is sent on a connection between Tunnel and - the origin server. Defaults to `30s`. + description: |- + (String) The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to 30s. + The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to `30s`. type: string tlsTimeout: - description: Timeout for completing a TLS handshake - to your origin server, if you have chosen to connect - Tunnel to an HTTPS server. Defaults to `10s`. + description: |- + (String) Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to 10s. + Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to `10s`. type: string type: object type: array warpRouting: - description: If you're exposing a [private network](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/), - you need to add the `warp-routing` key and set it to `true`. + description: |- + routing key and set it to true. (see below for nested schema) + If you're exposing a [private network](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/), you need to add the `warp-routing` key and set it to `true`. items: properties: enabled: - description: Whether WARP routing is enabled. + description: |- + (Boolean) Whether WARP routing is enabled. + Whether WARP routing is enabled. type: boolean type: object type: array - required: - - ingressRule type: object type: array tunnelId: - description: Identifier of the Tunnel to target for this configuration. + description: |- + (String) Identifier of the Tunnel to target for this configuration. + Identifier of the Tunnel to target for this configuration. type: string tunnelIdRef: description: Reference to a Tunnel to populate tunnelId. @@ -298,21 +319,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -325,8 +346,9 @@ spec: description: Selector for a Tunnel to populate tunnelId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -339,72 +361,385 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - config type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + config: + description: |- + (Block List, Min: 1, Max: 1) Configuration block for Tunnel Configuration. (see below for nested schema) + Configuration block for Tunnel Configuration. + items: + properties: + ingressRule: + description: |- + (Block List, Min: 1) Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more. (see below for nested schema) + Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. [Read more](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/local-management/ingress/). + items: + properties: + hostname: + description: |- + (String) Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. + Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. + type: string + path: + description: |- + (String) Path of the incoming request. If the path matches, the request will be sent to the local service. + Path of the incoming request. If the path matches, the request will be sent to the local service. + type: string + service: + description: |- + (String) Name of the service to which the request will be sent. + Name of the service to which the request will be sent. + type: string + type: object + type: array + originRequest: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + bastionMode: + description: |- + (Boolean) Runs as jump host. + Runs as jump host. + type: boolean + caPool: + description: |- + (String) Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to "". + Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to `""`. + type: string + connectTimeout: + description: |- + (String) Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout. Defaults to 30s. + Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by `tlsTimeout`. Defaults to `30s`. + type: string + disableChunkedEncoding: + description: |- + (Boolean) Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to false. + Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to `false`. + type: boolean + httpHostHeader: + description: |- + (String) Sets the HTTP Host header on requests sent to the local service. Defaults to "". + Sets the HTTP Host header on requests sent to the local service. Defaults to `""`. + type: string + ipRules: + description: |- + (Block Set) IP rules for the proxy service. (see below for nested schema) + IP rules for the proxy service. + items: + properties: + allow: + description: |- + (Boolean) Whether to allow the IP prefix. + Whether to allow the IP prefix. + type: boolean + ports: + description: |- + (List of Number) Ports to use within the IP rule. + Ports to use within the IP rule. + items: + type: number + type: array + prefix: + description: |- + (String) IP rule prefix. + IP rule prefix. + type: string + type: object + type: array + keepAliveConnections: + description: |- + (Number) Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to 100. + Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to `100`. + type: number + keepAliveTimeout: + description: |- + (String) Timeout after which an idle keepalive connection can be discarded. Defaults to 1m30s. + Timeout after which an idle keepalive connection can be discarded. Defaults to `1m30s`. + type: string + noHappyEyeballs: + description: |- + (Boolean) Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to false. + Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to `false`. + type: boolean + noTlsVerify: + description: |- + (Boolean) Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to false. + Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to `false`. + type: boolean + originServerName: + description: |- + (String) Hostname that cloudflared should expect from your origin server certificate. Defaults to "". + Hostname that cloudflared should expect from your origin server certificate. Defaults to `""`. + type: string + proxyAddress: + description: |- + (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to 127.0.0.1. + cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to `127.0.0.1`. + type: string + proxyPort: + description: |- + (Number) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to 0. + cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to `0`. + type: number + proxyType: + description: |- + (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: “, socks. Defaults to "". + cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: “, `socks`. Defaults to `""`. + type: string + tcpKeepAlive: + description: |- + (String) The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to 30s. + The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to `30s`. + type: string + tlsTimeout: + description: |- + (String) Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to 10s. + Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to `10s`. + type: string + type: object + type: array + warpRouting: + description: |- + routing key and set it to true. (see below for nested schema) + If you're exposing a [private network](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/), you need to add the `warp-routing` key and set it to `true`. + items: + properties: + enabled: + description: |- + (Boolean) Whether WARP routing is enabled. + Whether WARP routing is enabled. + type: boolean + type: object + type: array + type: object + type: array + tunnelId: + description: |- + (String) Identifier of the Tunnel to target for this configuration. + Identifier of the Tunnel to target for this configuration. + type: string + tunnelIdRef: + description: Reference to a Tunnel to populate tunnelId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + tunnelIdSelector: + description: Selector for a Tunnel to populate tunnelId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -414,21 +749,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -438,17 +773,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -458,21 +795,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -487,21 +824,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -512,14 +850,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -534,12 +873,179 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.config is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.config) + || (has(self.initProvider) && has(self.initProvider.config))' status: description: TunnelConfigStatus defines the observed state of TunnelConfig. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string + config: + description: |- + (Block List, Min: 1, Max: 1) Configuration block for Tunnel Configuration. (see below for nested schema) + Configuration block for Tunnel Configuration. + items: + properties: + ingressRule: + description: |- + (Block List, Min: 1) Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more. (see below for nested schema) + Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. [Read more](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/local-management/ingress/). + items: + properties: + hostname: + description: |- + (String) Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. + Hostname to match the incoming request with. If the hostname matches, the request will be sent to the service. + type: string + path: + description: |- + (String) Path of the incoming request. If the path matches, the request will be sent to the local service. + Path of the incoming request. If the path matches, the request will be sent to the local service. + type: string + service: + description: |- + (String) Name of the service to which the request will be sent. + Name of the service to which the request will be sent. + type: string + type: object + type: array + originRequest: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + bastionMode: + description: |- + (Boolean) Runs as jump host. + Runs as jump host. + type: boolean + caPool: + description: |- + (String) Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to "". + Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. Defaults to `""`. + type: string + connectTimeout: + description: |- + (String) Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout. Defaults to 30s. + Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by `tlsTimeout`. Defaults to `30s`. + type: string + disableChunkedEncoding: + description: |- + (Boolean) Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to false. + Disables chunked transfer encoding. Useful if you are running a Web Server Gateway Interface (WSGI) server. Defaults to `false`. + type: boolean + httpHostHeader: + description: |- + (String) Sets the HTTP Host header on requests sent to the local service. Defaults to "". + Sets the HTTP Host header on requests sent to the local service. Defaults to `""`. + type: string + ipRules: + description: |- + (Block Set) IP rules for the proxy service. (see below for nested schema) + IP rules for the proxy service. + items: + properties: + allow: + description: |- + (Boolean) Whether to allow the IP prefix. + Whether to allow the IP prefix. + type: boolean + ports: + description: |- + (List of Number) Ports to use within the IP rule. + Ports to use within the IP rule. + items: + type: number + type: array + prefix: + description: |- + (String) IP rule prefix. + IP rule prefix. + type: string + type: object + type: array + keepAliveConnections: + description: |- + (Number) Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to 100. + Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. Defaults to `100`. + type: number + keepAliveTimeout: + description: |- + (String) Timeout after which an idle keepalive connection can be discarded. Defaults to 1m30s. + Timeout after which an idle keepalive connection can be discarded. Defaults to `1m30s`. + type: string + noHappyEyeballs: + description: |- + (Boolean) Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to false. + Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. Defaults to `false`. + type: boolean + noTlsVerify: + description: |- + (Boolean) Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to false. + Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. Defaults to `false`. + type: boolean + originServerName: + description: |- + (String) Hostname that cloudflared should expect from your origin server certificate. Defaults to "". + Hostname that cloudflared should expect from your origin server certificate. Defaults to `""`. + type: string + proxyAddress: + description: |- + (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to 127.0.0.1. + cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy. Defaults to `127.0.0.1`. + type: string + proxyPort: + description: |- + (Number) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to 0. + cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen. Defaults to `0`. + type: number + proxyType: + description: |- + (String) cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: “, socks. Defaults to "". + cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Available values: “, `socks`. Defaults to `""`. + type: string + tcpKeepAlive: + description: |- + (String) The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to 30s. + The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. Defaults to `30s`. + type: string + tlsTimeout: + description: |- + (String) Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to 10s. + Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. Defaults to `10s`. + type: string + type: object + type: array + warpRouting: + description: |- + routing key and set it to true. (see below for nested schema) + If you're exposing a [private network](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/), you need to add the `warp-routing` key and set it to `true`. + items: + properties: + enabled: + description: |- + (Boolean) Whether WARP routing is enabled. + Whether WARP routing is enabled. + type: boolean + type: object + type: array + type: object + type: array id: + description: (String) The ID of this resource. + type: string + tunnelId: + description: |- + (String) Identifier of the Tunnel to target for this configuration. + Identifier of the Tunnel to target for this configuration. type: string type: object conditions: @@ -548,13 +1054,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -565,8 +1073,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -575,6 +1084,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -583,9 +1095,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/argo.cloudflare.upbound.io_tunnelroutes.yaml b/package/crds/argo.cloudflare.upbound.io_tunnelroutes.yaml index 17ccec6..b650a8d 100644 --- a/package/crds/argo.cloudflare.upbound.io_tunnelroutes.yaml +++ b/package/crds/argo.cloudflare.upbound.io_tunnelroutes.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: tunnelroutes.argo.cloudflare.upbound.io spec: group: argo.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: TunnelRoute is the Schema for the TunnelRoutes API. + description: TunnelRoute is the Schema for the TunnelRoutes API. Provides + a resource, that manages Cloudflare tunnel routes for Zero Trust. Tunnel + routes are used to direct IP traffic through Cloudflare Tunnels. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - **Modifying this attribute will force creation of a new resource.** + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,15 +154,19 @@ spec: type: object type: object comment: - description: Description of the tunnel route. + description: |- + (String) Description of the tunnel route. + Description of the tunnel route. type: string network: - description: The IPv4 or IPv6 network that should use this tunnel - route, in CIDR notation. + description: |- + (String) The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. + The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. type: string tunnelId: - description: The ID of the tunnel that will service the tunnel - route. + description: |- + (String) The ID of the tunnel that will service the tunnel route. + The ID of the tunnel that will service the tunnel route. type: string tunnelIdRef: description: Reference to a Tunnel to populate tunnelId. @@ -162,21 +179,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -189,8 +206,9 @@ spec: description: Selector for a Tunnel to populate tunnelId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -203,21 +221,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -225,10 +243,9 @@ spec: type: object type: object virtualNetworkId: - description: The ID of the virtual network for which this route - is being added; uses the default virtual network of the account - if none is provided. **Modifying this attribute will force creation - of a new resource.** + description: |- + (String) The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. Modifying this attribute will force creation of a new resource. + The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. **Modifying this attribute will force creation of a new resource.** type: string virtualNetworkIdRef: description: Reference to a TunnelVirtualNetwork to populate virtualNetworkId. @@ -241,21 +258,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -268,8 +285,9 @@ spec: description: Selector for a TunnelVirtualNetwork to populate virtualNetworkId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -282,72 +300,323 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - network type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + comment: + description: |- + (String) Description of the tunnel route. + Description of the tunnel route. + type: string + network: + description: |- + (String) The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. + The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. + type: string + tunnelId: + description: |- + (String) The ID of the tunnel that will service the tunnel route. + The ID of the tunnel that will service the tunnel route. + type: string + tunnelIdRef: + description: Reference to a Tunnel to populate tunnelId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + tunnelIdSelector: + description: Selector for a Tunnel to populate tunnelId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + virtualNetworkId: + description: |- + (String) The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. Modifying this attribute will force creation of a new resource. + The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. **Modifying this attribute will force creation of a new resource.** + type: string + virtualNetworkIdRef: + description: Reference to a TunnelVirtualNetwork to populate virtualNetworkId. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + virtualNetworkIdSelector: + description: Selector for a TunnelVirtualNetwork to populate virtualNetworkId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -357,21 +626,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -381,17 +650,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -401,21 +672,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -430,21 +701,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -455,14 +727,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -477,12 +750,43 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.network is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.network) + || (has(self.initProvider) && has(self.initProvider.network))' status: description: TunnelRouteStatus defines the observed state of TunnelRoute. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + comment: + description: |- + (String) Description of the tunnel route. + Description of the tunnel route. + type: string id: + description: (String) The ID of this resource. + type: string + network: + description: |- + (String) The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. + The IPv4 or IPv6 network that should use this tunnel route, in CIDR notation. + type: string + tunnelId: + description: |- + (String) The ID of the tunnel that will service the tunnel route. + The ID of the tunnel that will service the tunnel route. + type: string + virtualNetworkId: + description: |- + (String) The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. Modifying this attribute will force creation of a new resource. + The ID of the virtual network for which this route is being added; uses the default virtual network of the account if none is provided. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -491,13 +795,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -508,8 +814,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -518,6 +825,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -526,9 +836,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/argo.cloudflare.upbound.io_tunnels.yaml b/package/crds/argo.cloudflare.upbound.io_tunnels.yaml index d2f8a4a..ceff98e 100644 --- a/package/crds/argo.cloudflare.upbound.io_tunnels.yaml +++ b/package/crds/argo.cloudflare.upbound.io_tunnels.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: tunnels.argo.cloudflare.upbound.io spec: group: argo.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Tunnel is the Schema for the Tunnels API. + description: Tunnel is the Schema for the Tunnels API. Provides the ability + to manage Cloudflare Argo Tunnels. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - **Modifying this attribute will force creation of a new resource.** + description: |- + The Cloudflare account ID that you wish to manage the Argo Tunnel on. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,12 +153,14 @@ spec: type: object type: object name: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + A user-friendly name chosen when the tunnel is created. Cannot be empty. + **Modifying this attribute will force creation of a new resource.** type: string secretSecretRef: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + 32 or more bytes, encoded as a base64 string. The Create Argo Tunnel endpoint sets this as the tunnel's password. Anyone wishing to run the tunnel needs this password. + **Modifying this attribute will force creation of a new resource.** properties: key: description: The key to select. @@ -162,52 +176,139 @@ spec: - name - namespace type: object - required: - - name - - secretSecretRef type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The Cloudflare account ID that you wish to manage the Argo Tunnel on. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + name: + description: |- + A user-friendly name chosen when the tunnel is created. Cannot be empty. + **Modifying this attribute will force creation of a new resource.** + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -217,21 +318,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -241,17 +342,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -261,21 +364,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -290,21 +393,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -315,14 +419,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -337,16 +442,37 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.secretSecretRef is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.secretSecretRef)' status: description: TunnelStatus defines the observed state of Tunnel. properties: atProvider: properties: + accountId: + description: |- + The Cloudflare account ID that you wish to manage the Argo Tunnel on. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string cname: + description: Usable CNAME for accessing the Argo Tunnel. type: string id: type: string + name: + description: |- + A user-friendly name chosen when the tunnel is created. Cannot be empty. + **Modifying this attribute will force creation of a new resource.** + type: string tunnelToken: + description: Token used by a connector to authenticate and run + the tunnel. type: string type: object conditions: @@ -355,13 +481,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -372,8 +500,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -382,6 +511,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -390,9 +522,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/argo.cloudflare.upbound.io_tunnelvirtualnetworks.yaml b/package/crds/argo.cloudflare.upbound.io_tunnelvirtualnetworks.yaml index c8245c5..edd50a3 100644 --- a/package/crds/argo.cloudflare.upbound.io_tunnelvirtualnetworks.yaml +++ b/package/crds/argo.cloudflare.upbound.io_tunnelvirtualnetworks.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: tunnelvirtualnetworks.argo.cloudflare.upbound.io spec: group: argo.cloudflare.upbound.io @@ -36,17 +35,25 @@ spec: schema: openAPIV3Schema: description: TunnelVirtualNetwork is the Schema for the TunnelVirtualNetworks - API. + API. Provides a resource, that manages Cloudflare tunnel virtual networks + for Zero Trust. Tunnel virtual networks are used for segregation of Tunnel + IP Routes via Virtualized Networks to handle overlapping private IPs in + your origins. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +62,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,8 +77,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - **Modifying this attribute will force creation of a new resource.** + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -79,21 +92,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -106,8 +119,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -120,21 +134,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -142,63 +156,163 @@ spec: type: object type: object comment: - description: Description of the tunnel virtual network. + description: |- + (String) Description of the tunnel virtual network. + Description of the tunnel virtual network. type: string isDefaultNetwork: - description: Whether this virtual network is the default one for - the account. This means IP Routes belong to this virtual network - and Teams Clients in the account route through this virtual - network, unless specified otherwise for each case. + description: |- + (Boolean) Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. + Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. type: boolean name: - description: A user-friendly name chosen when the virtual network - is created. + description: |- + friendly name chosen when the virtual network is created. + A user-friendly name chosen when the virtual network is created. type: string - required: - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + comment: + description: |- + (String) Description of the tunnel virtual network. + Description of the tunnel virtual network. + type: string + isDefaultNetwork: + description: |- + (Boolean) Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. + Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. + type: boolean + name: + description: |- + friendly name chosen when the virtual network is created. + A user-friendly name chosen when the virtual network is created. + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -208,21 +322,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -232,17 +346,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -252,21 +368,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -281,21 +397,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -306,14 +423,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -328,13 +446,39 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: TunnelVirtualNetworkStatus defines the observed state of TunnelVirtualNetwork. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + comment: + description: |- + (String) Description of the tunnel virtual network. + Description of the tunnel virtual network. + type: string id: + description: (String) The ID of this resource. + type: string + isDefaultNetwork: + description: |- + (Boolean) Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. + Whether this virtual network is the default one for the account. This means IP Routes belong to this virtual network and Teams Clients in the account route through this virtual network, unless specified otherwise for each case. + type: boolean + name: + description: |- + friendly name chosen when the virtual network is created. + A user-friendly name chosen when the virtual network is created. type: string type: object conditions: @@ -343,13 +487,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -360,8 +506,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -370,6 +517,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -378,9 +528,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/authenticatedoriginpulls.cloudflare.upbound.io_authenticatedoriginspulls.yaml b/package/crds/authenticatedoriginpulls.cloudflare.upbound.io_authenticatedoriginspulls.yaml index 0327854..d016f2b 100644 --- a/package/crds/authenticatedoriginpulls.cloudflare.upbound.io_authenticatedoriginspulls.yaml +++ b/package/crds/authenticatedoriginpulls.cloudflare.upbound.io_authenticatedoriginspulls.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: authenticatedoriginspulls.authenticatedoriginpulls.cloudflare.upbound.io spec: group: authenticatedoriginpulls.cloudflare.upbound.io @@ -36,17 +35,22 @@ spec: schema: openAPIV3Schema: description: AuthenticatedOriginsPulls is the Schema for the AuthenticatedOriginsPullss - API. + API. Provides a Cloudflare Authenticated Origin Pulls resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -56,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -66,6 +75,9 @@ spec: forProvider: properties: authenticatedOriginPullsCertificate: + description: The id of an uploaded Authenticated Origin Pulls + certificate. If no hostname is provided, this certificate will + be used zone wide as Per-Zone Authenticated Origin Pulls. type: string authenticatedOriginPullsCertificateRef: description: Reference to a Certificate to populate authenticatedOriginPullsCertificate. @@ -78,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +117,9 @@ spec: description: Selector for a Certificate to populate authenticatedOriginPullsCertificate. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,12 +154,17 @@ spec: type: object type: object enabled: + description: Whether or not to enable Authenticated Origin Pulls + on the given zone or hostname. type: boolean hostname: + description: Specify a hostname to enable Per-Hostname Authenticated + Origin Pulls on, using the provided certificate. type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + The zone ID to upload the certificate to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -159,21 +177,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -186,8 +204,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -200,72 +219,242 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - enabled type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + authenticatedOriginPullsCertificate: + description: The id of an uploaded Authenticated Origin Pulls + certificate. If no hostname is provided, this certificate will + be used zone wide as Per-Zone Authenticated Origin Pulls. type: string - policy: - description: Policies for referencing. + authenticatedOriginPullsCertificateRef: + description: Reference to a Certificate to populate authenticatedOriginPullsCertificate. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + authenticatedOriginPullsCertificateSelector: + description: Selector for a Certificate to populate authenticatedOriginPullsCertificate. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + enabled: + description: Whether or not to enable Authenticated Origin Pulls + on the given zone or hostname. + type: boolean + hostname: + description: Specify a hostname to enable Per-Hostname Authenticated + Origin Pulls on, using the provided certificate. + type: string + zoneId: + description: |- + The zone ID to upload the certificate to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -275,21 +464,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -299,17 +488,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -319,21 +510,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -348,21 +539,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -373,14 +565,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -395,14 +588,37 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.enabled is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.enabled) + || (has(self.initProvider) && has(self.initProvider.enabled))' status: description: AuthenticatedOriginsPullsStatus defines the observed state of AuthenticatedOriginsPulls. properties: atProvider: properties: + authenticatedOriginPullsCertificate: + description: The id of an uploaded Authenticated Origin Pulls + certificate. If no hostname is provided, this certificate will + be used zone wide as Per-Zone Authenticated Origin Pulls. + type: string + enabled: + description: Whether or not to enable Authenticated Origin Pulls + on the given zone or hostname. + type: boolean + hostname: + description: Specify a hostname to enable Per-Hostname Authenticated + Origin Pulls on, using the provided certificate. + type: string id: type: string + zoneId: + description: |- + The zone ID to upload the certificate to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string type: object conditions: description: Conditions of the resource. @@ -410,13 +626,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -427,8 +645,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -437,6 +656,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -445,9 +667,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/authenticatedoriginpulls.cloudflare.upbound.io_certificates.yaml b/package/crds/authenticatedoriginpulls.cloudflare.upbound.io_certificates.yaml index 0372050..2710f5e 100644 --- a/package/crds/authenticatedoriginpulls.cloudflare.upbound.io_certificates.yaml +++ b/package/crds/authenticatedoriginpulls.cloudflare.upbound.io_certificates.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: certificates.authenticatedoriginpulls.cloudflare.upbound.io spec: group: authenticatedoriginpulls.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Certificate is the Schema for the Certificates API. + description: Certificate is the Schema for the Certificates API. Provides + a Cloudflare Authenticated Origin Pulls certificate resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,12 +74,14 @@ spec: forProvider: properties: certificate: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + The public client certificate. + **Modifying this attribute will force creation of a new resource.** type: string privateKeySecretRef: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + The private key of the client certificate. + **Modifying this attribute will force creation of a new resource.** properties: key: description: The key to select. @@ -86,12 +98,14 @@ spec: - namespace type: object type: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + The form of Authenticated Origin Pulls to upload the certificate to. + **Modifying this attribute will force creation of a new resource.** type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + The zone ID to upload the certificate to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -104,21 +118,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -131,8 +145,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -145,74 +160,165 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - certificate - - privateKeySecretRef - - type type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + certificate: + description: |- + The public client certificate. + **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + type: + description: |- + The form of Authenticated Origin Pulls to upload the certificate to. + **Modifying this attribute will force creation of a new resource.** + type: string + zoneId: + description: |- + The zone ID to upload the certificate to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -222,21 +328,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -246,17 +352,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -266,21 +374,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -295,21 +403,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -320,14 +429,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -342,11 +452,28 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.certificate is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.certificate) + || (has(self.initProvider) && has(self.initProvider.certificate))' + - message: spec.forProvider.privateKeySecretRef is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.privateKeySecretRef)' + - message: spec.forProvider.type is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.type) + || (has(self.initProvider) && has(self.initProvider.type))' status: description: CertificateStatus defines the observed state of Certificate. properties: atProvider: properties: + certificate: + description: |- + The public client certificate. + **Modifying this attribute will force creation of a new resource.** + type: string expiresOn: description: '**Modifying this attribute will force creation of a new resource.**' @@ -369,10 +496,20 @@ spec: description: '**Modifying this attribute will force creation of a new resource.**' type: string + type: + description: |- + The form of Authenticated Origin Pulls to upload the certificate to. + **Modifying this attribute will force creation of a new resource.** + type: string uploadedOn: description: '**Modifying this attribute will force creation of a new resource.**' type: string + zoneId: + description: |- + The zone ID to upload the certificate to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string type: object conditions: description: Conditions of the resource. @@ -380,13 +517,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -397,8 +536,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -407,6 +547,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -415,9 +558,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/byoip.cloudflare.upbound.io_ipprefixes.yaml b/package/crds/byoip.cloudflare.upbound.io_ipprefixes.yaml index a12685d..d592283 100644 --- a/package/crds/byoip.cloudflare.upbound.io_ipprefixes.yaml +++ b/package/crds/byoip.cloudflare.upbound.io_ipprefixes.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: ipprefixes.byoip.cloudflare.upbound.io spec: group: byoip.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: IPPrefix is the Schema for the IPPrefixs API. + description: IPPrefix is the Schema for the IPPrefixs API. Provides the ability + to manage Bring-Your-Own-IP prefixes (BYOIP) which are used with or without + Magic Transit. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,63 +154,163 @@ spec: type: object type: object advertisement: - description: 'Whether or not the prefix shall be announced. A - prefix can be activated or deactivated once every 15 minutes - (attempting more regular updates will trigger rate limiting). - Available values: `on`, `off`.' + description: |- + (String) Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: on, off. + Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: `on`, `off`. type: string description: - description: Description of the BYO IP prefix. + description: |- + (String) Description of the BYO IP prefix. + Description of the BYO IP prefix. type: string prefixId: - description: The assigned Bring-Your-Own-IP prefix ID. **Modifying - this attribute will force creation of a new resource.** + description: |- + Your-Own-IP prefix ID. Modifying this attribute will force creation of a new resource. + The assigned Bring-Your-Own-IP prefix ID. **Modifying this attribute will force creation of a new resource.** type: string - required: - - prefixId type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + advertisement: + description: |- + (String) Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: on, off. + Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: `on`, `off`. + type: string + description: + description: |- + (String) Description of the BYO IP prefix. + Description of the BYO IP prefix. + type: string + prefixId: + description: |- + Your-Own-IP prefix ID. Modifying this attribute will force creation of a new resource. + The assigned Bring-Your-Own-IP prefix ID. **Modifying this attribute will force creation of a new resource.** + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -206,21 +320,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -230,17 +344,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -250,21 +366,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -279,21 +395,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -304,14 +421,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -326,12 +444,38 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.prefixId is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.prefixId) + || (has(self.initProvider) && has(self.initProvider.prefixId))' status: description: IPPrefixStatus defines the observed state of IPPrefix. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string + advertisement: + description: |- + (String) Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: on, off. + Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Available values: `on`, `off`. + type: string + description: + description: |- + (String) Description of the BYO IP prefix. + Description of the BYO IP prefix. + type: string id: + description: (String) The ID of this resource. + type: string + prefixId: + description: |- + Your-Own-IP prefix ID. Modifying this attribute will force creation of a new resource. + The assigned Bring-Your-Own-IP prefix ID. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -340,13 +484,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -357,8 +503,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -367,6 +514,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -375,9 +525,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/certificate.cloudflare.upbound.io_packs.yaml b/package/crds/certificate.cloudflare.upbound.io_packs.yaml index 9464ba7..23d5ac7 100644 --- a/package/crds/certificate.cloudflare.upbound.io_packs.yaml +++ b/package/crds/certificate.cloudflare.upbound.io_packs.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: packs.certificate.cloudflare.upbound.io spec: group: certificate.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Pack is the Schema for the Packs API. + description: Pack is the Schema for the Packs API. Provides a Cloudflare Certificate + Pack resource that is used to provision managed TLS certificates. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,74 +74,81 @@ spec: forProvider: properties: certificateAuthority: - description: 'Which certificate authority to issue the certificate - pack. Available values: `digicert`, `lets_encrypt`, `google`. - **Modifying this attribute will force creation of a new resource.**' + description: |- + (String) Which certificate authority to issue the certificate pack. Available values: digicert, lets_encrypt, google. Modifying this attribute will force creation of a new resource. + Which certificate authority to issue the certificate pack. Available values: `digicert`, `lets_encrypt`, `google`. **Modifying this attribute will force creation of a new resource.** type: string cloudflareBranding: - description: Whether or not to include Cloudflare branding. This - will add `sni.cloudflaressl.com` as the Common Name if set to - `true`. **Modifying this attribute will force creation of a - new resource.** + description: |- + (Boolean) Whether or not to include Cloudflare branding. This will add sni.cloudflaressl.com as the Common Name if set to true. Modifying this attribute will force creation of a new resource. + Whether or not to include Cloudflare branding. This will add `sni.cloudflaressl.com` as the Common Name if set to `true`. **Modifying this attribute will force creation of a new resource.** type: boolean hosts: - description: 'List of hostnames to provision the certificate pack - for. The zone name must be included as a host. Note: If using - Let''s Encrypt, you cannot use individual subdomains and only - a wildcard for subdomain is available. **Modifying this attribute - will force creation of a new resource.**' + description: |- + (Set of String) List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let's Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. Modifying this attribute will force creation of a new resource. + List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let's Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. **Modifying this attribute will force creation of a new resource.** items: type: string type: array + x-kubernetes-list-type: set type: - description: 'Certificate pack configuration type. Available values: - `advanced`. **Modifying this attribute will force creation of - a new resource.**' + description: |- + (String) Certificate pack configuration type. Available values: advanced. Modifying this attribute will force creation of a new resource. + Certificate pack configuration type. Available values: `advanced`. **Modifying this attribute will force creation of a new resource.** type: string validationErrors: + description: (Block List) (see below for nested schema) items: type: object type: array validationMethod: - description: 'Which validation method to use in order to prove - domain ownership. Available values: `txt`, `http`, `email`. - **Modifying this attribute will force creation of a new resource.**' + description: |- + (String) Which validation method to use in order to prove domain ownership. Available values: txt, http, email. Modifying this attribute will force creation of a new resource. + Which validation method to use in order to prove domain ownership. Available values: `txt`, `http`, `email`. **Modifying this attribute will force creation of a new resource.** type: string validationRecords: + description: (Block List) (see below for nested schema) items: properties: cnameName: + description: (String) type: string cnameTarget: + description: (String) type: string emails: + description: (List of String) items: type: string type: array httpBody: + description: (String) type: string httpUrl: + description: (String) type: string txtName: + description: (String) type: string txtValue: + description: (String) type: string type: object type: array validityDays: - description: 'How long the certificate is valid for. Note: If - using Let''s Encrypt, this value can only be 90 days. Available - values: `14`, `30`, `90`, `365`. **Modifying this attribute - will force creation of a new resource.**' + description: |- + (Number) How long the certificate is valid for. Note: If using Let's Encrypt, this value can only be 90 days. Available values: 14, 30, 90, 365. Modifying this attribute will force creation of a new resource. + How long the certificate is valid for. Note: If using Let's Encrypt, this value can only be 90 days. Available values: `14`, `30`, `90`, `365`. **Modifying this attribute will force creation of a new resource.** type: number waitForActiveStatus: - description: Whether or not to wait for a certificate pack to - reach status `active` during creation. Defaults to `false`. - **Modifying this attribute will force creation of a new resource.** + description: |- + (Boolean) Whether or not to wait for a certificate pack to reach status active during creation. Defaults to false. Modifying this attribute will force creation of a new resource. + Whether or not to wait for a certificate pack to reach status `active` during creation. Defaults to `false`. **Modifying this attribute will force creation of a new resource.** type: boolean zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -144,21 +161,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -171,8 +188,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -185,76 +203,227 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - certificateAuthority - - hosts - - type - - validationMethod - - validityDays type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + certificateAuthority: + description: |- + (String) Which certificate authority to issue the certificate pack. Available values: digicert, lets_encrypt, google. Modifying this attribute will force creation of a new resource. + Which certificate authority to issue the certificate pack. Available values: `digicert`, `lets_encrypt`, `google`. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + cloudflareBranding: + description: |- + (Boolean) Whether or not to include Cloudflare branding. This will add sni.cloudflaressl.com as the Common Name if set to true. Modifying this attribute will force creation of a new resource. + Whether or not to include Cloudflare branding. This will add `sni.cloudflaressl.com` as the Common Name if set to `true`. **Modifying this attribute will force creation of a new resource.** + type: boolean + hosts: + description: |- + (Set of String) List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let's Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. Modifying this attribute will force creation of a new resource. + List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let's Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. **Modifying this attribute will force creation of a new resource.** + items: + type: string + type: array + x-kubernetes-list-type: set + type: + description: |- + (String) Certificate pack configuration type. Available values: advanced. Modifying this attribute will force creation of a new resource. + Certificate pack configuration type. Available values: `advanced`. **Modifying this attribute will force creation of a new resource.** + type: string + validationErrors: + description: (Block List) (see below for nested schema) + items: + type: object + type: array + validationMethod: + description: |- + (String) Which validation method to use in order to prove domain ownership. Available values: txt, http, email. Modifying this attribute will force creation of a new resource. + Which validation method to use in order to prove domain ownership. Available values: `txt`, `http`, `email`. **Modifying this attribute will force creation of a new resource.** + type: string + validationRecords: + description: (Block List) (see below for nested schema) + items: + properties: + cnameName: + description: (String) + type: string + cnameTarget: + description: (String) + type: string + emails: + description: (List of String) + items: + type: string + type: array + httpBody: + description: (String) + type: string + httpUrl: + description: (String) + type: string + txtName: + description: (String) + type: string + txtValue: + description: (String) + type: string + type: object + type: array + validityDays: + description: |- + (Number) How long the certificate is valid for. Note: If using Let's Encrypt, this value can only be 90 days. Available values: 14, 30, 90, 365. Modifying this attribute will force creation of a new resource. + How long the certificate is valid for. Note: If using Let's Encrypt, this value can only be 90 days. Available values: `14`, `30`, `90`, `365`. **Modifying this attribute will force creation of a new resource.** + type: number + waitForActiveStatus: + description: |- + (Boolean) Whether or not to wait for a certificate pack to reach status active during creation. Defaults to false. Modifying this attribute will force creation of a new resource. + Whether or not to wait for a certificate pack to reach status `active` during creation. Defaults to `false`. **Modifying this attribute will force creation of a new resource.** + type: boolean + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -264,21 +433,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -288,17 +457,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -308,21 +479,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -337,21 +508,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -362,14 +534,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -384,20 +557,116 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.certificateAuthority is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.certificateAuthority) + || (has(self.initProvider) && has(self.initProvider.certificateAuthority))' + - message: spec.forProvider.hosts is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.hosts) + || (has(self.initProvider) && has(self.initProvider.hosts))' + - message: spec.forProvider.type is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.type) + || (has(self.initProvider) && has(self.initProvider.type))' + - message: spec.forProvider.validationMethod is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.validationMethod) + || (has(self.initProvider) && has(self.initProvider.validationMethod))' + - message: spec.forProvider.validityDays is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.validityDays) + || (has(self.initProvider) && has(self.initProvider.validityDays))' status: description: PackStatus defines the observed state of Pack. properties: atProvider: properties: + certificateAuthority: + description: |- + (String) Which certificate authority to issue the certificate pack. Available values: digicert, lets_encrypt, google. Modifying this attribute will force creation of a new resource. + Which certificate authority to issue the certificate pack. Available values: `digicert`, `lets_encrypt`, `google`. **Modifying this attribute will force creation of a new resource.** + type: string + cloudflareBranding: + description: |- + (Boolean) Whether or not to include Cloudflare branding. This will add sni.cloudflaressl.com as the Common Name if set to true. Modifying this attribute will force creation of a new resource. + Whether or not to include Cloudflare branding. This will add `sni.cloudflaressl.com` as the Common Name if set to `true`. **Modifying this attribute will force creation of a new resource.** + type: boolean + hosts: + description: |- + (Set of String) List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let's Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. Modifying this attribute will force creation of a new resource. + List of hostnames to provision the certificate pack for. The zone name must be included as a host. Note: If using Let's Encrypt, you cannot use individual subdomains and only a wildcard for subdomain is available. **Modifying this attribute will force creation of a new resource.** + items: + type: string + type: array + x-kubernetes-list-type: set id: + description: (String) The ID of this resource. + type: string + type: + description: |- + (String) Certificate pack configuration type. Available values: advanced. Modifying this attribute will force creation of a new resource. + Certificate pack configuration type. Available values: `advanced`. **Modifying this attribute will force creation of a new resource.** type: string validationErrors: + description: (Block List) (see below for nested schema) items: properties: message: + description: (String) type: string type: object type: array + validationMethod: + description: |- + (String) Which validation method to use in order to prove domain ownership. Available values: txt, http, email. Modifying this attribute will force creation of a new resource. + Which validation method to use in order to prove domain ownership. Available values: `txt`, `http`, `email`. **Modifying this attribute will force creation of a new resource.** + type: string + validationRecords: + description: (Block List) (see below for nested schema) + items: + properties: + cnameName: + description: (String) + type: string + cnameTarget: + description: (String) + type: string + emails: + description: (List of String) + items: + type: string + type: array + httpBody: + description: (String) + type: string + httpUrl: + description: (String) + type: string + txtName: + description: (String) + type: string + txtValue: + description: (String) + type: string + type: object + type: array + validityDays: + description: |- + (Number) How long the certificate is valid for. Note: If using Let's Encrypt, this value can only be 90 days. Available values: 14, 30, 90, 365. Modifying this attribute will force creation of a new resource. + How long the certificate is valid for. Note: If using Let's Encrypt, this value can only be 90 days. Available values: `14`, `30`, `90`, `365`. **Modifying this attribute will force creation of a new resource.** + type: number + waitForActiveStatus: + description: |- + (Boolean) Whether or not to wait for a certificate pack to reach status active during creation. Defaults to false. Modifying this attribute will force creation of a new resource. + Whether or not to wait for a certificate pack to reach status `active` during creation. Defaults to `false`. **Modifying this attribute will force creation of a new resource.** + type: boolean + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string type: object conditions: description: Conditions of the resource. @@ -405,13 +674,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -422,8 +693,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -432,6 +704,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -440,9 +715,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/cloudflare.upbound.io_providerconfigs.yaml b/package/crds/cloudflare.upbound.io_providerconfigs.yaml index 41e672e..564c75d 100644 --- a/package/crds/cloudflare.upbound.io_providerconfigs.yaml +++ b/package/crds/cloudflare.upbound.io_providerconfigs.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: providerconfigs.cloudflare.upbound.io spec: group: cloudflare.upbound.io @@ -33,14 +32,19 @@ spec: description: A ProviderConfig configures a Cloudflare provider. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -51,8 +55,9 @@ spec: description: Credentials required to authenticate to this provider. properties: env: - description: Env is a reference to an environment variable that - contains credentials that must be used to connect to the provider. + description: |- + Env is a reference to an environment variable that contains credentials + that must be used to connect to the provider. properties: name: description: Name is the name of an environment variable. @@ -61,8 +66,9 @@ spec: - name type: object fs: - description: Fs is a reference to a filesystem location that contains - credentials that must be used to connect to the provider. + description: |- + Fs is a reference to a filesystem location that contains credentials that + must be used to connect to the provider. properties: path: description: Path is a filesystem path. @@ -71,8 +77,9 @@ spec: - path type: object secretRef: - description: A SecretRef is a reference to a secret key that contains - the credentials that must be used to connect to the provider. + description: |- + A SecretRef is a reference to a secret key that contains the credentials + that must be used to connect to the provider. properties: key: description: The key to select. @@ -112,13 +119,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -129,8 +138,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -139,6 +149,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map users: description: Users of this provider configuration. format: int64 @@ -151,9 +164,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/cloudflare.upbound.io_providerconfigusages.yaml b/package/crds/cloudflare.upbound.io_providerconfigusages.yaml index 306e344..df00ef8 100644 --- a/package/crds/cloudflare.upbound.io_providerconfigusages.yaml +++ b/package/crds/cloudflare.upbound.io_providerconfigusages.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: providerconfigusages.cloudflare.upbound.io spec: group: cloudflare.upbound.io @@ -38,14 +37,19 @@ spec: description: A ProviderConfigUsage indicates that a resource is using a ProviderConfig. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -60,19 +64,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this reference - is required. The default is 'Required', which means the reconcile - will fail if the reference cannot be resolved. 'Optional' means - this reference will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should be resolved. - The default is 'IfNotPresent', which will attempt to resolve - the reference only when the corresponding field is not present. - Use 'Always' to resolve the reference on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -109,9 +115,3 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/cloudflare.upbound.io_storeconfigs.yaml b/package/crds/cloudflare.upbound.io_storeconfigs.yaml index 71aa175..cd771a4 100644 --- a/package/crds/cloudflare.upbound.io_storeconfigs.yaml +++ b/package/crds/cloudflare.upbound.io_storeconfigs.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: storeconfigs.cloudflare.upbound.io spec: group: cloudflare.upbound.io @@ -36,14 +35,19 @@ spec: details. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -51,24 +55,26 @@ spec: description: A StoreConfigSpec defines the desired state of a ProviderConfig. properties: defaultScope: - description: DefaultScope used for scoping secrets for "cluster-scoped" - resources. If store type is "Kubernetes", this would mean the default - namespace to store connection secrets for cluster scoped resources. + description: |- + DefaultScope used for scoping secrets for "cluster-scoped" resources. + If store type is "Kubernetes", this would mean the default namespace to + store connection secrets for cluster scoped resources. In case of "Vault", this would be used as the default parent path. Typically, should be set as Crossplane installation namespace. type: string kubernetes: - description: Kubernetes configures a Kubernetes secret store. If the - "type" is "Kubernetes" but no config provided, in cluster config + description: |- + Kubernetes configures a Kubernetes secret store. + If the "type" is "Kubernetes" but no config provided, in cluster config will be used. properties: auth: description: Credentials used to connect to the Kubernetes API. properties: env: - description: Env is a reference to an environment variable - that contains credentials that must be used to connect to - the provider. + description: |- + Env is a reference to an environment variable that contains credentials + that must be used to connect to the provider. properties: name: description: Name is the name of an environment variable. @@ -77,9 +83,9 @@ spec: - name type: object fs: - description: Fs is a reference to a filesystem location that - contains credentials that must be used to connect to the - provider. + description: |- + Fs is a reference to a filesystem location that contains credentials that + must be used to connect to the provider. properties: path: description: Path is a filesystem path. @@ -88,9 +94,9 @@ spec: - path type: object secretRef: - description: A SecretRef is a reference to a secret key that - contains the credentials that must be used to connect to - the provider. + description: |- + A SecretRef is a reference to a secret key that contains the credentials + that must be used to connect to the provider. properties: key: description: The key to select. @@ -120,149 +126,41 @@ spec: required: - auth type: object - type: - default: Kubernetes - description: Type configures which secret store to be used. Only the - configuration block for this store will be used and others will - be ignored if provided. Default is Kubernetes. - type: string - vault: - description: Vault configures a Vault secret store. + plugin: + description: Plugin configures External secret store as a plugin. properties: - auth: - description: Auth configures an authentication method for Vault. + configRef: + description: ConfigRef contains store config reference info. properties: - method: - description: Method configures which auth method will be used. + apiVersion: + description: APIVersion of the referenced config. type: string - token: - description: Token configures Token Auth for Vault. - properties: - env: - description: Env is a reference to an environment variable - that contains credentials that must be used to connect - to the provider. - properties: - name: - description: Name is the name of an environment variable. - type: string - required: - - name - type: object - fs: - description: Fs is a reference to a filesystem location - that contains credentials that must be used to connect - to the provider. - properties: - path: - description: Path is a filesystem path. - type: string - required: - - path - type: object - secretRef: - description: A SecretRef is a reference to a secret key - that contains the credentials that must be used to connect - to the provider. - properties: - key: - description: The key to select. - type: string - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - key - - name - - namespace - type: object - source: - description: Source of the credentials. - enum: - - None - - Secret - - Environment - - Filesystem - type: string - required: - - source - type: object - required: - - method - type: object - caBundle: - description: CABundle configures CA bundle for Vault Server. - properties: - env: - description: Env is a reference to an environment variable - that contains credentials that must be used to connect to - the provider. - properties: - name: - description: Name is the name of an environment variable. - type: string - required: - - name - type: object - fs: - description: Fs is a reference to a filesystem location that - contains credentials that must be used to connect to the - provider. - properties: - path: - description: Path is a filesystem path. - type: string - required: - - path - type: object - secretRef: - description: A SecretRef is a reference to a secret key that - contains the credentials that must be used to connect to - the provider. - properties: - key: - description: The key to select. - type: string - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - key - - name - - namespace - type: object - source: - description: Source of the credentials. - enum: - - None - - Secret - - Environment - - Filesystem + kind: + description: Kind of the referenced config. + type: string + name: + description: Name of the referenced config. type: string required: - - source + - apiVersion + - kind + - name type: object - mountPath: - description: MountPath is the mount path of the KV secrets engine. + endpoint: + description: Endpoint is the endpoint of the gRPC server. type: string - server: - description: Server is the url of the Vault server, e.g. "https://vault.acme.org" - type: string - version: - default: v2 - description: Version of the KV Secrets engine of Vault. https://www.vaultproject.io/docs/secrets/kv - type: string - required: - - auth - - mountPath - - server type: object + type: + default: Kubernetes + description: |- + Type configures which secret store to be used. Only the configuration + block for this store will be used and others will be ignored if provided. + Default is Kubernetes. + enum: + - Kubernetes + - Vault + - Plugin + type: string required: - defaultScope type: object @@ -275,13 +173,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -292,8 +192,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -302,6 +203,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -310,9 +214,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/custom.cloudflare.upbound.io_pages.yaml b/package/crds/custom.cloudflare.upbound.io_pages.yaml index 6925e92..158e902 100644 --- a/package/crds/custom.cloudflare.upbound.io_pages.yaml +++ b/package/crds/custom.cloudflare.upbound.io_pages.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: pages.custom.cloudflare.upbound.io spec: group: custom.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Pages is the Schema for the Pagess API. + description: Pages is the Schema for the Pagess API. Provides a resource which + manages Cloudflare custom pages. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +74,11 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Conflicts with `zone_id`. + description: |- + The account ID where the custom pages should be + updated. Either account_id or zone_id must be provided. If + account_id is present, it will override the zone setting. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +91,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +118,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +133,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,14 +155,25 @@ spec: type: object type: object state: + description: |- + Managed state of the custom page. Must be one of + default, customized. type: string type: + description: |- + The type of custom page you wish to update. Must + be one of basic_challenge, waf_challenge, waf_block, + ratelimit_block, country_challenge, ip_block, under_attack, + 500_errors, 1000_errors, always_online, managed_challenge. type: string url: + description: URL of where the custom page source is located. type: string zoneId: - description: The zone identifier to target for the resource. Conflicts - with `account_id`. + description: |- + The zone ID where the custom pages should be + updated. Either zone_id or account_id must be provided. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -161,21 +186,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -188,8 +213,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -202,73 +228,252 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - type - - url type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The account ID where the custom pages should be + updated. Either account_id or zone_id must be provided. If + account_id is present, it will override the zone setting. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + state: + description: |- + Managed state of the custom page. Must be one of + default, customized. + type: string + type: + description: |- + The type of custom page you wish to update. Must + be one of basic_challenge, waf_challenge, waf_block, + ratelimit_block, country_challenge, ip_block, under_attack, + 500_errors, 1000_errors, always_online, managed_challenge. + type: string + url: + description: URL of where the custom page source is located. + type: string + zoneId: + description: |- + The zone ID where the custom pages should be + updated. Either zone_id or account_id must be provided. + The zone identifier to target for the resource. Conflicts with `account_id`. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -278,21 +483,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -302,17 +507,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -322,21 +529,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -351,21 +558,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -376,14 +584,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -398,13 +607,50 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.type is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.type) + || (has(self.initProvider) && has(self.initProvider.type))' + - message: spec.forProvider.url is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.url) + || (has(self.initProvider) && has(self.initProvider.url))' status: description: PagesStatus defines the observed state of Pages. properties: atProvider: properties: + accountId: + description: |- + The account ID where the custom pages should be + updated. Either account_id or zone_id must be provided. If + account_id is present, it will override the zone setting. + The account identifier to target for the resource. Conflicts with `zone_id`. + type: string id: type: string + state: + description: |- + Managed state of the custom page. Must be one of + default, customized. + type: string + type: + description: |- + The type of custom page you wish to update. Must + be one of basic_challenge, waf_challenge, waf_block, + ratelimit_block, country_challenge, ip_block, under_attack, + 500_errors, 1000_errors, always_online, managed_challenge. + type: string + url: + description: URL of where the custom page source is located. + type: string + zoneId: + description: |- + The zone ID where the custom pages should be + updated. Either zone_id or account_id must be provided. + The zone identifier to target for the resource. Conflicts with `account_id`. + type: string type: object conditions: description: Conditions of the resource. @@ -412,13 +658,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -429,8 +677,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -439,6 +688,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -447,9 +699,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/custom.cloudflare.upbound.io_ssls.yaml b/package/crds/custom.cloudflare.upbound.io_ssls.yaml index ec95db4..16e73e0 100644 --- a/package/crds/custom.cloudflare.upbound.io_ssls.yaml +++ b/package/crds/custom.cloudflare.upbound.io_ssls.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: ssls.custom.cloudflare.upbound.io spec: group: custom.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: SSL is the Schema for the SSLs API. + description: SSL is the Schema for the SSLs API. Provides a Cloudflare custom + SSL resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,19 +74,29 @@ spec: forProvider: properties: customSslOptions: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type. + **Modifying this attribute will force creation of a new resource.** items: properties: bundleMethod: + description: Method of building intermediate certificate + chain. A ubiquitous bundle has the highest probability + of being verified everywhere, even by clients using outdated + or unusual trust stores. An optimal bundle uses the shortest + chain and newest intermediates. And the force bundle verifies + the chain, but does not otherwise modify it. Valid values + are ubiquitous (default), optimal, force. type: string certificate: + description: Certificate certificate and the intermediate(s) type: string geoRestrictions: + description: Specifies the region where your private key + can be held locally. Valid values are us, eu, highest_security. type: string privateKeySecretRef: - description: A SecretKeySelector is a reference to a secret - key in an arbitrary namespace. + description: Certificate's private key properties: key: description: The key to select. @@ -93,6 +113,9 @@ spec: - namespace type: object type: + description: Whether to enable support for legacy clients + which do not include SNI in the TLS handshake. Valid values + are legacy_custom (default), sni_custom. type: string type: object type: array @@ -106,7 +129,9 @@ spec: type: object type: array zoneId: - description: The zone identifier to target for the resource. + description: |- + The DNS zone id to the custom ssl cert should be added. + The zone identifier to target for the resource. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -119,21 +144,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -146,8 +171,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -160,21 +186,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -182,48 +208,171 @@ spec: type: object type: object type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + customSslOptions: + description: |- + The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type. + **Modifying this attribute will force creation of a new resource.** + items: + properties: + bundleMethod: + description: Method of building intermediate certificate + chain. A ubiquitous bundle has the highest probability + of being verified everywhere, even by clients using outdated + or unusual trust stores. An optimal bundle uses the shortest + chain and newest intermediates. And the force bundle verifies + the chain, but does not otherwise modify it. Valid values + are ubiquitous (default), optimal, force. + type: string + certificate: + description: Certificate certificate and the intermediate(s) + type: string + geoRestrictions: + description: Specifies the region where your private key + can be held locally. Valid values are us, eu, highest_security. + type: string + type: + description: Whether to enable support for legacy clients + which do not include SNI in the TLS handshake. Valid values + are legacy_custom (default), sni_custom. + type: string + type: object + type: array + customSslPriority: + items: + properties: + id: + type: string + priority: + type: number + type: object + type: array + zoneId: + description: |- + The DNS zone id to the custom ssl cert should be added. + The zone identifier to target for the resource. type: string - policy: - description: Policies for referencing. + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -233,21 +382,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -257,17 +406,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -277,21 +428,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -306,21 +457,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -331,14 +483,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -358,6 +511,44 @@ spec: properties: atProvider: properties: + customSslOptions: + description: |- + The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type. + **Modifying this attribute will force creation of a new resource.** + items: + properties: + bundleMethod: + description: Method of building intermediate certificate + chain. A ubiquitous bundle has the highest probability + of being verified everywhere, even by clients using outdated + or unusual trust stores. An optimal bundle uses the shortest + chain and newest intermediates. And the force bundle verifies + the chain, but does not otherwise modify it. Valid values + are ubiquitous (default), optimal, force. + type: string + certificate: + description: Certificate certificate and the intermediate(s) + type: string + geoRestrictions: + description: Specifies the region where your private key + can be held locally. Valid values are us, eu, highest_security. + type: string + type: + description: Whether to enable support for legacy clients + which do not include SNI in the TLS handshake. Valid values + are legacy_custom (default), sni_custom. + type: string + type: object + type: array + customSslPriority: + items: + properties: + id: + type: string + priority: + type: number + type: object + type: array expiresOn: type: string hosts: @@ -378,6 +569,11 @@ spec: type: string uploadedOn: type: string + zoneId: + description: |- + The DNS zone id to the custom ssl cert should be added. + The zone identifier to target for the resource. + type: string type: object conditions: description: Conditions of the resource. @@ -385,13 +581,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -402,8 +600,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -412,6 +611,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -420,9 +622,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/customhostname.cloudflare.upbound.io_fallbackorigins.yaml b/package/crds/customhostname.cloudflare.upbound.io_fallbackorigins.yaml index 77eac75..7f565ac 100644 --- a/package/crds/customhostname.cloudflare.upbound.io_fallbackorigins.yaml +++ b/package/crds/customhostname.cloudflare.upbound.io_fallbackorigins.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: fallbackorigins.customhostname.cloudflare.upbound.io spec: group: customhostname.cloudflare.upbound.io @@ -35,18 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: FallbackOrigin is the Schema for the FallbackOrigins API. + description: FallbackOrigin is the Schema for the FallbackOrigins API. Provides + a Cloudflare custom hostname fallback origin resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,10 +74,13 @@ spec: forProvider: properties: origin: + description: Hostname you intend to fallback requests to. Origin + must be a proxied A/AAAA/CNAME DNS record within Clouldflare. type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + The DNS zone ID where the custom hostname should be assigned. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -81,21 +93,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -108,8 +120,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -122,72 +135,159 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - origin type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + origin: + description: Hostname you intend to fallback requests to. Origin + must be a proxied A/AAAA/CNAME DNS record within Clouldflare. type: string - policy: - description: Policies for referencing. + zoneId: + description: |- + The DNS zone ID where the custom hostname should be assigned. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -197,21 +297,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -221,17 +321,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -241,21 +343,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -270,21 +372,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -295,14 +398,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -317,6 +421,11 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.origin is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.origin) + || (has(self.initProvider) && has(self.initProvider.origin))' status: description: FallbackOriginStatus defines the observed state of FallbackOrigin. properties: @@ -324,7 +433,17 @@ spec: properties: id: type: string + origin: + description: Hostname you intend to fallback requests to. Origin + must be a proxied A/AAAA/CNAME DNS record within Clouldflare. + type: string status: + description: Status of the fallback origin's activation. + type: string + zoneId: + description: |- + The DNS zone ID where the custom hostname should be assigned. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -333,13 +452,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -350,8 +471,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -360,6 +482,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -368,9 +493,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/customhostname.cloudflare.upbound.io_hostnames.yaml b/package/crds/customhostname.cloudflare.upbound.io_hostnames.yaml index a346399..39e49a2 100644 --- a/package/crds/customhostname.cloudflare.upbound.io_hostnames.yaml +++ b/package/crds/customhostname.cloudflare.upbound.io_hostnames.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: hostnames.customhostname.cloudflare.upbound.io spec: group: customhostname.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Hostname is the Schema for the Hostnames API. + description: Hostname is the Schema for the Hostnames API. Provides a Cloudflare + custom hostname (also known as SSL for SaaS) resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -66,84 +76,107 @@ spec: customMetadata: additionalProperties: type: string - description: Custom metadata associated with custom hostname. - Only supports primitive string values, all other values are - accessible via the API directly. + description: |- + (Map of String) Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. + Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. type: object + x-kubernetes-map-type: granular customOriginServer: - description: The custom origin server used for certificates. + description: |- + (String) The custom origin server used for certificates. + The custom origin server used for certificates. type: string customOriginSni: - description: The [custom origin SNI](https://developers.cloudflare.com/ssl/ssl-for-saas/hostname-specific-behavior/custom-origin) - used for certificates. + description: |- + (String) The custom origin SNI used for certificates. + The [custom origin SNI](https://developers.cloudflare.com/ssl/ssl-for-saas/hostname-specific-behavior/custom-origin) used for certificates. type: string hostname: - description: Hostname you intend to request a certificate for. - **Modifying this attribute will force creation of a new resource.** + description: |- + (String) Hostname you intend to request a certificate for. Modifying this attribute will force creation of a new resource. + Hostname you intend to request a certificate for. **Modifying this attribute will force creation of a new resource.** type: string ssl: - description: SSL configuration of the certificate. + description: |- + (Block List) SSL configuration of the certificate. (see below for nested schema) + SSL configuration of the certificate. items: properties: certificateAuthority: + description: (String) type: string customCertificate: - description: If a custom uploaded certificate is used. + description: |- + (String) If a custom uploaded certificate is used. + If a custom uploaded certificate is used. type: string customKey: - description: The key for a custom uploaded certificate. + description: |- + (String) The key for a custom uploaded certificate. + The key for a custom uploaded certificate. type: string method: - description: 'Domain control validation (DCV) method used - for this hostname. Available values: `http`, `txt`, `email`.' + description: |- + (String) Domain control validation (DCV) method used for this hostname. Available values: http, txt, email. + Domain control validation (DCV) method used for this hostname. Available values: `http`, `txt`, `email`. type: string settings: - description: SSL/TLS settings for the certificate. + description: |- + (Block List) SSL/TLS settings for the certificate. (see below for nested schema) + SSL/TLS settings for the certificate. items: properties: ciphers: - description: List of SSL/TLS ciphers to associate - with this certificate. + description: |- + (Set of String) List of SSL/TLS ciphers to associate with this certificate. + List of SSL/TLS ciphers to associate with this certificate. items: type: string type: array + x-kubernetes-list-type: set earlyHints: - description: 'Whether early hints should be supported. - Available values: `on`, `off`.' + description: |- + (String) Whether early hints should be supported. Available values: on, off. + Whether early hints should be supported. Available values: `on`, `off`. type: string http2: - description: 'Whether HTTP2 should be supported. Available - values: `on`, `off`.' + description: |- + (String) Whether HTTP2 should be supported. Available values: on, off. + Whether HTTP2 should be supported. Available values: `on`, `off`. type: string minTlsVersion: - description: 'Lowest version of TLS this certificate - should support. Available values: `1.0`, `1.1`, - `1.2`, `1.3`.' + description: |- + (String) Lowest version of TLS this certificate should support. Available values: 1.0, 1.1, 1.2, 1.3. + Lowest version of TLS this certificate should support. Available values: `1.0`, `1.1`, `1.2`, `1.3`. type: string tls13: - description: 'Whether TLSv1.3 should be supported. - Available values: `on`, `off`.' + description: |- + (String) Whether TLSv1.3 should be supported. Available values: on, off. + Whether TLSv1.3 should be supported. Available values: `on`, `off`. type: string type: object type: array type: - description: 'Level of validation to be used for this hostname. - Available values: `dv`. Defaults to `dv`.' + description: |- + (String) Level of validation to be used for this hostname. Available values: dv. Defaults to dv. + Level of validation to be used for this hostname. Available values: `dv`. Defaults to `dv`. type: string wildcard: - description: Indicates whether the certificate covers a - wildcard. + description: |- + (Boolean) Indicates whether the certificate covers a wildcard. + Indicates whether the certificate covers a wildcard. type: boolean type: object type: array waitForSslPendingValidation: - description: Whether to wait for a custom hostname SSL sub-object - to reach status `pending_validation` during creation. Defaults - to `false`. + description: |- + object to reach status pending_validation during creation. Defaults to false. + Whether to wait for a custom hostname SSL sub-object to reach status `pending_validation` during creation. Defaults to `false`. type: boolean zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -156,21 +189,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -183,8 +216,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -197,72 +231,255 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - hostname type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + customMetadata: + additionalProperties: + type: string + description: |- + (Map of String) Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. + Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. + type: object + x-kubernetes-map-type: granular + customOriginServer: + description: |- + (String) The custom origin server used for certificates. + The custom origin server used for certificates. type: string - policy: - description: Policies for referencing. + customOriginSni: + description: |- + (String) The custom origin SNI used for certificates. + The [custom origin SNI](https://developers.cloudflare.com/ssl/ssl-for-saas/hostname-specific-behavior/custom-origin) used for certificates. + type: string + hostname: + description: |- + (String) Hostname you intend to request a certificate for. Modifying this attribute will force creation of a new resource. + Hostname you intend to request a certificate for. **Modifying this attribute will force creation of a new resource.** + type: string + ssl: + description: |- + (Block List) SSL configuration of the certificate. (see below for nested schema) + SSL configuration of the certificate. + items: + properties: + certificateAuthority: + description: (String) + type: string + customCertificate: + description: |- + (String) If a custom uploaded certificate is used. + If a custom uploaded certificate is used. + type: string + customKey: + description: |- + (String) The key for a custom uploaded certificate. + The key for a custom uploaded certificate. + type: string + method: + description: |- + (String) Domain control validation (DCV) method used for this hostname. Available values: http, txt, email. + Domain control validation (DCV) method used for this hostname. Available values: `http`, `txt`, `email`. + type: string + settings: + description: |- + (Block List) SSL/TLS settings for the certificate. (see below for nested schema) + SSL/TLS settings for the certificate. + items: + properties: + ciphers: + description: |- + (Set of String) List of SSL/TLS ciphers to associate with this certificate. + List of SSL/TLS ciphers to associate with this certificate. + items: + type: string + type: array + x-kubernetes-list-type: set + earlyHints: + description: |- + (String) Whether early hints should be supported. Available values: on, off. + Whether early hints should be supported. Available values: `on`, `off`. + type: string + http2: + description: |- + (String) Whether HTTP2 should be supported. Available values: on, off. + Whether HTTP2 should be supported. Available values: `on`, `off`. + type: string + minTlsVersion: + description: |- + (String) Lowest version of TLS this certificate should support. Available values: 1.0, 1.1, 1.2, 1.3. + Lowest version of TLS this certificate should support. Available values: `1.0`, `1.1`, `1.2`, `1.3`. + type: string + tls13: + description: |- + (String) Whether TLSv1.3 should be supported. Available values: on, off. + Whether TLSv1.3 should be supported. Available values: `on`, `off`. + type: string + type: object + type: array + type: + description: |- + (String) Level of validation to be used for this hostname. Available values: dv. Defaults to dv. + Level of validation to be used for this hostname. Available values: `dv`. Defaults to `dv`. + type: string + wildcard: + description: |- + (Boolean) Indicates whether the certificate covers a wildcard. + Indicates whether the certificate covers a wildcard. + type: boolean + type: object + type: array + waitForSslPendingValidation: + description: |- + object to reach status pending_validation during creation. Defaults to false. + Whether to wait for a custom hostname SSL sub-object to reach status `pending_validation` during creation. Defaults to `false`. + type: boolean + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -272,21 +489,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -296,17 +513,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -316,21 +535,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -345,21 +564,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -370,14 +590,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -392,59 +613,181 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.hostname is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.hostname) + || (has(self.initProvider) && has(self.initProvider.hostname))' status: description: HostnameStatus defines the observed state of Hostname. properties: atProvider: properties: + customMetadata: + additionalProperties: + type: string + description: |- + (Map of String) Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. + Custom metadata associated with custom hostname. Only supports primitive string values, all other values are accessible via the API directly. + type: object + x-kubernetes-map-type: granular + customOriginServer: + description: |- + (String) The custom origin server used for certificates. + The custom origin server used for certificates. + type: string + customOriginSni: + description: |- + (String) The custom origin SNI used for certificates. + The [custom origin SNI](https://developers.cloudflare.com/ssl/ssl-for-saas/hostname-specific-behavior/custom-origin) used for certificates. + type: string + hostname: + description: |- + (String) Hostname you intend to request a certificate for. Modifying this attribute will force creation of a new resource. + Hostname you intend to request a certificate for. **Modifying this attribute will force creation of a new resource.** + type: string id: + description: (String) The ID of this resource. type: string ownershipVerification: additionalProperties: type: string + description: (Map of String) type: object + x-kubernetes-map-type: granular ownershipVerificationHttp: additionalProperties: type: string + description: (Map of String) type: object + x-kubernetes-map-type: granular ssl: - description: SSL configuration of the certificate. + description: |- + (Block List) SSL configuration of the certificate. (see below for nested schema) + SSL configuration of the certificate. items: properties: + certificateAuthority: + description: (String) + type: string + customCertificate: + description: |- + (String) If a custom uploaded certificate is used. + If a custom uploaded certificate is used. + type: string + customKey: + description: |- + (String) The key for a custom uploaded certificate. + The key for a custom uploaded certificate. + type: string + method: + description: |- + (String) Domain control validation (DCV) method used for this hostname. Available values: http, txt, email. + Domain control validation (DCV) method used for this hostname. Available values: `http`, `txt`, `email`. + type: string + settings: + description: |- + (Block List) SSL/TLS settings for the certificate. (see below for nested schema) + SSL/TLS settings for the certificate. + items: + properties: + ciphers: + description: |- + (Set of String) List of SSL/TLS ciphers to associate with this certificate. + List of SSL/TLS ciphers to associate with this certificate. + items: + type: string + type: array + x-kubernetes-list-type: set + earlyHints: + description: |- + (String) Whether early hints should be supported. Available values: on, off. + Whether early hints should be supported. Available values: `on`, `off`. + type: string + http2: + description: |- + (String) Whether HTTP2 should be supported. Available values: on, off. + Whether HTTP2 should be supported. Available values: `on`, `off`. + type: string + minTlsVersion: + description: |- + (String) Lowest version of TLS this certificate should support. Available values: 1.0, 1.1, 1.2, 1.3. + Lowest version of TLS this certificate should support. Available values: `1.0`, `1.1`, `1.2`, `1.3`. + type: string + tls13: + description: |- + (String) Whether TLSv1.3 should be supported. Available values: on, off. + Whether TLSv1.3 should be supported. Available values: `on`, `off`. + type: string + type: object + type: array status: + description: (String) Status of the certificate. + type: string + type: + description: |- + (String) Level of validation to be used for this hostname. Available values: dv. Defaults to dv. + Level of validation to be used for this hostname. Available values: `dv`. Defaults to `dv`. type: string validationErrors: + description: (List of Object) (see below for nested schema) items: properties: message: + description: (String) type: string type: object type: array validationRecords: + description: (List of Object) (see below for nested schema) items: properties: cnameName: + description: (String) type: string cnameTarget: + description: (String) type: string emails: + description: (List of String) items: type: string type: array httpBody: + description: (String) type: string httpUrl: + description: (String) type: string txtName: + description: (String) type: string txtValue: + description: (String) type: string type: object type: array + wildcard: + description: |- + (Boolean) Indicates whether the certificate covers a wildcard. + Indicates whether the certificate covers a wildcard. + type: boolean type: object type: array status: - description: Status of the certificate. + description: |- + (String) Status of the certificate. + Status of the certificate. + type: string + waitForSslPendingValidation: + description: |- + object to reach status pending_validation during creation. Defaults to false. + Whether to wait for a custom hostname SSL sub-object to reach status `pending_validation` during creation. Defaults to `false`. + type: boolean + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -453,13 +796,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -470,8 +815,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -480,6 +826,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -488,9 +837,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/dlp.cloudflare.upbound.io_profiles.yaml b/package/crds/dlp.cloudflare.upbound.io_profiles.yaml index 1d860c1..4c8bde1 100644 --- a/package/crds/dlp.cloudflare.upbound.io_profiles.yaml +++ b/package/crds/dlp.cloudflare.upbound.io_profiles.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: profiles.dlp.cloudflare.upbound.io spec: group: dlp.cloudflare.upbound.io @@ -35,17 +34,25 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Profile is the Schema for the Profiles API. + description: Profile is the Schema for the Profiles API. Provides a Cloudflare + DLP Profile resource. Data Loss Prevention profiles are a set of entries + that can be matched in HTTP bodies or files. They are referenced in Zero + Trust Gateway rules. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +61,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +76,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - **Modifying this attribute will force creation of a new resource.** + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +91,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +118,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +133,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,95 +155,243 @@ spec: type: object type: object description: - description: Brief summary of the profile and its intended use. + description: |- + (String) Brief summary of the profile and its intended use. + Brief summary of the profile and its intended use. type: string entry: - description: List of entries to apply to the profile. + description: |- + (Block Set, Min: 1) List of entries to apply to the profile. (see below for nested schema) + List of entries to apply to the profile. items: properties: enabled: - description: Whether the entry is active. Defaults to `false`. + description: |- + (Boolean) Whether the entry is active. Defaults to false. + Whether the entry is active. Defaults to `false`. type: boolean id: - description: Unique entry identifier. + description: |- + (String) The ID of this resource. + Unique entry identifier. type: string name: - description: Name of the entry to deploy. + description: |- + (String) Name of the profile. Modifying this attribute will force creation of a new resource. + Name of the entry to deploy. type: string pattern: + description: '(Block List, Max: 1) (see below for nested + schema)' items: properties: regex: - description: The regex that defines the pattern. + description: |- + (String) The regex that defines the pattern. + The regex that defines the pattern. type: string validation: - description: The validation algorithm to apply with - this pattern. + description: |- + (String) The validation algorithm to apply with this pattern. + The validation algorithm to apply with this pattern. type: string - required: - - regex type: object type: array - required: - - name type: object type: array name: - description: Name of the profile. **Modifying this attribute will - force creation of a new resource.** + description: |- + (String) Name of the profile. Modifying this attribute will force creation of a new resource. + Name of the profile. **Modifying this attribute will force creation of a new resource.** type: string type: - description: 'The type of the profile. Available values: `custom`, - `predefined`. **Modifying this attribute will force creation - of a new resource.**' + description: |- + (String) The type of the profile. Available values: custom, predefined. Modifying this attribute will force creation of a new resource. + The type of the profile. Available values: `custom`, `predefined`. **Modifying this attribute will force creation of a new resource.** type: string - required: - - entry - - name - - type type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + description: + description: |- + (String) Brief summary of the profile and its intended use. + Brief summary of the profile and its intended use. + type: string + entry: + description: |- + (Block Set, Min: 1) List of entries to apply to the profile. (see below for nested schema) + List of entries to apply to the profile. + items: + properties: + enabled: + description: |- + (Boolean) Whether the entry is active. Defaults to false. + Whether the entry is active. Defaults to `false`. + type: boolean + id: + description: |- + (String) The ID of this resource. + Unique entry identifier. + type: string + name: + description: |- + (String) Name of the profile. Modifying this attribute will force creation of a new resource. + Name of the entry to deploy. + type: string + pattern: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + regex: + description: |- + (String) The regex that defines the pattern. + The regex that defines the pattern. + type: string + validation: + description: |- + (String) The validation algorithm to apply with this pattern. + The validation algorithm to apply with this pattern. + type: string + type: object + type: array + type: object + type: array + name: + description: |- + (String) Name of the profile. Modifying this attribute will force creation of a new resource. + Name of the profile. **Modifying this attribute will force creation of a new resource.** + type: string + type: + description: |- + (String) The type of the profile. Available values: custom, predefined. Modifying this attribute will force creation of a new resource. + The type of the profile. Available values: `custom`, `predefined`. **Modifying this attribute will force creation of a new resource.** + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -239,21 +401,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -263,17 +425,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -283,21 +447,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -312,21 +476,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -337,14 +502,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -359,12 +525,86 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.entry is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.entry) + || (has(self.initProvider) && has(self.initProvider.entry))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.type is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.type) + || (has(self.initProvider) && has(self.initProvider.type))' status: description: ProfileStatus defines the observed state of Profile. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + description: + description: |- + (String) Brief summary of the profile and its intended use. + Brief summary of the profile and its intended use. + type: string + entry: + description: |- + (Block Set, Min: 1) List of entries to apply to the profile. (see below for nested schema) + List of entries to apply to the profile. + items: + properties: + enabled: + description: |- + (Boolean) Whether the entry is active. Defaults to false. + Whether the entry is active. Defaults to `false`. + type: boolean + id: + description: |- + (String) The ID of this resource. + Unique entry identifier. + type: string + name: + description: |- + (String) Name of the profile. Modifying this attribute will force creation of a new resource. + Name of the entry to deploy. + type: string + pattern: + description: '(Block List, Max: 1) (see below for nested + schema)' + items: + properties: + regex: + description: |- + (String) The regex that defines the pattern. + The regex that defines the pattern. + type: string + validation: + description: |- + (String) The validation algorithm to apply with this pattern. + The validation algorithm to apply with this pattern. + type: string + type: object + type: array + type: object + type: array id: + description: (String) The ID of this resource. + type: string + name: + description: |- + (String) Name of the profile. Modifying this attribute will force creation of a new resource. + Name of the profile. **Modifying this attribute will force creation of a new resource.** + type: string + type: + description: |- + (String) The type of the profile. Available values: custom, predefined. Modifying this attribute will force creation of a new resource. + The type of the profile. Available values: `custom`, `predefined`. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -373,13 +613,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -390,8 +632,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -400,6 +643,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -408,9 +654,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/dns.cloudflare.upbound.io_records.yaml b/package/crds/dns.cloudflare.upbound.io_records.yaml index 6570fe7..9d9518a 100644 --- a/package/crds/dns.cloudflare.upbound.io_records.yaml +++ b/package/crds/dns.cloudflare.upbound.io_records.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: records.dns.cloudflare.upbound.io spec: group: dns.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Record is the Schema for the Records API. + description: Record is the Schema for the Records API. Provides a Cloudflare + record resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,10 +74,14 @@ spec: forProvider: properties: allowOverwrite: - description: Defaults to `false`. + description: |- + false by default. This configuration is not recommended for most environments. + Defaults to `false`. type: boolean data: - description: Conflicts with `value`. + description: |- + Map of attributes that constitute the record value. Primarily used for LOC and SRV record types. Either this or value must be specified + Conflicts with `value`. items: properties: algorithm: @@ -81,6 +95,7 @@ spec: digest: type: string digestType: + description: The type of the record type: number fingerprint: type: string @@ -105,8 +120,10 @@ spec: longSeconds: type: number matchingType: + description: The type of the record type: number name: + description: The name of the record type: string order: type: number @@ -119,6 +136,7 @@ spec: preference: type: number priority: + description: The priority of the record type: number proto: type: string @@ -141,35 +159,47 @@ spec: target: type: string type: + description: The type of the record type: number usage: type: number value: + description: The (string) value of the record. Either this + or data must be specified type: string weight: type: number type: object type: array name: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + The name of the record + **Modifying this attribute will force creation of a new resource.** type: string priority: + description: The priority of the record type: number proxied: + description: Whether the record gets Cloudflare's origin protection; + defaults to false. type: boolean ttl: + description: 'The TTL of the record (automatic: ''1'')' type: number type: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + The type of the record + **Modifying this attribute will force creation of a new resource.** type: string value: - description: Conflicts with `data`. + description: |- + The (string) value of the record. Either this or data must be specified + Conflicts with `data`. type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + The DNS zone ID to add the record to + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -182,21 +212,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -209,8 +239,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -223,73 +254,278 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - name - - type type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: + allowOverwrite: + description: |- + false by default. This configuration is not recommended for most environments. + Defaults to `false`. + type: boolean + data: + description: |- + Map of attributes that constitute the record value. Primarily used for LOC and SRV record types. Either this or value must be specified + Conflicts with `value`. + items: + properties: + algorithm: + type: number + altitude: + type: number + certificate: + type: string + content: + type: string + digest: + type: string + digestType: + description: The type of the record + type: number + fingerprint: + type: string + flags: + type: string + keyTag: + type: number + latDegrees: + type: number + latDirection: + type: string + latMinutes: + type: number + latSeconds: + type: number + longDegrees: + type: number + longDirection: + type: string + longMinutes: + type: number + longSeconds: + type: number + matchingType: + description: The type of the record + type: number + name: + description: The name of the record + type: string + order: + type: number + port: + type: number + precisionHorz: + type: number + precisionVert: + type: number + preference: + type: number + priority: + description: The priority of the record + type: number + proto: + type: string + protocol: + type: number + publicKey: + type: string + regex: + type: string + replacement: + type: string + selector: + type: number + service: + type: string + size: + type: number + tag: + type: string + target: + type: string + type: + description: The type of the record + type: number + usage: + type: number + value: + description: The (string) value of the record. Either this + or data must be specified + type: string + weight: + type: number + type: object + type: array name: - description: Name of the referenced object. + description: |- + The name of the record + **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + priority: + description: The priority of the record + type: number + proxied: + description: Whether the record gets Cloudflare's origin protection; + defaults to false. + type: boolean + ttl: + description: 'The TTL of the record (automatic: ''1'')' + type: number + type: + description: |- + The type of the record + **Modifying this attribute will force creation of a new resource.** + type: string + value: + description: |- + The (string) value of the record. Either this or data must be specified + Conflicts with `data`. + type: string + zoneId: + description: |- + The DNS zone ID to add the record to + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -299,21 +535,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -323,17 +559,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -343,21 +581,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -372,21 +610,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -397,14 +636,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -419,25 +659,172 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.type is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.type) + || (has(self.initProvider) && has(self.initProvider.type))' status: description: RecordStatus defines the observed state of Record. properties: atProvider: properties: + allowOverwrite: + description: |- + false by default. This configuration is not recommended for most environments. + Defaults to `false`. + type: boolean createdOn: + description: The RFC3339 timestamp of when the record was created type: string + data: + description: |- + Map of attributes that constitute the record value. Primarily used for LOC and SRV record types. Either this or value must be specified + Conflicts with `value`. + items: + properties: + algorithm: + type: number + altitude: + type: number + certificate: + type: string + content: + type: string + digest: + type: string + digestType: + description: The type of the record + type: number + fingerprint: + type: string + flags: + type: string + keyTag: + type: number + latDegrees: + type: number + latDirection: + type: string + latMinutes: + type: number + latSeconds: + type: number + longDegrees: + type: number + longDirection: + type: string + longMinutes: + type: number + longSeconds: + type: number + matchingType: + description: The type of the record + type: number + name: + description: The name of the record + type: string + order: + type: number + port: + type: number + precisionHorz: + type: number + precisionVert: + type: number + preference: + type: number + priority: + description: The priority of the record + type: number + proto: + type: string + protocol: + type: number + publicKey: + type: string + regex: + type: string + replacement: + type: string + selector: + type: number + service: + type: string + size: + type: number + tag: + type: string + target: + type: string + type: + description: The type of the record + type: number + usage: + type: number + value: + description: The (string) value of the record. Either this + or data must be specified + type: string + weight: + type: number + type: object + type: array hostname: + description: The FQDN of the record type: string id: + description: The record ID type: string metadata: additionalProperties: type: string + description: A key-value map of string metadata Cloudflare associates + with the record type: object + x-kubernetes-map-type: granular modifiedOn: + description: The RFC3339 timestamp of when the record was last + modified type: string + name: + description: |- + The name of the record + **Modifying this attribute will force creation of a new resource.** + type: string + priority: + description: The priority of the record + type: number proxiable: + description: Shows whether this record can be proxied, must be + true if setting proxied=true + type: boolean + proxied: + description: Whether the record gets Cloudflare's origin protection; + defaults to false. type: boolean + ttl: + description: 'The TTL of the record (automatic: ''1'')' + type: number + type: + description: |- + The type of the record + **Modifying this attribute will force creation of a new resource.** + type: string + value: + description: |- + The (string) value of the record. Either this or data must be specified + Conflicts with `data`. + type: string + zoneId: + description: |- + The DNS zone ID to add the record to + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string type: object conditions: description: Conditions of the resource. @@ -445,13 +832,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -462,8 +851,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -472,6 +862,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -480,9 +873,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/emailrouting.cloudflare.upbound.io_addresses.yaml b/package/crds/emailrouting.cloudflare.upbound.io_addresses.yaml index a8a5b22..eee5df5 100644 --- a/package/crds/emailrouting.cloudflare.upbound.io_addresses.yaml +++ b/package/crds/emailrouting.cloudflare.upbound.io_addresses.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: addresses.emailrouting.cloudflare.upbound.io spec: group: emailrouting.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Address is the Schema for the Addresss API. + description: Address is the Schema for the Addresss API. Provides a resource + for managing Email Routing Addresses. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - **Modifying this attribute will force creation of a new resource.** + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,54 +153,143 @@ spec: type: object type: object email: - description: The contact email address of the user. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The contact email address of the user. Modifying this attribute will force creation of a new resource. + The contact email address of the user. **Modifying this attribute will force creation of a new resource.** type: string - required: - - email type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + email: + description: |- + (String) The contact email address of the user. Modifying this attribute will force creation of a new resource. + The contact email address of the user. **Modifying this attribute will force creation of a new resource.** + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -198,21 +299,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -222,17 +323,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -242,21 +345,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -271,21 +374,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -296,14 +400,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -318,27 +423,48 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.email is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.email) + || (has(self.initProvider) && has(self.initProvider.email))' status: description: AddressStatus defines the observed state of Address. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string created: - description: The date and time the destination address has been - created. + description: |- + (String) The date and time the destination address has been created. + The date and time the destination address has been created. + type: string + email: + description: |- + (String) The contact email address of the user. Modifying this attribute will force creation of a new resource. + The contact email address of the user. **Modifying this attribute will force creation of a new resource.** type: string id: + description: (String) The ID of this resource. type: string modified: - description: The date and time the destination address was last - modified. + description: |- + (String) The date and time the destination address was last modified. + The date and time the destination address was last modified. type: string tag: - description: Destination address identifier. + description: |- + (String) Destination address identifier. + Destination address identifier. type: string verified: - description: The date and time the destination address has been - verified. Null means not verified yet. + description: |- + (String) The date and time the destination address has been verified. Null means not verified yet. + The date and time the destination address has been verified. Null means not verified yet. type: string type: object conditions: @@ -347,13 +473,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -364,8 +492,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -374,6 +503,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -382,9 +514,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/emailrouting.cloudflare.upbound.io_catchalls.yaml b/package/crds/emailrouting.cloudflare.upbound.io_catchalls.yaml index 26d0409..13c3678 100644 --- a/package/crds/emailrouting.cloudflare.upbound.io_catchalls.yaml +++ b/package/crds/emailrouting.cloudflare.upbound.io_catchalls.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: catchalls.emailrouting.cloudflare.upbound.io spec: group: emailrouting.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: CatchAll is the Schema for the CatchAlls API. + description: CatchAll is the Schema for the CatchAlls API. Provides a resource + for managing Email Routing Addresses catch all behaviour. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,42 +74,52 @@ spec: forProvider: properties: action: - description: List actions patterns. + description: |- + (Block Set, Min: 1) List actions patterns. (see below for nested schema) + List actions patterns. items: properties: type: - description: 'Type of supported action. Available values: - `drop`, `forward`, `worker`.' + description: |- + (String) Type of supported action. Available values: drop, forward, worker. + Type of supported action. Available values: `drop`, `forward`, `worker`. type: string value: - description: A list with items in the following form. + description: |- + (List of String) A list with items in the following form. + A list with items in the following form. items: type: string type: array - required: - - type - - value type: object type: array enabled: - description: Routing rule status. + description: |- + (Boolean) Routing rule status. + Routing rule status. type: boolean matcher: - description: Matching patterns to forward to your actions. + description: |- + (Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema) + Matching patterns to forward to your actions. items: properties: type: - description: 'Type of matcher. Available values: `all`.' + description: |- + (String) Type of supported action. Available values: drop, forward, worker. + Type of matcher. Available values: `all`. type: string - required: - - type type: object type: array name: - description: Routing rule name. + description: |- + (String) Routing rule name. + Routing rule name. type: string zoneId: - description: The zone identifier to target for the resource. + description: |- + (String) The zone identifier to target for the resource. + The zone identifier to target for the resource. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -112,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -139,8 +159,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -153,74 +174,198 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - action - - matcher - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: + action: + description: |- + (Block Set, Min: 1) List actions patterns. (see below for nested schema) + List actions patterns. + items: + properties: + type: + description: |- + (String) Type of supported action. Available values: drop, forward, worker. + Type of supported action. Available values: `drop`, `forward`, `worker`. + type: string + value: + description: |- + (List of String) A list with items in the following form. + A list with items in the following form. + items: + type: string + type: array + type: object + type: array + enabled: + description: |- + (Boolean) Routing rule status. + Routing rule status. + type: boolean + matcher: + description: |- + (Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema) + Matching patterns to forward to your actions. + items: + properties: + type: + description: |- + (String) Type of supported action. Available values: drop, forward, worker. + Type of matcher. Available values: `all`. + type: string + type: object + type: array name: - description: Name of the referenced object. + description: |- + (String) Routing rule name. + Routing rule name. type: string - policy: - description: Policies for referencing. + zoneId: + description: |- + (String) The zone identifier to target for the resource. + The zone identifier to target for the resource. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -230,21 +375,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -254,17 +399,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -274,21 +421,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -303,21 +450,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -328,14 +476,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -350,15 +499,79 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.action is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.action) + || (has(self.initProvider) && has(self.initProvider.action))' + - message: spec.forProvider.matcher is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.matcher) + || (has(self.initProvider) && has(self.initProvider.matcher))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: CatchAllStatus defines the observed state of CatchAll. properties: atProvider: properties: + action: + description: |- + (Block Set, Min: 1) List actions patterns. (see below for nested schema) + List actions patterns. + items: + properties: + type: + description: |- + (String) Type of supported action. Available values: drop, forward, worker. + Type of supported action. Available values: `drop`, `forward`, `worker`. + type: string + value: + description: |- + (List of String) A list with items in the following form. + A list with items in the following form. + items: + type: string + type: array + type: object + type: array + enabled: + description: |- + (Boolean) Routing rule status. + Routing rule status. + type: boolean id: + description: (String) The ID of this resource. + type: string + matcher: + description: |- + (Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema) + Matching patterns to forward to your actions. + items: + properties: + type: + description: |- + (String) Type of supported action. Available values: drop, forward, worker. + Type of matcher. Available values: `all`. + type: string + type: object + type: array + name: + description: |- + (String) Routing rule name. + Routing rule name. type: string tag: - description: Routing rule identifier. + description: |- + (String) Routing rule identifier. + Routing rule identifier. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. + The zone identifier to target for the resource. type: string type: object conditions: @@ -367,13 +580,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -384,8 +599,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -394,6 +610,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -402,9 +621,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/emailrouting.cloudflare.upbound.io_rules.yaml b/package/crds/emailrouting.cloudflare.upbound.io_rules.yaml index 8aa599a..3315957 100644 --- a/package/crds/emailrouting.cloudflare.upbound.io_rules.yaml +++ b/package/crds/emailrouting.cloudflare.upbound.io_rules.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: rules.emailrouting.cloudflare.upbound.io spec: group: emailrouting.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Rule is the Schema for the Rules API. + description: Rule is the Schema for the Rules API. Provides a resource for + managing Email Routing rules. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,50 +74,67 @@ spec: forProvider: properties: action: - description: List actions patterns. + description: |- + (Block Set, Min: 1) List actions patterns. (see below for nested schema) + List actions patterns. items: properties: type: - description: Type of supported action. + description: |- + (String) Type of supported action. + Type of supported action. type: string value: - description: An array with items in the following form. + description: |- + (List of String) An array with items in the following form. + An array with items in the following form. items: type: string type: array - required: - - type - - value type: object type: array enabled: - description: Routing rule status. + description: |- + (Boolean) Routing rule status. + Routing rule status. type: boolean matcher: - description: Matching patterns to forward to your actions. + description: |- + (Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema) + Matching patterns to forward to your actions. items: properties: field: - description: Field for type matcher. + description: |- + (String) Field for type matcher. + Field for type matcher. type: string type: - description: Type of matcher. + description: |- + (String) Type of supported action. + Type of matcher. type: string value: - description: Value for matcher. + description: |- + (List of String) An array with items in the following form. + Value for matcher. type: string - required: - - type type: object type: array name: - description: Routing rule name. + description: |- + (String) Routing rule name. + Routing rule name. type: string priority: - description: Priority of the routing rule. + description: |- + (Number) Priority of the routing rule. + Priority of the routing rule. type: number zoneId: - description: The zone identifier to target for the resource. + description: |- + (String) The zone identifier to target for the resource. + The zone identifier to target for the resource. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -120,21 +147,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -147,8 +174,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -161,74 +189,213 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - action - - matcher - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: + action: + description: |- + (Block Set, Min: 1) List actions patterns. (see below for nested schema) + List actions patterns. + items: + properties: + type: + description: |- + (String) Type of supported action. + Type of supported action. + type: string + value: + description: |- + (List of String) An array with items in the following form. + An array with items in the following form. + items: + type: string + type: array + type: object + type: array + enabled: + description: |- + (Boolean) Routing rule status. + Routing rule status. + type: boolean + matcher: + description: |- + (Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema) + Matching patterns to forward to your actions. + items: + properties: + field: + description: |- + (String) Field for type matcher. + Field for type matcher. + type: string + type: + description: |- + (String) Type of supported action. + Type of matcher. + type: string + value: + description: |- + (List of String) An array with items in the following form. + Value for matcher. + type: string + type: object + type: array name: - description: Name of the referenced object. + description: |- + (String) Routing rule name. + Routing rule name. type: string - policy: - description: Policies for referencing. + priority: + description: |- + (Number) Priority of the routing rule. + Priority of the routing rule. + type: number + zoneId: + description: |- + (String) The zone identifier to target for the resource. + The zone identifier to target for the resource. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -238,21 +405,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -262,17 +429,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -282,21 +451,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -311,21 +480,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -336,14 +506,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -358,15 +529,94 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.action is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.action) + || (has(self.initProvider) && has(self.initProvider.action))' + - message: spec.forProvider.matcher is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.matcher) + || (has(self.initProvider) && has(self.initProvider.matcher))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: RuleStatus defines the observed state of Rule. properties: atProvider: properties: + action: + description: |- + (Block Set, Min: 1) List actions patterns. (see below for nested schema) + List actions patterns. + items: + properties: + type: + description: |- + (String) Type of supported action. + Type of supported action. + type: string + value: + description: |- + (List of String) An array with items in the following form. + An array with items in the following form. + items: + type: string + type: array + type: object + type: array + enabled: + description: |- + (Boolean) Routing rule status. + Routing rule status. + type: boolean id: + description: (String) The ID of this resource. type: string + matcher: + description: |- + (Block Set, Min: 1) Matching patterns to forward to your actions. (see below for nested schema) + Matching patterns to forward to your actions. + items: + properties: + field: + description: |- + (String) Field for type matcher. + Field for type matcher. + type: string + type: + description: |- + (String) Type of supported action. + Type of matcher. + type: string + value: + description: |- + (List of String) An array with items in the following form. + Value for matcher. + type: string + type: object + type: array + name: + description: |- + (String) Routing rule name. + Routing rule name. + type: string + priority: + description: |- + (Number) Priority of the routing rule. + Priority of the routing rule. + type: number tag: - description: Routing rule identifier. + description: |- + (String) Routing rule identifier. + Routing rule identifier. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. + The zone identifier to target for the resource. type: string type: object conditions: @@ -375,13 +625,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -392,8 +644,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -402,6 +655,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -410,9 +666,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/emailrouting.cloudflare.upbound.io_settings.yaml b/package/crds/emailrouting.cloudflare.upbound.io_settings.yaml index 84272df..53b22a6 100644 --- a/package/crds/emailrouting.cloudflare.upbound.io_settings.yaml +++ b/package/crds/emailrouting.cloudflare.upbound.io_settings.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: settings.emailrouting.cloudflare.upbound.io spec: group: emailrouting.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Settings is the Schema for the Settingss API. + description: Settings is the Schema for the Settingss API. Provides a resource + for managing Email Routing settings. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,16 +74,19 @@ spec: forProvider: properties: enabled: - description: State of the zone settings for Email Routing. **Modifying - this attribute will force creation of a new resource.** + description: |- + (Boolean) State of the zone settings for Email Routing. Modifying this attribute will force creation of a new resource. + State of the zone settings for Email Routing. **Modifying this attribute will force creation of a new resource.** type: boolean skipWizard: - description: Flag to check if the user skipped the configuration - wizard. + description: |- + (Boolean) Flag to check if the user skipped the configuration wizard. + Flag to check if the user skipped the configuration wizard. type: boolean zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -86,21 +99,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -113,8 +126,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -127,72 +141,165 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - enabled type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + enabled: + description: |- + (Boolean) State of the zone settings for Email Routing. Modifying this attribute will force creation of a new resource. + State of the zone settings for Email Routing. **Modifying this attribute will force creation of a new resource.** + type: boolean + skipWizard: + description: |- + (Boolean) Flag to check if the user skipped the configuration wizard. + Flag to check if the user skipped the configuration wizard. + type: boolean + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -202,21 +309,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -226,17 +333,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -246,21 +355,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -275,21 +384,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -300,14 +410,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -322,28 +433,58 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.enabled is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.enabled) + || (has(self.initProvider) && has(self.initProvider.enabled))' status: description: SettingsStatus defines the observed state of Settings. properties: atProvider: properties: created: - description: The date and time the settings have been created. + description: |- + (String) The date and time the settings have been created. + The date and time the settings have been created. type: string + enabled: + description: |- + (Boolean) State of the zone settings for Email Routing. Modifying this attribute will force creation of a new resource. + State of the zone settings for Email Routing. **Modifying this attribute will force creation of a new resource.** + type: boolean id: + description: (String) The ID of this resource. type: string modified: - description: The date and time the settings have been modified. + description: |- + (String) The date and time the settings have been modified. + The date and time the settings have been modified. type: string name: - description: Domain of your zone. + description: |- + (String) Domain of your zone. + Domain of your zone. type: string + skipWizard: + description: |- + (Boolean) Flag to check if the user skipped the configuration wizard. + Flag to check if the user skipped the configuration wizard. + type: boolean status: - description: Show the state of your account, and the type or configuration - error. + description: |- + (String) Show the state of your account, and the type or configuration error. + Show the state of your account, and the type or configuration error. type: string tag: - description: Email Routing settings identifier. + description: |- + (String) Email Routing settings identifier. + Email Routing settings identifier. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -352,13 +493,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -369,8 +512,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -379,6 +523,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -387,9 +534,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/filters.cloudflare.upbound.io_filters.yaml b/package/crds/filters.cloudflare.upbound.io_filters.yaml index 325b5db..8a64df6 100644 --- a/package/crds/filters.cloudflare.upbound.io_filters.yaml +++ b/package/crds/filters.cloudflare.upbound.io_filters.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: filters.filters.cloudflare.upbound.io spec: group: filters.cloudflare.upbound.io @@ -35,17 +34,25 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Filter is the Schema for the Filters API. + description: Filter is the Schema for the Filters API. Filter expressions + that can be referenced across multiple features, e.g. Firewall Rules. See + what is a filter https://developers.cloudflare.com/firewall/api/cf-filters/what-is-a-filter/ + for more details and available fields and operators. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +61,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,21 +76,29 @@ spec: forProvider: properties: description: - description: A note that you can use to describe the purpose of - the filter. + description: |- + (String) A note that you can use to describe the purpose of the filter. + A note that you can use to describe the purpose of the filter. type: string expression: - description: The filter expression to be used. + description: |- + (String) The filter expression to be used. + The filter expression to be used. type: string paused: - description: Whether this filter is currently paused. + description: |- + (Boolean) Whether this filter is currently paused. + Whether this filter is currently paused. type: boolean ref: - description: Short reference tag to quickly select related rules. + description: |- + (String) Short reference tag to quickly select related rules. + Short reference tag to quickly select related rules. type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -91,21 +111,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -118,8 +138,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -132,72 +153,175 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - expression type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + description: + description: |- + (String) A note that you can use to describe the purpose of the filter. + A note that you can use to describe the purpose of the filter. type: string - policy: - description: Policies for referencing. + expression: + description: |- + (String) The filter expression to be used. + The filter expression to be used. + type: string + paused: + description: |- + (Boolean) Whether this filter is currently paused. + Whether this filter is currently paused. + type: boolean + ref: + description: |- + (String) Short reference tag to quickly select related rules. + Short reference tag to quickly select related rules. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -207,21 +331,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -231,17 +355,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -251,21 +377,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -280,21 +406,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -305,14 +432,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -327,12 +455,43 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.expression is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.expression) + || (has(self.initProvider) && has(self.initProvider.expression))' status: description: FilterStatus defines the observed state of Filter. properties: atProvider: properties: + description: + description: |- + (String) A note that you can use to describe the purpose of the filter. + A note that you can use to describe the purpose of the filter. + type: string + expression: + description: |- + (String) The filter expression to be used. + The filter expression to be used. + type: string id: + description: (String) The ID of this resource. + type: string + paused: + description: |- + (Boolean) Whether this filter is currently paused. + Whether this filter is currently paused. + type: boolean + ref: + description: |- + (String) Short reference tag to quickly select related rules. + Short reference tag to quickly select related rules. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -341,13 +500,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -358,8 +519,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -368,6 +530,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -376,9 +541,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/firewall.cloudflare.upbound.io_rules.yaml b/package/crds/firewall.cloudflare.upbound.io_rules.yaml index 733498b..8138b2c 100644 --- a/package/crds/firewall.cloudflare.upbound.io_rules.yaml +++ b/package/crds/firewall.cloudflare.upbound.io_rules.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: rules.firewall.cloudflare.upbound.io spec: group: firewall.cloudflare.upbound.io @@ -35,17 +34,26 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Rule is the Schema for the Rules API. + description: Rule is the Schema for the Rules API. Define Firewall rules using + filter expressions for more control over how traffic is matched to the rule. + A filter expression permits selecting traffic by multiple criteria allowing + greater freedom in rule creation. Filter expressions needs to be created + first before using Firewall Rule. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +62,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,16 +77,19 @@ spec: forProvider: properties: action: - description: 'The action to apply to a matched request. Available - values: `block`, `challenge`, `allow`, `js_challenge`, `managed_challenge`, - `log`, `bypass`.' + description: |- + (String) The action to apply to a matched request. Available values: block, challenge, allow, js_challenge, managed_challenge, log, bypass. + The action to apply to a matched request. Available values: `block`, `challenge`, `allow`, `js_challenge`, `managed_challenge`, `log`, `bypass`. type: string description: - description: A description of the rule to help identify it. + description: |- + (String) A description of the rule to help identify it. + A description of the rule to help identify it. type: string filterId: - description: The identifier of the Filter to use for determining - if the Firewall Rule should be triggered. + description: |- + (String) The identifier of the Filter to use for determining if the Firewall Rule should be triggered. + The identifier of the Filter to use for determining if the Firewall Rule should be triggered. type: string filterIdRef: description: Reference to a Filter in filters to populate filterId. @@ -86,21 +102,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -113,8 +129,9 @@ spec: description: Selector for a Filter in filters to populate filterId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -127,21 +144,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -149,24 +166,27 @@ spec: type: object type: object paused: - description: Whether this filter based firewall rule is currently - paused. + description: |- + (Boolean) Whether this filter based firewall rule is currently paused. + Whether this filter based firewall rule is currently paused. type: boolean priority: - description: The priority of the rule to allow control of processing - order. A lower number indicates high priority. If not provided, - any rules with a priority will be sequenced before those without. + description: |- + (Number) The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. + The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. type: number products: - description: 'List of products to bypass for a request when the - bypass action is used. Available values: `zoneLockdown`, `uaBlock`, - `bic`, `hot`, `securityLevel`, `rateLimit`, `waf`.' + description: |- + (Set of String) List of products to bypass for a request when the bypass action is used. Available values: zoneLockdown, uaBlock, bic, hot, securityLevel, rateLimit, waf. + List of products to bypass for a request when the bypass action is used. Available values: `zoneLockdown`, `uaBlock`, `bic`, `hot`, `securityLevel`, `rateLimit`, `waf`. items: type: string type: array + x-kubernetes-list-type: set zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -179,21 +199,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -206,8 +226,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -220,72 +241,262 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - action type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + action: + description: |- + (String) The action to apply to a matched request. Available values: block, challenge, allow, js_challenge, managed_challenge, log, bypass. + The action to apply to a matched request. Available values: `block`, `challenge`, `allow`, `js_challenge`, `managed_challenge`, `log`, `bypass`. type: string - policy: - description: Policies for referencing. + description: + description: |- + (String) A description of the rule to help identify it. + A description of the rule to help identify it. + type: string + filterId: + description: |- + (String) The identifier of the Filter to use for determining if the Firewall Rule should be triggered. + The identifier of the Filter to use for determining if the Firewall Rule should be triggered. + type: string + filterIdRef: + description: Reference to a Filter in filters to populate filterId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + filterIdSelector: + description: Selector for a Filter in filters to populate filterId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + paused: + description: |- + (Boolean) Whether this filter based firewall rule is currently paused. + Whether this filter based firewall rule is currently paused. + type: boolean + priority: + description: |- + (Number) The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. + The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. + type: number + products: + description: |- + (Set of String) List of products to bypass for a request when the bypass action is used. Available values: zoneLockdown, uaBlock, bic, hot, securityLevel, rateLimit, waf. + List of products to bypass for a request when the bypass action is used. Available values: `zoneLockdown`, `uaBlock`, `bic`, `hot`, `securityLevel`, `rateLimit`, `waf`. + items: + type: string + type: array + x-kubernetes-list-type: set + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -295,21 +506,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -319,17 +530,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -339,21 +552,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -368,21 +581,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -393,14 +607,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -415,12 +630,56 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.action is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.action) + || (has(self.initProvider) && has(self.initProvider.action))' status: description: RuleStatus defines the observed state of Rule. properties: atProvider: properties: + action: + description: |- + (String) The action to apply to a matched request. Available values: block, challenge, allow, js_challenge, managed_challenge, log, bypass. + The action to apply to a matched request. Available values: `block`, `challenge`, `allow`, `js_challenge`, `managed_challenge`, `log`, `bypass`. + type: string + description: + description: |- + (String) A description of the rule to help identify it. + A description of the rule to help identify it. + type: string + filterId: + description: |- + (String) The identifier of the Filter to use for determining if the Firewall Rule should be triggered. + The identifier of the Filter to use for determining if the Firewall Rule should be triggered. + type: string id: + description: (String) The ID of this resource. + type: string + paused: + description: |- + (Boolean) Whether this filter based firewall rule is currently paused. + Whether this filter based firewall rule is currently paused. + type: boolean + priority: + description: |- + (Number) The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. + The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without. + type: number + products: + description: |- + (Set of String) List of products to bypass for a request when the bypass action is used. Available values: zoneLockdown, uaBlock, bic, hot, securityLevel, rateLimit, waf. + List of products to bypass for a request when the bypass action is used. Available values: `zoneLockdown`, `uaBlock`, `bic`, `hot`, `securityLevel`, `rateLimit`, `waf`. + items: + type: string + type: array + x-kubernetes-list-type: set + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -429,13 +688,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -446,8 +707,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -456,6 +718,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -464,9 +729,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/lists.cloudflare.upbound.io_iplists.yaml b/package/crds/lists.cloudflare.upbound.io_iplists.yaml index 5335976..e7bf63e 100644 --- a/package/crds/lists.cloudflare.upbound.io_iplists.yaml +++ b/package/crds/lists.cloudflare.upbound.io_iplists.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: iplists.lists.cloudflare.upbound.io spec: group: lists.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: IPList is the Schema for the IPLists API. + description: IPList is the Schema for the IPLists API. Provides IP Lists to + be used in Firewall Rules across all zones within the same account. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + The ID of the account where the IP List is being created. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,70 +153,181 @@ spec: type: object type: object description: + description: 'A note that can be used to annotate the List. Maximum + Length: 500' type: string item: items: properties: comment: + description: A note that can be used to annotate the item. type: string value: + description: The IPv4 address, IPv4 CIDR or IPv6 CIDR. IPv6 + CIDRs are limited to a maximum of /64. type: string - required: - - value type: object type: array kind: + description: 'The kind of values in the List. Valid values: ip.' type: string name: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + The name of the list (used in filter expressions). Valid pattern: ^[a-zA-Z0-9_]+$. Maximum Length: 50 + **Modifying this attribute will force creation of a new resource.** type: string - required: - - kind - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The ID of the account where the IP List is being created. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + description: + description: 'A note that can be used to annotate the List. Maximum + Length: 500' + type: string + item: + items: + properties: + comment: + description: A note that can be used to annotate the item. + type: string + value: + description: The IPv4 address, IPv4 CIDR or IPv6 CIDR. IPv6 + CIDRs are limited to a maximum of /64. + type: string + type: object + type: array + kind: + description: 'The kind of values in the List. Valid values: ip.' + type: string + name: + description: |- + The name of the list (used in filter expressions). Valid pattern: ^[a-zA-Z0-9_]+$. Maximum Length: 50 + **Modifying this attribute will force creation of a new resource.** + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -213,21 +337,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -237,17 +361,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -257,21 +383,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -286,21 +412,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -311,14 +438,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -333,13 +461,51 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.kind is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.kind) + || (has(self.initProvider) && has(self.initProvider.kind))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: IPListStatus defines the observed state of IPList. properties: atProvider: properties: + accountId: + description: |- + The ID of the account where the IP List is being created. + The account identifier to target for the resource. + type: string + description: + description: 'A note that can be used to annotate the List. Maximum + Length: 500' + type: string id: type: string + item: + items: + properties: + comment: + description: A note that can be used to annotate the item. + type: string + value: + description: The IPv4 address, IPv4 CIDR or IPv6 CIDR. IPv6 + CIDRs are limited to a maximum of /64. + type: string + type: object + type: array + kind: + description: 'The kind of values in the List. Valid values: ip.' + type: string + name: + description: |- + The name of the list (used in filter expressions). Valid pattern: ^[a-zA-Z0-9_]+$. Maximum Length: 50 + **Modifying this attribute will force creation of a new resource.** + type: string type: object conditions: description: Conditions of the resource. @@ -347,13 +513,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -364,8 +532,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -374,6 +543,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -382,9 +554,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/lists.cloudflare.upbound.io_lists.yaml b/package/crds/lists.cloudflare.upbound.io_lists.yaml index 8a7562f..2af1dc7 100644 --- a/package/crds/lists.cloudflare.upbound.io_lists.yaml +++ b/package/crds/lists.cloudflare.upbound.io_lists.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: lists.lists.cloudflare.upbound.io spec: group: lists.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: List is the Schema for the Lists API. + description: List is the Schema for the Lists API. Provides Lists (IPs, Redirects) + to be used in Edge Rules Engine across all zones within the same account. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,116 +153,287 @@ spec: type: object type: object description: - description: An optional description of the list. + description: |- + (String) An optional description of the list. + An optional description of the list. type: string item: + description: (Block Set) (see below for nested schema) items: properties: comment: - description: An optional comment for the item. + description: |- + (String) An optional comment for the item. + An optional comment for the item. type: string value: + description: '(Block List, Min: 1, Max: 1) (see below for + nested schema)' items: properties: ip: + description: (String) type: string redirect: + description: (Block List) (see below for nested schema) items: properties: includeSubdomains: - description: 'Whether the redirect also matches - subdomains of the source url. Available values: - `disabled`, `enabled`.' + description: |- + (String) Whether the redirect also matches subdomains of the source url. Available values: disabled, enabled. + Whether the redirect also matches subdomains of the source url. Available values: `disabled`, `enabled`. type: string preservePathSuffix: - description: 'Whether to preserve the path suffix - when doing subpath matching. Available values: - `disabled`, `enabled`.' + description: |- + (String) Whether to preserve the path suffix when doing subpath matching. Available values: disabled, enabled. + Whether to preserve the path suffix when doing subpath matching. Available values: `disabled`, `enabled`. type: string preserveQueryString: - description: 'Whether the redirect target url - should keep the query string of the request''s - url. Available values: `disabled`, `enabled`.' + description: |- + (String) Whether the redirect target url should keep the query string of the request's url. Available values: disabled, enabled. + Whether the redirect target url should keep the query string of the request's url. Available values: `disabled`, `enabled`. type: string sourceUrl: - description: The source url of the redirect. + description: |- + (String) The source url of the redirect. + The source url of the redirect. type: string statusCode: - description: The status code to be used when - redirecting a request. + description: |- + (Number) The status code to be used when redirecting a request. + The status code to be used when redirecting a request. type: number subpathMatching: - description: 'Whether the redirect also matches - subpaths of the source url. Available values: - `disabled`, `enabled`.' + description: |- + (String) Whether the redirect also matches subpaths of the source url. Available values: disabled, enabled. + Whether the redirect also matches subpaths of the source url. Available values: `disabled`, `enabled`. type: string targetUrl: - description: The target url of the redirect. + description: |- + (String) The target url of the redirect. + The target url of the redirect. type: string - required: - - sourceUrl - - targetUrl type: object type: array type: object type: array - required: - - value type: object type: array kind: - description: The type of items the list will contain. + description: |- + (String) The type of items the list will contain. + The type of items the list will contain. type: string name: - description: The name of the list. **Modifying this attribute - will force creation of a new resource.** + description: |- + (String) The name of the list. Modifying this attribute will force creation of a new resource. + The name of the list. **Modifying this attribute will force creation of a new resource.** type: string - required: - - kind - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + description: + description: |- + (String) An optional description of the list. + An optional description of the list. + type: string + item: + description: (Block Set) (see below for nested schema) + items: + properties: + comment: + description: |- + (String) An optional comment for the item. + An optional comment for the item. + type: string + value: + description: '(Block List, Min: 1, Max: 1) (see below for + nested schema)' + items: + properties: + ip: + description: (String) + type: string + redirect: + description: (Block List) (see below for nested schema) + items: + properties: + includeSubdomains: + description: |- + (String) Whether the redirect also matches subdomains of the source url. Available values: disabled, enabled. + Whether the redirect also matches subdomains of the source url. Available values: `disabled`, `enabled`. + type: string + preservePathSuffix: + description: |- + (String) Whether to preserve the path suffix when doing subpath matching. Available values: disabled, enabled. + Whether to preserve the path suffix when doing subpath matching. Available values: `disabled`, `enabled`. + type: string + preserveQueryString: + description: |- + (String) Whether the redirect target url should keep the query string of the request's url. Available values: disabled, enabled. + Whether the redirect target url should keep the query string of the request's url. Available values: `disabled`, `enabled`. + type: string + sourceUrl: + description: |- + (String) The source url of the redirect. + The source url of the redirect. + type: string + statusCode: + description: |- + (Number) The status code to be used when redirecting a request. + The status code to be used when redirecting a request. + type: number + subpathMatching: + description: |- + (String) Whether the redirect also matches subpaths of the source url. Available values: disabled, enabled. + Whether the redirect also matches subpaths of the source url. Available values: `disabled`, `enabled`. + type: string + targetUrl: + description: |- + (String) The target url of the redirect. + The target url of the redirect. + type: string + type: object + type: array + type: object + type: array + type: object + type: array + kind: + description: |- + (String) The type of items the list will contain. + The type of items the list will contain. + type: string + name: + description: |- + (String) The name of the list. Modifying this attribute will force creation of a new resource. + The name of the list. **Modifying this attribute will force creation of a new resource.** + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -259,21 +443,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -283,17 +467,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -303,21 +489,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -332,21 +518,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -357,14 +544,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -379,12 +567,104 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.kind is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.kind) + || (has(self.initProvider) && has(self.initProvider.kind))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: ListStatus defines the observed state of List. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string + description: + description: |- + (String) An optional description of the list. + An optional description of the list. + type: string id: + description: (String) The ID of this resource. + type: string + item: + description: (Block Set) (see below for nested schema) + items: + properties: + comment: + description: |- + (String) An optional comment for the item. + An optional comment for the item. + type: string + value: + description: '(Block List, Min: 1, Max: 1) (see below for + nested schema)' + items: + properties: + ip: + description: (String) + type: string + redirect: + description: (Block List) (see below for nested schema) + items: + properties: + includeSubdomains: + description: |- + (String) Whether the redirect also matches subdomains of the source url. Available values: disabled, enabled. + Whether the redirect also matches subdomains of the source url. Available values: `disabled`, `enabled`. + type: string + preservePathSuffix: + description: |- + (String) Whether to preserve the path suffix when doing subpath matching. Available values: disabled, enabled. + Whether to preserve the path suffix when doing subpath matching. Available values: `disabled`, `enabled`. + type: string + preserveQueryString: + description: |- + (String) Whether the redirect target url should keep the query string of the request's url. Available values: disabled, enabled. + Whether the redirect target url should keep the query string of the request's url. Available values: `disabled`, `enabled`. + type: string + sourceUrl: + description: |- + (String) The source url of the redirect. + The source url of the redirect. + type: string + statusCode: + description: |- + (Number) The status code to be used when redirecting a request. + The status code to be used when redirecting a request. + type: number + subpathMatching: + description: |- + (String) Whether the redirect also matches subpaths of the source url. Available values: disabled, enabled. + Whether the redirect also matches subpaths of the source url. Available values: `disabled`, `enabled`. + type: string + targetUrl: + description: |- + (String) The target url of the redirect. + The target url of the redirect. + type: string + type: object + type: array + type: object + type: array + type: object + type: array + kind: + description: |- + (String) The type of items the list will contain. + The type of items the list will contain. + type: string + name: + description: |- + (String) The name of the list. Modifying this attribute will force creation of a new resource. + The name of the list. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -393,13 +673,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -410,8 +692,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -420,6 +703,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -428,9 +714,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/loadbalancer.cloudflare.upbound.io_loadbalancers.yaml b/package/crds/loadbalancer.cloudflare.upbound.io_loadbalancers.yaml index 9714796..eba9f3f 100644 --- a/package/crds/loadbalancer.cloudflare.upbound.io_loadbalancers.yaml +++ b/package/crds/loadbalancer.cloudflare.upbound.io_loadbalancers.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: loadbalancers.loadbalancer.cloudflare.upbound.io spec: group: loadbalancer.cloudflare.upbound.io @@ -35,17 +34,26 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: LoadBalancer is the Schema for the LoadBalancers API. + description: LoadBalancer is the Schema for the LoadBalancers API. Provides + a Cloudflare Load Balancer resource. This sits in front of a number of defined + pools of origins and provides various options for geographically-aware load + balancing. Note that the load balancing feature must be enabled in your + Cloudflare account before you can use this resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +62,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,36 +77,33 @@ spec: forProvider: properties: adaptiveRouting: - description: Controls features that modify the routing of requests - to pools and origins in response to dynamic conditions, such - as during the interval between active health monitoring requests. + description: |- + (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) + Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. items: properties: failoverAcrossPools: - description: Extends zero-downtime failover of requests - to healthy origins from alternate pools, when no healthy - alternate exists in the same pool, according to the failover - order defined by traffic and origin steering. When set - `false`, zero-downtime failover will only occur between - origins within the same pool. Defaults to `false`. + description: |- + downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. + Extends zero-downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set `false`, zero-downtime failover will only occur between origins within the same pool. Defaults to `false`. type: boolean type: object type: array countryPools: - description: A set containing mappings of country codes to a list - of pool IDs (ordered by their failover priority) for the given - country. + description: |- + (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) + A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. items: properties: country: - description: A country code which can be determined with - the Load Balancing Regions API described [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/). - Multiple entries should not be specified with the same - country. + description: |- + (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. + A country code which can be determined with the Load Balancing Regions API described [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/). Multiple entries should not be specified with the same country. type: string poolIds: - description: A list of pool IDs in failover priority to - use in the given country. + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + A list of pool IDs in failover priority to use in the given country. items: type: string type: array @@ -110,23 +120,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is - 'Required', which means the reconcile will fail - if the reference cannot be resolved. 'Optional' - means this reference will be a no-op if it cannot - be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference - should be resolved. The default is 'IfNotPresent', - which will attempt to resolve the reference - only when the corresponding field is not present. - Use 'Always' to resolve the reference on every - reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,9 +148,9 @@ spec: description: Selector for a list of Pool to populate poolIds. properties: matchControllerRef: - description: MatchControllerRef ensures an object with - the same controller reference as the selecting object - is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -155,36 +163,901 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is - 'Required', which means the reconcile will fail - if the reference cannot be resolved. 'Optional' - means this reference will be a no-op if it cannot - be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference - should be resolved. The default is 'IfNotPresent', - which will attempt to resolve the reference only - when the corresponding field is not present. Use - 'Always' to resolve the reference on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object + type: object + type: array + defaultPoolIds: + description: |- + (List of String) A list of pool IDs ordered by their failover priority. Used whenever pop_pools/country_pools/region_pools are not defined. + A list of pool IDs ordered by their failover priority. Used whenever [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) are not defined. + items: + type: string + type: array + defaultPoolIdsRefs: + description: References to Pool to populate defaultPoolIds. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object required: - - country + - name + type: object + type: array + defaultPoolIdsSelector: + description: Selector for a list of Pool to populate defaultPoolIds. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + description: + description: |- + (String) Free text description. + Free text description. + type: string + enabled: + description: |- + (Boolean) Enable or disable the load balancer. Defaults to true. + Enable or disable the load balancer. Defaults to `true`. + type: boolean + fallbackPoolId: + description: |- + (String) The pool ID to use when all other pools are detected as unhealthy. + The pool ID to use when all other pools are detected as unhealthy. + type: string + fallbackPoolIdRef: + description: Reference to a Pool to populate fallbackPoolId. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + fallbackPoolIdSelector: + description: Selector for a Pool to populate fallbackPoolId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + locationStrategy: + description: |- + based steering for non-proxied requests. (see below for nested schema) + Controls location-based steering for non-proxied requests. + items: + properties: + mode: + description: |- + (String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop. + Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value `pop` will use the Cloudflare PoP location. Value `resolver_ip` will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: `pop`, `resolver_ip`. Defaults to `pop`. + type: string + preferEcs: + description: |- + (String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity. + Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value `always` will always prefer ECS, `never` will never prefer ECS, `proximity` will prefer ECS only when [`steering_policy="proximity"`](#steering_policy), and `geo` will prefer ECS only when [`steering_policy="geo"`](#steering_policy). Available values: `always`, `never`, `proximity`, `geo`. Defaults to `proximity`. + type: string + type: object + type: array + name: + description: |- + (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + type: string + popPools: + description: |- + of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) + A set containing mappings of Cloudflare Point-of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. + items: + properties: + poolIds: + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + A list of pool IDs in failover priority to use for traffic reaching the given PoP. + items: + type: string + type: array + poolIdsRefs: + description: References to Pool to populate poolIds. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + poolIdsSelector: + description: Selector for a list of Pool to populate poolIds. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + pop: + description: |- + letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. + A 3-letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the [status page](https://www.cloudflarestatus.com/). Multiple entries should not be specified with the same PoP. + type: string + type: object + type: array + proxied: + description: |- + (Boolean) Whether the hostname gets Cloudflare's origin protection. Defaults to false. Conflicts with ttl. + Whether the hostname gets Cloudflare's origin protection. Defaults to `false`. Conflicts with `ttl`. + type: boolean + randomSteering: + description: |- + (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) + Configures pool weights for random steering. When the [`steering_policy="random"`](#steering_policy), a random pool is selected with probability proportional to these pool weights. + items: + properties: + defaultWeight: + description: |- + (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. + The default weight for pools in the load balancer that are not specified in the [`pool_weights`](#pool_weights) map. + type: number + poolWeights: + additionalProperties: + type: number + description: |- + (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + type: object + x-kubernetes-map-type: granular + type: object + type: array + regionPools: + description: |- + (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) + A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. + items: + properties: + poolIds: + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + A list of pool IDs in failover priority to use in the given region. + items: + type: string + type: array + poolIdsRefs: + description: References to Pool to populate poolIds. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + poolIdsSelector: + description: Selector for a list of Pool to populate poolIds. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + region: + description: |- + (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. + A region code which must be in the list defined [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/#list-of-load-balancer-regions). Multiple entries should not be specified with the same region. + type: string + type: object + type: array + rules: + description: |- + (Block List) A list of rules for this load balancer to execute. (see below for nested schema) + A list of rules for this load balancer to execute. + items: + properties: + condition: + description: |- + (String) The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See load balancing rules. + The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See [load balancing rules](https://developers.cloudflare.com/load-balancing/understand-basics/load-balancing-rules). + type: string + disabled: + description: |- + (Boolean) A disabled rule will not be executed. + A disabled rule will not be executed. + type: boolean + fixedResponse: + description: |- + (Block List, Max: 1) Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: overrides or fixed_response must be set. (see below for nested schema) + Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: [`overrides`](#overrides) or [`fixed_response`](#fixed_response) must be set. + items: + properties: + contentType: + description: |- + type header for this fixed response. + The value of the HTTP context-type header for this fixed response. + type: string + location: + description: |- + (String) The value of the HTTP location header for this fixed response. + The value of the HTTP location header for this fixed response. + type: string + messageBody: + description: |- + (String) The text used as the html body for this fixed response. + The text used as the html body for this fixed response. + type: string + statusCode: + description: |- + (Number) The HTTP status code used for this fixed response. + The HTTP status code used for this fixed response. + type: number + type: object + type: array + name: + description: |- + (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + Human readable name for this rule. + type: string + overrides: + description: |- + (Block List) The load balancer settings to alter if this rule's condition is true. Note: overrides or fixed_response must be set. (see below for nested schema) + The load balancer settings to alter if this rule's [`condition`](#condition) is true. Note: [`overrides`](#overrides) or [`fixed_response`](#fixed_response) must be set. + items: + properties: + adaptiveRouting: + description: |- + (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) + See [`adaptive_routing`](#adaptive_routing). + items: + properties: + failoverAcrossPools: + description: |- + downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. + See [`failover_across_pools`](#failover_across_pools). + type: boolean + type: object + type: array + countryPools: + description: |- + (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) + See [`country_pools`](#country_pools). + items: + properties: + country: + description: |- + (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. + See [`country`](#country). + type: string + poolIds: + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + See [`pool_ids`](#pool_ids). + items: + type: string + type: array + type: object + type: array + defaultPools: + description: |- + (List of String) See default_pool_ids. + See [`default_pool_ids`](#default_pool_ids). + items: + type: string + type: array + fallbackPool: + description: |- + (String) See fallback_pool_id. + See [`fallback_pool_id`](#fallback_pool_id). + type: string + locationStrategy: + description: |- + based steering for non-proxied requests. (see below for nested schema) + See [`location_strategy`](#location_strategy). + items: + properties: + mode: + description: |- + (String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop. + See [`mode`](#mode). + type: string + preferEcs: + description: |- + (String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity. + See [`prefer_ecs`](#prefer_ecs). + type: string + type: object + type: array + popPools: + description: |- + of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) + See [`pop_pools`](#pop_pools). + items: + properties: + poolIds: + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + See [`pool_ids`](#pool_ids). + items: + type: string + type: array + pop: + description: |- + letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. + See [`pop`](#pop). + type: string + type: object + type: array + randomSteering: + description: |- + (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) + See [`random_steering`](#random_steering). + items: + properties: + defaultWeight: + description: |- + (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. + See [`default_weight`](#default_weight). + type: number + poolWeights: + additionalProperties: + type: number + description: |- + (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + See [`pool_weights`](#pool_weights). + type: object + x-kubernetes-map-type: granular + type: object + type: array + regionPools: + description: |- + (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) + See [`region_pools`](#region_pools). + items: + properties: + poolIds: + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + See [`pool_ids`](#pool_ids). + items: + type: string + type: array + region: + description: |- + (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. + See [`region`](#region). + type: string + type: object + type: array + sessionAffinity: + description: |- + (String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client's IP address. Available values: "", none, cookie, ip_cookie. Defaults to none. + See [`session_affinity`](#session_affinity). + type: string + sessionAffinityAttributes: + additionalProperties: + type: string + description: |- + (Map of String) See session_affinity_attributes. + See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). Note that the property [`drain_duration`](#drain_duration) is not currently supported as a rule override. + type: object + x-kubernetes-map-type: granular + sessionAffinityTtl: + description: |- + (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. + See [`session_affinity_ttl`](#session_affinity_ttl). + type: number + steeringPolicy: + description: |- + proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "". + See [`steering_policy`](#steering_policy). + type: string + ttl: + description: |- + (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. + See [`ttl`](#ttl). + type: number + type: object + type: array + priority: + description: |- + (Number) Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. + Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. + type: number + terminates: + description: |- + (Boolean) Terminates indicates that if this rule is true no further rules should be executed. Note: setting a fixed_response forces this field to true. + Terminates indicates that if this rule is true no further rules should be executed. Note: setting a [`fixed_response`](#fixed_response) forces this field to `true`. + type: boolean + type: object + type: array + sessionAffinity: + description: |- + (String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client's IP address. Available values: "", none, cookie, ip_cookie. Defaults to none. + Specifies the type of session affinity the load balancer should use unless specified as `none` or `""` (default). With value `cookie`, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value `ip_cookie` behaves the same as `cookie` except the initial origin selection is stable and based on the client's IP address. Available values: `""`, `none`, `cookie`, `ip_cookie`. Defaults to `none`. + type: string + sessionAffinityAttributes: + additionalProperties: + type: string + description: |- + (Map of String) See session_affinity_attributes. + See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). + type: object + x-kubernetes-map-type: granular + sessionAffinityTtl: + description: |- + (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. + Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of `82800` (23 hours) will be used unless [`session_affinity_ttl`](#session_affinity_ttl) is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between `1800` and `604800`. + type: number + steeringPolicy: + description: |- + proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "". + The method the load balancer uses to determine the route to your origin. Value `off` uses [`default_pool_ids`](#default_pool_ids). Value `geo` uses [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools). For non-proxied requests, the [`country`](#country) for [`country_pools`](#country_pools) is determined by [`location_strategy`](#location_strategy). Value `random` selects a pool randomly. Value `dynamic_latency` uses round trip time to select the closest pool in [`default_pool_ids`](#default_pool_ids) (requires pool health checks). Value `proximity` uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by [`location_strategy`](#location_strategy) for non-proxied requests. Value `""` maps to `geo` if you use [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) otherwise `off`. Available values: `off`, `geo`, `dynamic_latency`, `random`, `proximity`, `""` Defaults to `""`. + type: string + ttl: + description: |- + (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. + Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to `30`. Conflicts with `proxied`. + type: number + zoneId: + description: |- + (String) The zone ID to add the load balancer to. Modifying this attribute will force creation of a new resource. + The zone ID to add the load balancer to. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + type: object + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. + properties: + adaptiveRouting: + description: |- + (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) + Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. + items: + properties: + failoverAcrossPools: + description: |- + downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. + Extends zero-downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set `false`, zero-downtime failover will only occur between origins within the same pool. Defaults to `false`. + type: boolean + type: object + type: array + countryPools: + description: |- + (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) + A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. + items: + properties: + country: + description: |- + (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. + A country code which can be determined with the Load Balancing Regions API described [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/). Multiple entries should not be specified with the same country. + type: string + poolIds: + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + A list of pool IDs in failover priority to use in the given country. + items: + type: string + type: array + poolIdsRefs: + description: References to Pool to populate poolIds. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + poolIdsSelector: + description: Selector for a list of Pool to populate poolIds. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object type: array defaultPoolIds: - description: A list of pool IDs ordered by their failover priority. - Used whenever [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) - are not defined. + description: |- + (List of String) A list of pool IDs ordered by their failover priority. Used whenever pop_pools/country_pools/region_pools are not defined. + A list of pool IDs ordered by their failover priority. Used whenever [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) are not defined. items: type: string type: array @@ -201,21 +1074,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which - will attempt to resolve the reference only when the - corresponding field is not present. Use 'Always' to - resolve the reference on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -229,8 +1102,9 @@ spec: description: Selector for a list of Pool to populate defaultPoolIds. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -243,21 +1117,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -265,15 +1139,19 @@ spec: type: object type: object description: - description: Free text description. + description: |- + (String) Free text description. + Free text description. type: string enabled: - description: Enable or disable the load balancer. Defaults to - `true`. + description: |- + (Boolean) Enable or disable the load balancer. Defaults to true. + Enable or disable the load balancer. Defaults to `true`. type: boolean fallbackPoolId: - description: The pool ID to use when all other pools are detected - as unhealthy. + description: |- + (String) The pool ID to use when all other pools are detected as unhealthy. + The pool ID to use when all other pools are detected as unhealthy. type: string fallbackPoolIdRef: description: Reference to a Pool to populate fallbackPoolId. @@ -286,21 +1164,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -313,8 +1191,9 @@ spec: description: Selector for a Pool to populate fallbackPoolId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -327,21 +1206,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -349,46 +1228,38 @@ spec: type: object type: object locationStrategy: - description: Controls location-based steering for non-proxied - requests. + description: |- + based steering for non-proxied requests. (see below for nested schema) + Controls location-based steering for non-proxied requests. items: properties: mode: - description: 'Determines the authoritative location when - ECS is not preferred, does not exist in the request, or - its GeoIP lookup is unsuccessful. Value `pop` will use - the Cloudflare PoP location. Value `resolver_ip` will - use the DNS resolver GeoIP location. If the GeoIP lookup - is unsuccessful, it will use the Cloudflare PoP location. - Available values: `pop`, `resolver_ip`. Defaults to `pop`.' + description: |- + (String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop. + Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value `pop` will use the Cloudflare PoP location. Value `resolver_ip` will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: `pop`, `resolver_ip`. Defaults to `pop`. type: string preferEcs: - description: 'Whether the EDNS Client Subnet (ECS) GeoIP - should be preferred as the authoritative location. Value - `always` will always prefer ECS, `never` will never prefer - ECS, `proximity` will prefer ECS only when [`steering_policy="proximity"`](#steering_policy), - and `geo` will prefer ECS only when [`steering_policy="geo"`](#steering_policy). - Available values: `always`, `never`, `proximity`, `geo`. - Defaults to `proximity`.' + description: |- + (String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity. + Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value `always` will always prefer ECS, `never` will never prefer ECS, `proximity` will prefer ECS only when [`steering_policy="proximity"`](#steering_policy), and `geo` will prefer ECS only when [`steering_policy="geo"`](#steering_policy). Available values: `always`, `never`, `proximity`, `geo`. Defaults to `proximity`. type: string type: object type: array name: - description: The DNS hostname to associate with your load balancer. - If this hostname already exists as a DNS record in Cloudflare's - DNS, the load balancer will take precedence and the DNS record - will not be used. + description: |- + (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. type: string popPools: - description: A set containing mappings of Cloudflare Point-of-Presence - (PoP) identifiers to a list of pool IDs (ordered by their failover - priority) for the PoP (datacenter). This feature is only available - to enterprise customers. + description: |- + of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) + A set containing mappings of Cloudflare Point-of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. items: properties: poolIds: - description: A list of pool IDs in failover priority to - use for traffic reaching the given PoP. + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + A list of pool IDs in failover priority to use for traffic reaching the given PoP. items: type: string type: array @@ -405,23 +1276,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is - 'Required', which means the reconcile will fail - if the reference cannot be resolved. 'Optional' - means this reference will be a no-op if it cannot - be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference - should be resolved. The default is 'IfNotPresent', - which will attempt to resolve the reference - only when the corresponding field is not present. - Use 'Always' to resolve the reference on every - reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -435,9 +1304,9 @@ spec: description: Selector for a list of Pool to populate poolIds. properties: matchControllerRef: - description: MatchControllerRef ensures an object with - the same controller reference as the selecting object - is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -450,22 +1319,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is - 'Required', which means the reconcile will fail - if the reference cannot be resolved. 'Optional' - means this reference will be a no-op if it cannot - be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference - should be resolved. The default is 'IfNotPresent', - which will attempt to resolve the reference only - when the corresponding field is not present. Use - 'Always' to resolve the reference on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -473,49 +1341,48 @@ spec: type: object type: object pop: - description: A 3-letter code for the Point-of-Presence. - Allowed values can be found in the list of datacenters - on the [status page](https://www.cloudflarestatus.com/). - Multiple entries should not be specified with the same - PoP. + description: |- + letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. + A 3-letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the [status page](https://www.cloudflarestatus.com/). Multiple entries should not be specified with the same PoP. type: string - required: - - pop type: object type: array proxied: - description: Whether the hostname gets Cloudflare's origin protection. - Defaults to `false`. Conflicts with `ttl`. + description: |- + (Boolean) Whether the hostname gets Cloudflare's origin protection. Defaults to false. Conflicts with ttl. + Whether the hostname gets Cloudflare's origin protection. Defaults to `false`. Conflicts with `ttl`. type: boolean randomSteering: - description: Configures pool weights for random steering. When - the [`steering_policy="random"`](#steering_policy), a random - pool is selected with probability proportional to these pool - weights. + description: |- + (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) + Configures pool weights for random steering. When the [`steering_policy="random"`](#steering_policy), a random pool is selected with probability proportional to these pool weights. items: properties: defaultWeight: - description: The default weight for pools in the load balancer - that are not specified in the [`pool_weights`](#pool_weights) - map. + description: |- + (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. + The default weight for pools in the load balancer that are not specified in the [`pool_weights`](#pool_weights) map. type: number poolWeights: additionalProperties: type: number - description: A mapping of pool IDs to custom weights. The - weight is relative to other pools in the load balancer. + description: |- + (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. type: object + x-kubernetes-map-type: granular type: object type: array regionPools: - description: A set containing mappings of region codes to a list - of pool IDs (ordered by their failover priority) for the given - region. + description: |- + (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) + A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. items: properties: poolIds: - description: A list of pool IDs in failover priority to - use in the given region. + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + A list of pool IDs in failover priority to use in the given region. items: type: string type: array @@ -532,23 +1399,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is - 'Required', which means the reconcile will fail - if the reference cannot be resolved. 'Optional' - means this reference will be a no-op if it cannot - be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference - should be resolved. The default is 'IfNotPresent', - which will attempt to resolve the reference - only when the corresponding field is not present. - Use 'Always' to resolve the reference on every - reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -562,9 +1427,9 @@ spec: description: Selector for a list of Pool to populate poolIds. properties: matchControllerRef: - description: MatchControllerRef ensures an object with - the same controller reference as the selecting object - is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -577,22 +1442,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is - 'Required', which means the reconcile will fail - if the reference cannot be resolved. 'Optional' - means this reference will be a no-op if it cannot - be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference - should be resolved. The default is 'IfNotPresent', - which will attempt to resolve the reference only - when the corresponding field is not present. Use - 'Always' to resolve the reference on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -600,244 +1464,265 @@ spec: type: object type: object region: - description: A region code which must be in the list defined - [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/#list-of-load-balancer-regions). - Multiple entries should not be specified with the same - region. + description: |- + (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. + A region code which must be in the list defined [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/#list-of-load-balancer-regions). Multiple entries should not be specified with the same region. type: string - required: - - region type: object type: array rules: - description: A list of rules for this load balancer to execute. + description: |- + (Block List) A list of rules for this load balancer to execute. (see below for nested schema) + A list of rules for this load balancer to execute. items: properties: condition: - description: The statement to evaluate to determine if this - rule's effects should be applied. An empty condition is - always true. See [load balancing rules](https://developers.cloudflare.com/load-balancing/understand-basics/load-balancing-rules). + description: |- + (String) The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See load balancing rules. + The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See [load balancing rules](https://developers.cloudflare.com/load-balancing/understand-basics/load-balancing-rules). type: string disabled: - description: A disabled rule will not be executed. + description: |- + (Boolean) A disabled rule will not be executed. + A disabled rule will not be executed. type: boolean fixedResponse: - description: 'Settings for a HTTP response to return directly - to the eyeball if the condition is true. Note: [`overrides`](#overrides) - or [`fixed_response`](#fixed_response) must be set.' + description: |- + (Block List, Max: 1) Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: overrides or fixed_response must be set. (see below for nested schema) + Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: [`overrides`](#overrides) or [`fixed_response`](#fixed_response) must be set. items: properties: contentType: - description: The value of the HTTP context-type header - for this fixed response. + description: |- + type header for this fixed response. + The value of the HTTP context-type header for this fixed response. type: string location: - description: The value of the HTTP location header - for this fixed response. + description: |- + (String) The value of the HTTP location header for this fixed response. + The value of the HTTP location header for this fixed response. type: string messageBody: - description: The text used as the html body for this - fixed response. + description: |- + (String) The text used as the html body for this fixed response. + The text used as the html body for this fixed response. type: string statusCode: - description: The HTTP status code used for this fixed - response. + description: |- + (Number) The HTTP status code used for this fixed response. + The HTTP status code used for this fixed response. type: number type: object type: array name: - description: Human readable name for this rule. + description: |- + (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + Human readable name for this rule. type: string overrides: - description: 'The load balancer settings to alter if this - rule''s [`condition`](#condition) is true. Note: [`overrides`](#overrides) - or [`fixed_response`](#fixed_response) must be set.' + description: |- + (Block List) The load balancer settings to alter if this rule's condition is true. Note: overrides or fixed_response must be set. (see below for nested schema) + The load balancer settings to alter if this rule's [`condition`](#condition) is true. Note: [`overrides`](#overrides) or [`fixed_response`](#fixed_response) must be set. items: properties: adaptiveRouting: - description: See [`adaptive_routing`](#adaptive_routing). + description: |- + (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) + See [`adaptive_routing`](#adaptive_routing). items: properties: failoverAcrossPools: - description: See [`failover_across_pools`](#failover_across_pools). + description: |- + downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. + See [`failover_across_pools`](#failover_across_pools). type: boolean type: object type: array countryPools: - description: See [`country_pools`](#country_pools). + description: |- + (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) + See [`country_pools`](#country_pools). items: properties: country: - description: See [`country`](#country). + description: |- + (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. + See [`country`](#country). type: string poolIds: - description: See [`pool_ids`](#pool_ids). + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + See [`pool_ids`](#pool_ids). items: type: string type: array - required: - - country - - poolIds type: object type: array defaultPools: - description: See [`default_pool_ids`](#default_pool_ids). + description: |- + (List of String) See default_pool_ids. + See [`default_pool_ids`](#default_pool_ids). items: type: string type: array fallbackPool: - description: See [`fallback_pool_id`](#fallback_pool_id). + description: |- + (String) See fallback_pool_id. + See [`fallback_pool_id`](#fallback_pool_id). type: string locationStrategy: - description: See [`location_strategy`](#location_strategy). + description: |- + based steering for non-proxied requests. (see below for nested schema) + See [`location_strategy`](#location_strategy). items: properties: mode: - description: See [`mode`](#mode). + description: |- + (String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop. + See [`mode`](#mode). type: string preferEcs: - description: See [`prefer_ecs`](#prefer_ecs). + description: |- + (String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity. + See [`prefer_ecs`](#prefer_ecs). type: string type: object type: array popPools: - description: See [`pop_pools`](#pop_pools). + description: |- + of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) + See [`pop_pools`](#pop_pools). items: properties: poolIds: - description: See [`pool_ids`](#pool_ids). + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + See [`pool_ids`](#pool_ids). items: type: string type: array pop: - description: See [`pop`](#pop). + description: |- + letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. + See [`pop`](#pop). type: string - required: - - poolIds - - pop type: object type: array randomSteering: - description: See [`random_steering`](#random_steering). + description: |- + (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) + See [`random_steering`](#random_steering). items: properties: defaultWeight: - description: See [`default_weight`](#default_weight). + description: |- + (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. + See [`default_weight`](#default_weight). type: number poolWeights: additionalProperties: type: number - description: See [`pool_weights`](#pool_weights). + description: |- + (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + See [`pool_weights`](#pool_weights). type: object + x-kubernetes-map-type: granular type: object type: array regionPools: - description: See [`region_pools`](#region_pools). + description: |- + (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) + See [`region_pools`](#region_pools). items: properties: poolIds: - description: See [`pool_ids`](#pool_ids). + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + See [`pool_ids`](#pool_ids). items: type: string type: array region: - description: See [`region`](#region). + description: |- + (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. + See [`region`](#region). type: string - required: - - poolIds - - region type: object type: array sessionAffinity: - description: See [`session_affinity`](#session_affinity). + description: |- + (String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client's IP address. Available values: "", none, cookie, ip_cookie. Defaults to none. + See [`session_affinity`](#session_affinity). type: string sessionAffinityAttributes: additionalProperties: type: string - description: See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). - Note that the property [`drain_duration`](#drain_duration) - is not currently supported as a rule override. + description: |- + (Map of String) See session_affinity_attributes. + See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). Note that the property [`drain_duration`](#drain_duration) is not currently supported as a rule override. type: object + x-kubernetes-map-type: granular sessionAffinityTtl: - description: See [`session_affinity_ttl`](#session_affinity_ttl). + description: |- + (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. + See [`session_affinity_ttl`](#session_affinity_ttl). type: number steeringPolicy: - description: See [`steering_policy`](#steering_policy). + description: |- + proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "". + See [`steering_policy`](#steering_policy). type: string ttl: - description: See [`ttl`](#ttl). + description: |- + (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. + See [`ttl`](#ttl). type: number type: object type: array priority: - description: Priority used when determining the order of - rule execution. Lower values are executed first. If not - provided, the list order will be used. + description: |- + (Number) Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. + Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. type: number terminates: - description: 'Terminates indicates that if this rule is - true no further rules should be executed. Note: setting - a [`fixed_response`](#fixed_response) forces this field - to `true`.' + description: |- + (Boolean) Terminates indicates that if this rule is true no further rules should be executed. Note: setting a fixed_response forces this field to true. + Terminates indicates that if this rule is true no further rules should be executed. Note: setting a [`fixed_response`](#fixed_response) forces this field to `true`. type: boolean - required: - - name type: object type: array sessionAffinity: - description: 'Specifies the type of session affinity the load - balancer should use unless specified as `none` or `""` (default). - With value `cookie`, on the first request to a proxied load - balancer, a cookie is generated, encoding information of which - origin the request will be forwarded to. Subsequent requests, - by the same client to the same load balancer, will be sent to - the origin server the cookie encodes, for the duration of the - cookie and as long as the origin server remains healthy. If - the cookie has expired or the origin server is unhealthy then - a new origin server is calculated and used. Value `ip_cookie` - behaves the same as `cookie` except the initial origin selection - is stable and based on the client''s IP address. Available values: - `""`, `none`, `cookie`, `ip_cookie`. Defaults to `none`.' + description: |- + (String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client's IP address. Available values: "", none, cookie, ip_cookie. Defaults to none. + Specifies the type of session affinity the load balancer should use unless specified as `none` or `""` (default). With value `cookie`, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value `ip_cookie` behaves the same as `cookie` except the initial origin selection is stable and based on the client's IP address. Available values: `""`, `none`, `cookie`, `ip_cookie`. Defaults to `none`. type: string sessionAffinityAttributes: additionalProperties: type: string - description: See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). + description: |- + (Map of String) See session_affinity_attributes. + See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). type: object + x-kubernetes-map-type: granular sessionAffinityTtl: - description: Time, in seconds, until this load balancer's session - affinity cookie expires after being created. This parameter - is ignored unless a supported session affinity policy is set. - The current default of `82800` (23 hours) will be used unless - [`session_affinity_ttl`](#session_affinity_ttl) is explicitly - set. Once the expiry time has been reached, subsequent requests - may get sent to a different origin server. Valid values are - between `1800` and `604800`. + description: |- + (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. + Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of `82800` (23 hours) will be used unless [`session_affinity_ttl`](#session_affinity_ttl) is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between `1800` and `604800`. type: number steeringPolicy: - description: 'The method the load balancer uses to determine the - route to your origin. Value `off` uses [`default_pool_ids`](#default_pool_ids). - Value `geo` uses [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools). - For non-proxied requests, the [`country`](#country) for [`country_pools`](#country_pools) - is determined by [`location_strategy`](#location_strategy). - Value `random` selects a pool randomly. Value `dynamic_latency` - uses round trip time to select the closest pool in [`default_pool_ids`](#default_pool_ids) - (requires pool health checks). Value `proximity` uses the pools'' - latitude and longitude to select the closest pool using the - Cloudflare PoP location for proxied requests or the location - determined by [`location_strategy`](#location_strategy) for - non-proxied requests. Value `""` maps to `geo` if you use [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) - otherwise `off`. Available values: `off`, `geo`, `dynamic_latency`, - `random`, `proximity`, `""` Defaults to `""`.' + description: |- + proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "". + The method the load balancer uses to determine the route to your origin. Value `off` uses [`default_pool_ids`](#default_pool_ids). Value `geo` uses [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools). For non-proxied requests, the [`country`](#country) for [`country_pools`](#country_pools) is determined by [`location_strategy`](#location_strategy). Value `random` selects a pool randomly. Value `dynamic_latency` uses round trip time to select the closest pool in [`default_pool_ids`](#default_pool_ids) (requires pool health checks). Value `proximity` uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by [`location_strategy`](#location_strategy) for non-proxied requests. Value `""` maps to `geo` if you use [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) otherwise `off`. Available values: `off`, `geo`, `dynamic_latency`, `random`, `proximity`, `""` Defaults to `""`. type: string ttl: - description: Time to live (TTL) of the DNS entry for the IP address - returned by this load balancer. This cannot be set for proxied - load balancers. Defaults to `30`. Conflicts with `proxied`. + description: |- + (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. + Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to `30`. Conflicts with `proxied`. type: number zoneId: - description: The zone ID to add the load balancer to. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone ID to add the load balancer to. Modifying this attribute will force creation of a new resource. + The zone ID to add the load balancer to. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -850,21 +1735,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -877,8 +1762,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -891,72 +1777,62 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - name type: object + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -966,21 +1842,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -990,17 +1866,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -1010,21 +1888,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -1039,21 +1917,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -1064,14 +1943,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -1086,20 +1966,426 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: LoadBalancerStatus defines the observed state of LoadBalancer. properties: atProvider: properties: + adaptiveRouting: + description: |- + (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) + Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. + items: + properties: + failoverAcrossPools: + description: |- + downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. + Extends zero-downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set `false`, zero-downtime failover will only occur between origins within the same pool. Defaults to `false`. + type: boolean + type: object + type: array + countryPools: + description: |- + (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) + A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. + items: + properties: + country: + description: |- + (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. + A country code which can be determined with the Load Balancing Regions API described [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/). Multiple entries should not be specified with the same country. + type: string + poolIds: + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + A list of pool IDs in failover priority to use in the given country. + items: + type: string + type: array + type: object + type: array createdOn: - description: The RFC3339 timestamp of when the load balancer was - created. + description: |- + (String) The RFC3339 timestamp of when the load balancer was created. + The RFC3339 timestamp of when the load balancer was created. + type: string + defaultPoolIds: + description: |- + (List of String) A list of pool IDs ordered by their failover priority. Used whenever pop_pools/country_pools/region_pools are not defined. + A list of pool IDs ordered by their failover priority. Used whenever [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) are not defined. + items: + type: string + type: array + description: + description: |- + (String) Free text description. + Free text description. + type: string + enabled: + description: |- + (Boolean) Enable or disable the load balancer. Defaults to true. + Enable or disable the load balancer. Defaults to `true`. + type: boolean + fallbackPoolId: + description: |- + (String) The pool ID to use when all other pools are detected as unhealthy. + The pool ID to use when all other pools are detected as unhealthy. type: string id: + description: (String) The ID of this resource. type: string + locationStrategy: + description: |- + based steering for non-proxied requests. (see below for nested schema) + Controls location-based steering for non-proxied requests. + items: + properties: + mode: + description: |- + (String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop. + Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value `pop` will use the Cloudflare PoP location. Value `resolver_ip` will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: `pop`, `resolver_ip`. Defaults to `pop`. + type: string + preferEcs: + description: |- + (String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity. + Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value `always` will always prefer ECS, `never` will never prefer ECS, `proximity` will prefer ECS only when [`steering_policy="proximity"`](#steering_policy), and `geo` will prefer ECS only when [`steering_policy="geo"`](#steering_policy). Available values: `always`, `never`, `proximity`, `geo`. Defaults to `proximity`. + type: string + type: object + type: array modifiedOn: - description: The RFC3339 timestamp of when the load balancer was - last modified. + description: |- + (String) The RFC3339 timestamp of when the load balancer was last modified. + The RFC3339 timestamp of when the load balancer was last modified. + type: string + name: + description: |- + (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + type: string + popPools: + description: |- + of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) + A set containing mappings of Cloudflare Point-of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. + items: + properties: + poolIds: + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + A list of pool IDs in failover priority to use for traffic reaching the given PoP. + items: + type: string + type: array + pop: + description: |- + letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. + A 3-letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the [status page](https://www.cloudflarestatus.com/). Multiple entries should not be specified with the same PoP. + type: string + type: object + type: array + proxied: + description: |- + (Boolean) Whether the hostname gets Cloudflare's origin protection. Defaults to false. Conflicts with ttl. + Whether the hostname gets Cloudflare's origin protection. Defaults to `false`. Conflicts with `ttl`. + type: boolean + randomSteering: + description: |- + (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) + Configures pool weights for random steering. When the [`steering_policy="random"`](#steering_policy), a random pool is selected with probability proportional to these pool weights. + items: + properties: + defaultWeight: + description: |- + (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. + The default weight for pools in the load balancer that are not specified in the [`pool_weights`](#pool_weights) map. + type: number + poolWeights: + additionalProperties: + type: number + description: |- + (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + type: object + x-kubernetes-map-type: granular + type: object + type: array + regionPools: + description: |- + (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) + A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. + items: + properties: + poolIds: + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + A list of pool IDs in failover priority to use in the given region. + items: + type: string + type: array + region: + description: |- + (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. + A region code which must be in the list defined [here](https://developers.cloudflare.com/load-balancing/reference/region-mapping-api/#list-of-load-balancer-regions). Multiple entries should not be specified with the same region. + type: string + type: object + type: array + rules: + description: |- + (Block List) A list of rules for this load balancer to execute. (see below for nested schema) + A list of rules for this load balancer to execute. + items: + properties: + condition: + description: |- + (String) The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See load balancing rules. + The statement to evaluate to determine if this rule's effects should be applied. An empty condition is always true. See [load balancing rules](https://developers.cloudflare.com/load-balancing/understand-basics/load-balancing-rules). + type: string + disabled: + description: |- + (Boolean) A disabled rule will not be executed. + A disabled rule will not be executed. + type: boolean + fixedResponse: + description: |- + (Block List, Max: 1) Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: overrides or fixed_response must be set. (see below for nested schema) + Settings for a HTTP response to return directly to the eyeball if the condition is true. Note: [`overrides`](#overrides) or [`fixed_response`](#fixed_response) must be set. + items: + properties: + contentType: + description: |- + type header for this fixed response. + The value of the HTTP context-type header for this fixed response. + type: string + location: + description: |- + (String) The value of the HTTP location header for this fixed response. + The value of the HTTP location header for this fixed response. + type: string + messageBody: + description: |- + (String) The text used as the html body for this fixed response. + The text used as the html body for this fixed response. + type: string + statusCode: + description: |- + (Number) The HTTP status code used for this fixed response. + The HTTP status code used for this fixed response. + type: number + type: object + type: array + name: + description: |- + (String) The DNS hostname to associate with your load balancer. If this hostname already exists as a DNS record in Cloudflare's DNS, the load balancer will take precedence and the DNS record will not be used. + Human readable name for this rule. + type: string + overrides: + description: |- + (Block List) The load balancer settings to alter if this rule's condition is true. Note: overrides or fixed_response must be set. (see below for nested schema) + The load balancer settings to alter if this rule's [`condition`](#condition) is true. Note: [`overrides`](#overrides) or [`fixed_response`](#fixed_response) must be set. + items: + properties: + adaptiveRouting: + description: |- + (Block Set) Controls features that modify the routing of requests to pools and origins in response to dynamic conditions, such as during the interval between active health monitoring requests. (see below for nested schema) + See [`adaptive_routing`](#adaptive_routing). + items: + properties: + failoverAcrossPools: + description: |- + downtime failover of requests to healthy origins from alternate pools, when no healthy alternate exists in the same pool, according to the failover order defined by traffic and origin steering. When set false, zero-downtime failover will only occur between origins within the same pool. Defaults to false. + See [`failover_across_pools`](#failover_across_pools). + type: boolean + type: object + type: array + countryPools: + description: |- + (Block Set) A set containing mappings of country codes to a list of pool IDs (ordered by their failover priority) for the given country. (see below for nested schema) + See [`country_pools`](#country_pools). + items: + properties: + country: + description: |- + (String) A country code which can be determined with the Load Balancing Regions API described here. Multiple entries should not be specified with the same country. + See [`country`](#country). + type: string + poolIds: + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + See [`pool_ids`](#pool_ids). + items: + type: string + type: array + type: object + type: array + defaultPools: + description: |- + (List of String) See default_pool_ids. + See [`default_pool_ids`](#default_pool_ids). + items: + type: string + type: array + fallbackPool: + description: |- + (String) See fallback_pool_id. + See [`fallback_pool_id`](#fallback_pool_id). + type: string + locationStrategy: + description: |- + based steering for non-proxied requests. (see below for nested schema) + See [`location_strategy`](#location_strategy). + items: + properties: + mode: + description: |- + (String) Determines the authoritative location when ECS is not preferred, does not exist in the request, or its GeoIP lookup is unsuccessful. Value pop will use the Cloudflare PoP location. Value resolver_ip will use the DNS resolver GeoIP location. If the GeoIP lookup is unsuccessful, it will use the Cloudflare PoP location. Available values: pop, resolver_ip. Defaults to pop. + See [`mode`](#mode). + type: string + preferEcs: + description: |- + (String) Whether the EDNS Client Subnet (ECS) GeoIP should be preferred as the authoritative location. Value always will always prefer ECS, never will never prefer ECS, proximity will prefer ECS only when steering_policy="proximity", and geo will prefer ECS only when steering_policy="geo". Available values: always, never, proximity, geo. Defaults to proximity. + See [`prefer_ecs`](#prefer_ecs). + type: string + type: object + type: array + popPools: + description: |- + of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. (see below for nested schema) + See [`pop_pools`](#pop_pools). + items: + properties: + poolIds: + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + See [`pool_ids`](#pool_ids). + items: + type: string + type: array + pop: + description: |- + letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP. + See [`pop`](#pop). + type: string + type: object + type: array + randomSteering: + description: |- + (Block Set) Configures pool weights for random steering. When the steering_policy="random", a random pool is selected with probability proportional to these pool weights. (see below for nested schema) + See [`random_steering`](#random_steering). + items: + properties: + defaultWeight: + description: |- + (Number) The default weight for pools in the load balancer that are not specified in the pool_weights map. + See [`default_weight`](#default_weight). + type: number + poolWeights: + additionalProperties: + type: number + description: |- + (Map of Number) A mapping of pool IDs to custom weights. The weight is relative to other pools in the load balancer. + See [`pool_weights`](#pool_weights). + type: object + x-kubernetes-map-type: granular + type: object + type: array + regionPools: + description: |- + (Block Set) A set containing mappings of region codes to a list of pool IDs (ordered by their failover priority) for the given region. (see below for nested schema) + See [`region_pools`](#region_pools). + items: + properties: + poolIds: + description: |- + (List of String) A list of pool IDs in failover priority to use in the given country. + See [`pool_ids`](#pool_ids). + items: + type: string + type: array + region: + description: |- + (String) A region code which must be in the list defined here. Multiple entries should not be specified with the same region. + See [`region`](#region). + type: string + type: object + type: array + sessionAffinity: + description: |- + (String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client's IP address. Available values: "", none, cookie, ip_cookie. Defaults to none. + See [`session_affinity`](#session_affinity). + type: string + sessionAffinityAttributes: + additionalProperties: + type: string + description: |- + (Map of String) See session_affinity_attributes. + See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). Note that the property [`drain_duration`](#drain_duration) is not currently supported as a rule override. + type: object + x-kubernetes-map-type: granular + sessionAffinityTtl: + description: |- + (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. + See [`session_affinity_ttl`](#session_affinity_ttl). + type: number + steeringPolicy: + description: |- + proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "". + See [`steering_policy`](#steering_policy). + type: string + ttl: + description: |- + (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. + See [`ttl`](#ttl). + type: number + type: object + type: array + priority: + description: |- + (Number) Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. + Priority used when determining the order of rule execution. Lower values are executed first. If not provided, the list order will be used. + type: number + terminates: + description: |- + (Boolean) Terminates indicates that if this rule is true no further rules should be executed. Note: setting a fixed_response forces this field to true. + Terminates indicates that if this rule is true no further rules should be executed. Note: setting a [`fixed_response`](#fixed_response) forces this field to `true`. + type: boolean + type: object + type: array + sessionAffinity: + description: |- + (String) Specifies the type of session affinity the load balancer should use unless specified as none or "" (default). With value cookie, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value ip_cookie behaves the same as cookie except the initial origin selection is stable and based on the client's IP address. Available values: "", none, cookie, ip_cookie. Defaults to none. + Specifies the type of session affinity the load balancer should use unless specified as `none` or `""` (default). With value `cookie`, on the first request to a proxied load balancer, a cookie is generated, encoding information of which origin the request will be forwarded to. Subsequent requests, by the same client to the same load balancer, will be sent to the origin server the cookie encodes, for the duration of the cookie and as long as the origin server remains healthy. If the cookie has expired or the origin server is unhealthy then a new origin server is calculated and used. Value `ip_cookie` behaves the same as `cookie` except the initial origin selection is stable and based on the client's IP address. Available values: `""`, `none`, `cookie`, `ip_cookie`. Defaults to `none`. + type: string + sessionAffinityAttributes: + additionalProperties: + type: string + description: |- + (Map of String) See session_affinity_attributes. + See [`session_affinity_attributes`](#nested-schema-for-session_affinity_attributes). + type: object + x-kubernetes-map-type: granular + sessionAffinityTtl: + description: |- + (Number) Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of 82800 (23 hours) will be used unless session_affinity_ttl is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between 1800 and 604800. + Time, in seconds, until this load balancer's session affinity cookie expires after being created. This parameter is ignored unless a supported session affinity policy is set. The current default of `82800` (23 hours) will be used unless [`session_affinity_ttl`](#session_affinity_ttl) is explicitly set. Once the expiry time has been reached, subsequent requests may get sent to a different origin server. Valid values are between `1800` and `604800`. + type: number + steeringPolicy: + description: |- + proxied requests, the country for country_pools is determined by location_strategy. Value random selects a pool randomly. Value dynamic_latency uses round trip time to select the closest pool in default_pool_ids (requires pool health checks). Value proximity uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by location_strategy for non-proxied requests. Value "" maps to geo if you use pop_pools/country_pools/region_pools otherwise off. Available values: off, geo, dynamic_latency, random, proximity, "" Defaults to "". + The method the load balancer uses to determine the route to your origin. Value `off` uses [`default_pool_ids`](#default_pool_ids). Value `geo` uses [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools). For non-proxied requests, the [`country`](#country) for [`country_pools`](#country_pools) is determined by [`location_strategy`](#location_strategy). Value `random` selects a pool randomly. Value `dynamic_latency` uses round trip time to select the closest pool in [`default_pool_ids`](#default_pool_ids) (requires pool health checks). Value `proximity` uses the pools' latitude and longitude to select the closest pool using the Cloudflare PoP location for proxied requests or the location determined by [`location_strategy`](#location_strategy) for non-proxied requests. Value `""` maps to `geo` if you use [`pop_pools`](#pop_pools)/[`country_pools`](#country_pools)/[`region_pools`](#region_pools) otherwise `off`. Available values: `off`, `geo`, `dynamic_latency`, `random`, `proximity`, `""` Defaults to `""`. + type: string + ttl: + description: |- + (Number) Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to 30. Conflicts with proxied. + Time to live (TTL) of the DNS entry for the IP address returned by this load balancer. This cannot be set for proxied load balancers. Defaults to `30`. Conflicts with `proxied`. + type: number + zoneId: + description: |- + (String) The zone ID to add the load balancer to. Modifying this attribute will force creation of a new resource. + The zone ID to add the load balancer to. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -1108,13 +2394,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -1125,8 +2413,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -1135,6 +2424,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -1143,9 +2435,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/loadbalancer.cloudflare.upbound.io_monitors.yaml b/package/crds/loadbalancer.cloudflare.upbound.io_monitors.yaml index 415b839..7b5583f 100644 --- a/package/crds/loadbalancer.cloudflare.upbound.io_monitors.yaml +++ b/package/crds/loadbalancer.cloudflare.upbound.io_monitors.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: monitors.loadbalancer.cloudflare.upbound.io spec: group: loadbalancer.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Monitor is the Schema for the Monitors API. + description: Monitor is the Schema for the Monitors API. Provides a Cloudflare + Load Balancer Monitor resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,92 +153,295 @@ spec: type: object type: object allowInsecure: + description: Do not validate the certificate when monitor use + HTTPS. Only valid if type is "http" or "https". type: boolean description: + description: Free text description. type: string expectedBody: + description: 'A case-insensitive sub-string to look for in the + response body. If this string is not found, the origin will + be marked as unhealthy. Only valid if type is "http" or "https". + Default: "".' type: string expectedCodes: + description: The expected HTTP response code or code range of + the health check. Eg 2xx. Only valid and required if type is + "http" or "https". type: string followRedirects: + description: Follow redirects if returned by the origin. Only + valid if type is "http" or "https". type: boolean header: + description: The HTTP request headers to send in the health check. + It is recommended you set a Host header by default. The User-Agent + header cannot be overridden. Fields documented below. Only valid + if type is "http" or "https". items: properties: header: + description: The HTTP request headers to send in the health + check. It is recommended you set a Host header by default. + The User-Agent header cannot be overridden. Fields documented + below. Only valid if type is "http" or "https". type: string values: + description: A list of string values for the header. items: type: string type: array - required: - - header - - values + x-kubernetes-list-type: set type: object type: array interval: - description: Defaults to `60`. + description: |- + The interval between each health check. Shorter intervals may improve failover time, but will increase load on the origins as we check from multiple locations. Default: 60. + Defaults to `60`. type: number method: + description: 'The method to use for the health check. Valid values + are any valid HTTP verb if type is "http" or "https", or connection_established + if type is "tcp". Default: "GET" if type is "http" or "https", + "connection_established" if type is "tcp", and empty otherwise.' type: string path: + description: 'The endpoint path to health check against. Default: + "/". Only valid if type is "http" or "https".' type: string port: + description: The port number to use for the healthcheck, required + when creating a TCP monitor. Valid values are in the range 0-65535. type: number probeZone: + description: Assign this monitor to emulate the specified zone + while probing. Only valid if type is "http" or "https". type: string retries: - description: Defaults to `2`. + description: |- + The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Default: 2. + Defaults to `2`. type: number timeout: - description: Defaults to `5`. + description: |- + The timeout (in seconds) before marking the health check as failed. Default: 5. + Defaults to `5`. type: number type: - description: Defaults to `http`. + description: |- + The protocol to use for the healthcheck. Currently supported protocols are 'HTTP', 'HTTPS', 'TCP', 'UDP-ICMP', 'ICMP-PING', and 'SMTP'. Default: "http". + Defaults to `http`. type: string type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + allowInsecure: + description: Do not validate the certificate when monitor use + HTTPS. Only valid if type is "http" or "https". + type: boolean + description: + description: Free text description. + type: string + expectedBody: + description: 'A case-insensitive sub-string to look for in the + response body. If this string is not found, the origin will + be marked as unhealthy. Only valid if type is "http" or "https". + Default: "".' + type: string + expectedCodes: + description: The expected HTTP response code or code range of + the health check. Eg 2xx. Only valid and required if type is + "http" or "https". + type: string + followRedirects: + description: Follow redirects if returned by the origin. Only + valid if type is "http" or "https". + type: boolean + header: + description: The HTTP request headers to send in the health check. + It is recommended you set a Host header by default. The User-Agent + header cannot be overridden. Fields documented below. Only valid + if type is "http" or "https". + items: + properties: + header: + description: The HTTP request headers to send in the health + check. It is recommended you set a Host header by default. + The User-Agent header cannot be overridden. Fields documented + below. Only valid if type is "http" or "https". + type: string + values: + description: A list of string values for the header. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + interval: + description: |- + The interval between each health check. Shorter intervals may improve failover time, but will increase load on the origins as we check from multiple locations. Default: 60. + Defaults to `60`. + type: number + method: + description: 'The method to use for the health check. Valid values + are any valid HTTP verb if type is "http" or "https", or connection_established + if type is "tcp". Default: "GET" if type is "http" or "https", + "connection_established" if type is "tcp", and empty otherwise.' + type: string + path: + description: 'The endpoint path to health check against. Default: + "/". Only valid if type is "http" or "https".' + type: string + port: + description: The port number to use for the healthcheck, required + when creating a TCP monitor. Valid values are in the range 0-65535. + type: number + probeZone: + description: Assign this monitor to emulate the specified zone + while probing. Only valid if type is "http" or "https". + type: string + retries: + description: |- + The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Default: 2. + Defaults to `2`. + type: number + timeout: + description: |- + The timeout (in seconds) before marking the health check as failed. Default: 5. + Defaults to `5`. + type: number + type: + description: |- + The protocol to use for the healthcheck. Currently supported protocols are 'HTTP', 'HTTPS', 'TCP', 'UDP-ICMP', 'ICMP-PING', and 'SMTP'. Default: "http". + Defaults to `http`. + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -235,21 +451,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -259,17 +475,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -279,21 +497,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -308,21 +526,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -333,14 +552,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -360,11 +580,102 @@ spec: properties: atProvider: properties: + accountId: + description: |- + The account identifier to target for the resource. + The account identifier to target for the resource. + type: string + allowInsecure: + description: Do not validate the certificate when monitor use + HTTPS. Only valid if type is "http" or "https". + type: boolean createdOn: + description: The RFC3339 timestamp of when the load balancer monitor + was created. + type: string + description: + description: Free text description. + type: string + expectedBody: + description: 'A case-insensitive sub-string to look for in the + response body. If this string is not found, the origin will + be marked as unhealthy. Only valid if type is "http" or "https". + Default: "".' + type: string + expectedCodes: + description: The expected HTTP response code or code range of + the health check. Eg 2xx. Only valid and required if type is + "http" or "https". type: string + followRedirects: + description: Follow redirects if returned by the origin. Only + valid if type is "http" or "https". + type: boolean + header: + description: The HTTP request headers to send in the health check. + It is recommended you set a Host header by default. The User-Agent + header cannot be overridden. Fields documented below. Only valid + if type is "http" or "https". + items: + properties: + header: + description: The HTTP request headers to send in the health + check. It is recommended you set a Host header by default. + The User-Agent header cannot be overridden. Fields documented + below. Only valid if type is "http" or "https". + type: string + values: + description: A list of string values for the header. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array id: + description: Load balancer monitor ID. + type: string + interval: + description: |- + The interval between each health check. Shorter intervals may improve failover time, but will increase load on the origins as we check from multiple locations. Default: 60. + Defaults to `60`. + type: number + method: + description: 'The method to use for the health check. Valid values + are any valid HTTP verb if type is "http" or "https", or connection_established + if type is "tcp". Default: "GET" if type is "http" or "https", + "connection_established" if type is "tcp", and empty otherwise.' type: string modifiedOn: + description: The RFC3339 timestamp of when the load balancer monitor + was last modified. + type: string + path: + description: 'The endpoint path to health check against. Default: + "/". Only valid if type is "http" or "https".' + type: string + port: + description: The port number to use for the healthcheck, required + when creating a TCP monitor. Valid values are in the range 0-65535. + type: number + probeZone: + description: Assign this monitor to emulate the specified zone + while probing. Only valid if type is "http" or "https". + type: string + retries: + description: |- + The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Default: 2. + Defaults to `2`. + type: number + timeout: + description: |- + The timeout (in seconds) before marking the health check as failed. Default: 5. + Defaults to `5`. + type: number + type: + description: |- + The protocol to use for the healthcheck. Currently supported protocols are 'HTTP', 'HTTPS', 'TCP', 'UDP-ICMP', 'ICMP-PING', and 'SMTP'. Default: "http". + Defaults to `http`. type: string type: object conditions: @@ -373,13 +684,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -390,8 +703,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -400,6 +714,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -408,9 +725,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/loadbalancer.cloudflare.upbound.io_pools.yaml b/package/crds/loadbalancer.cloudflare.upbound.io_pools.yaml index 5dd2dac..dccc783 100644 --- a/package/crds/loadbalancer.cloudflare.upbound.io_pools.yaml +++ b/package/crds/loadbalancer.cloudflare.upbound.io_pools.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: pools.loadbalancer.cloudflare.upbound.io spec: group: loadbalancer.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Pool is the Schema for the Pools API. + description: Pool is the Schema for the Pools API. Provides a Cloudflare Load + Balancer Pool resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,43 +153,66 @@ spec: type: object type: object checkRegions: + description: A list of regions (specified by region code) from + which to run health checks. Empty means every Cloudflare data + center (the default), but requires an Enterprise plan. Region + codes can be found here. items: type: string type: array + x-kubernetes-list-type: set description: + description: Free text description. type: string enabled: - description: Defaults to `true`. + description: |- + Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any). + Defaults to `true`. type: boolean latitude: + description: The latitude this pool is physically located at; + used for proximity steering. Values should be between -90 and + 90. type: number loadShedding: + description: Setting for controlling load shedding for this pool. items: properties: defaultPercent: - description: Percent of traffic to shed 0 - 100. Defaults - to `0`. + description: |- + Percent of traffic to shed 0 - 100. + Percent of traffic to shed 0 - 100. Defaults to `0`. type: number defaultPolicy: - description: 'Method of shedding traffic. Available values: - “, `hash`, `random`. Defaults to `""`.' + description: |- + Method of shedding traffic "", "hash" or "random". + Method of shedding traffic. Available values: “, `hash`, `random`. Defaults to `""`. type: string sessionPercent: - description: Percent of session traffic to shed 0 - 100. - Defaults to `0`. + description: |- + Percent of session traffic to shed 0 - 100. + Percent of session traffic to shed 0 - 100. Defaults to `0`. type: number sessionPolicy: - description: 'Method of shedding traffic. Available values: - “, `hash`. Defaults to `""`.' + description: |- + Method of shedding session traffic "" or "hash". + Method of shedding traffic. Available values: “, `hash`. Defaults to `""`. type: string type: object type: array longitude: + description: The longitude this pool is physically located at; + used for proximity steering. Values should be between -180 and + 180. type: number minimumOrigins: - description: Defaults to `1`. + description: |- + The minimum number of origins that must be healthy for this pool to serve traffic. If the number of healthy origins falls below this number, the pool will be marked unhealthy and we will failover to the next available pool. Default: 1. + Defaults to `1`. type: number monitor: + description: The ID of the Monitor to use for health checking + origins within this pool. type: string monitorRef: description: Reference to a Monitor to populate monitor. @@ -189,21 +225,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -216,8 +252,9 @@ spec: description: Selector for a Monitor to populate monitor. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -230,21 +267,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -252,108 +289,411 @@ spec: type: object type: object name: + description: A short name (tag) for the pool. Only alphanumeric + characters, hyphens, and underscores are allowed. type: string notificationEmail: + description: The email address to send health status notifications + to. This can be an individual mailbox or a mailing list. Multiple + emails can be supplied as a comma delimited list. type: string originSteering: + description: Set an origin steering policy to control origin selection + within a pool. items: properties: policy: - description: 'Origin steering policy to be used. Available - values: “, `hash`, `random`. Defaults to `random`.' + description: |- + Either "random" (default) or "hash". + Origin steering policy to be used. Available values: “, `hash`, `random`. Defaults to `random`. type: string type: object type: array origins: + description: The list of origins within this pool. Traffic directed + at this pool is balanced across all currently healthy origins, + provided the pool itself is healthy. It's a complex value. See + description below. items: properties: address: - description: The IP address (IPv4 or IPv6) of the origin, - or the publicly addressable hostname. + description: |- + The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. Hostnames entered here should resolve directly to the origin, and not be a hostname proxied by Cloudflare. + The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. type: string enabled: - description: Whether this origin is enabled. Disabled origins - will not receive traffic and are excluded from health - checks. Defaults to `true`. + description: |- + Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any). + Whether this origin is enabled. Disabled origins will not receive traffic and are excluded from health checks. Defaults to `true`. type: boolean header: - description: HTTP request headers. + description: |- + The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below. + HTTP request headers. items: properties: header: - description: HTTP Header name. + description: |- + The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below. + HTTP Header name. type: string values: - description: Values for the HTTP headers. + description: |- + A list of string values for the header. + Values for the HTTP headers. items: type: string type: array - required: - - header - - values + x-kubernetes-list-type: set type: object type: array name: - description: A human-identifiable name for the origin. + description: |- + A short name (tag) for the pool. Only alphanumeric characters, hyphens, and underscores are allowed. + A human-identifiable name for the origin. type: string weight: - description: The weight (0.01 - 1.00) of this origin, relative - to other origins in the pool. Equal values mean equal - weighting. A weight of 0 means traffic will not be sent - to this origin, but health is still checked. Defaults - to `1`. + description: |- + The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Default: 1. + The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Defaults to `1`. type: number - required: - - address - - name type: object type: array - required: - - name - - origins type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + checkRegions: + description: A list of regions (specified by region code) from + which to run health checks. Empty means every Cloudflare data + center (the default), but requires an Enterprise plan. Region + codes can be found here. + items: + type: string + type: array + x-kubernetes-list-type: set + description: + description: Free text description. + type: string + enabled: + description: |- + Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any). + Defaults to `true`. + type: boolean + latitude: + description: The latitude this pool is physically located at; + used for proximity steering. Values should be between -90 and + 90. + type: number + loadShedding: + description: Setting for controlling load shedding for this pool. + items: + properties: + defaultPercent: + description: |- + Percent of traffic to shed 0 - 100. + Percent of traffic to shed 0 - 100. Defaults to `0`. + type: number + defaultPolicy: + description: |- + Method of shedding traffic "", "hash" or "random". + Method of shedding traffic. Available values: “, `hash`, `random`. Defaults to `""`. + type: string + sessionPercent: + description: |- + Percent of session traffic to shed 0 - 100. + Percent of session traffic to shed 0 - 100. Defaults to `0`. + type: number + sessionPolicy: + description: |- + Method of shedding session traffic "" or "hash". + Method of shedding traffic. Available values: “, `hash`. Defaults to `""`. + type: string + type: object + type: array + longitude: + description: The longitude this pool is physically located at; + used for proximity steering. Values should be between -180 and + 180. + type: number + minimumOrigins: + description: |- + The minimum number of origins that must be healthy for this pool to serve traffic. If the number of healthy origins falls below this number, the pool will be marked unhealthy and we will failover to the next available pool. Default: 1. + Defaults to `1`. + type: number + monitor: + description: The ID of the Monitor to use for health checking + origins within this pool. + type: string + monitorRef: + description: Reference to a Monitor to populate monitor. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + monitorSelector: + description: Selector for a Monitor to populate monitor. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + name: + description: A short name (tag) for the pool. Only alphanumeric + characters, hyphens, and underscores are allowed. + type: string + notificationEmail: + description: The email address to send health status notifications + to. This can be an individual mailbox or a mailing list. Multiple + emails can be supplied as a comma delimited list. + type: string + originSteering: + description: Set an origin steering policy to control origin selection + within a pool. + items: + properties: + policy: + description: |- + Either "random" (default) or "hash". + Origin steering policy to be used. Available values: “, `hash`, `random`. Defaults to `random`. + type: string + type: object + type: array + origins: + description: The list of origins within this pool. Traffic directed + at this pool is balanced across all currently healthy origins, + provided the pool itself is healthy. It's a complex value. See + description below. + items: + properties: + address: + description: |- + The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. Hostnames entered here should resolve directly to the origin, and not be a hostname proxied by Cloudflare. + The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. + type: string + enabled: + description: |- + Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any). + Whether this origin is enabled. Disabled origins will not receive traffic and are excluded from health checks. Defaults to `true`. + type: boolean + header: + description: |- + The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below. + HTTP request headers. + items: + properties: + header: + description: |- + The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below. + HTTP Header name. + type: string + values: + description: |- + A list of string values for the header. + Values for the HTTP headers. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + name: + description: |- + A short name (tag) for the pool. Only alphanumeric characters, hyphens, and underscores are allowed. + A human-identifiable name for the origin. + type: string + weight: + description: |- + The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Default: 1. + The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Defaults to `1`. + type: number + type: object + type: array type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -363,21 +703,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -387,17 +727,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -407,21 +749,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -436,21 +778,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -461,14 +804,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -483,17 +827,169 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.origins is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.origins) + || (has(self.initProvider) && has(self.initProvider.origins))' status: description: PoolStatus defines the observed state of Pool. properties: atProvider: properties: + accountId: + description: |- + The account identifier to target for the resource. + The account identifier to target for the resource. + type: string + checkRegions: + description: A list of regions (specified by region code) from + which to run health checks. Empty means every Cloudflare data + center (the default), but requires an Enterprise plan. Region + codes can be found here. + items: + type: string + type: array + x-kubernetes-list-type: set createdOn: + description: The RFC3339 timestamp of when the load balancer was + created. + type: string + description: + description: Free text description. type: string + enabled: + description: |- + Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any). + Defaults to `true`. + type: boolean id: + description: ID for this load balancer pool. type: string + latitude: + description: The latitude this pool is physically located at; + used for proximity steering. Values should be between -90 and + 90. + type: number + loadShedding: + description: Setting for controlling load shedding for this pool. + items: + properties: + defaultPercent: + description: |- + Percent of traffic to shed 0 - 100. + Percent of traffic to shed 0 - 100. Defaults to `0`. + type: number + defaultPolicy: + description: |- + Method of shedding traffic "", "hash" or "random". + Method of shedding traffic. Available values: “, `hash`, `random`. Defaults to `""`. + type: string + sessionPercent: + description: |- + Percent of session traffic to shed 0 - 100. + Percent of session traffic to shed 0 - 100. Defaults to `0`. + type: number + sessionPolicy: + description: |- + Method of shedding session traffic "" or "hash". + Method of shedding traffic. Available values: “, `hash`. Defaults to `""`. + type: string + type: object + type: array + longitude: + description: The longitude this pool is physically located at; + used for proximity steering. Values should be between -180 and + 180. + type: number + minimumOrigins: + description: |- + The minimum number of origins that must be healthy for this pool to serve traffic. If the number of healthy origins falls below this number, the pool will be marked unhealthy and we will failover to the next available pool. Default: 1. + Defaults to `1`. + type: number modifiedOn: + description: The RFC3339 timestamp of when the load balancer was + last modified. + type: string + monitor: + description: The ID of the Monitor to use for health checking + origins within this pool. + type: string + name: + description: A short name (tag) for the pool. Only alphanumeric + characters, hyphens, and underscores are allowed. + type: string + notificationEmail: + description: The email address to send health status notifications + to. This can be an individual mailbox or a mailing list. Multiple + emails can be supplied as a comma delimited list. type: string + originSteering: + description: Set an origin steering policy to control origin selection + within a pool. + items: + properties: + policy: + description: |- + Either "random" (default) or "hash". + Origin steering policy to be used. Available values: “, `hash`, `random`. Defaults to `random`. + type: string + type: object + type: array + origins: + description: The list of origins within this pool. Traffic directed + at this pool is balanced across all currently healthy origins, + provided the pool itself is healthy. It's a complex value. See + description below. + items: + properties: + address: + description: |- + The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. Hostnames entered here should resolve directly to the origin, and not be a hostname proxied by Cloudflare. + The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. + type: string + enabled: + description: |- + Whether to enable (the default) this pool. Disabled pools will not receive traffic and are excluded from health checks. Disabling a pool will cause any load balancers using it to failover to the next pool (if any). + Whether this origin is enabled. Disabled origins will not receive traffic and are excluded from health checks. Defaults to `true`. + type: boolean + header: + description: |- + The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below. + HTTP request headers. + items: + properties: + header: + description: |- + The HTTP request headers. For security reasons, this header also needs to be a subdomain of the overall zone. Fields documented below. + HTTP Header name. + type: string + values: + description: |- + A list of string values for the header. + Values for the HTTP headers. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + name: + description: |- + A short name (tag) for the pool. Only alphanumeric characters, hyphens, and underscores are allowed. + A human-identifiable name for the origin. + type: string + weight: + description: |- + The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Default: 1. + The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Defaults to `1`. + type: number + type: object + type: array type: object conditions: description: Conditions of the resource. @@ -501,13 +997,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -518,8 +1016,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -528,6 +1027,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -536,9 +1038,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/logpush.cloudflare.upbound.io_jobs.yaml b/package/crds/logpush.cloudflare.upbound.io_jobs.yaml index 48cc222..0a672cd 100644 --- a/package/crds/logpush.cloudflare.upbound.io_jobs.yaml +++ b/package/crds/logpush.cloudflare.upbound.io_jobs.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: jobs.logpush.cloudflare.upbound.io spec: group: logpush.cloudflare.upbound.io @@ -35,17 +34,28 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Job is the Schema for the Jobs API. + description: 'Job is the Schema for the Jobs API. Provides a resource which + manages Cloudflare Logpush jobs. For Logpush jobs pushing to Amazon S3, + Google Cloud Storage, Microsoft Azure or Sumo Logic, this resource cannot + be automatically created. In order to have this automated, you must have: + cloudflare_logpush_ownership_challenge: Configured to generate the challenge + to confirm ownership of the destination.cloudflare_logpush_job: Create and + manage the Logpush Job itself.' properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +64,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +79,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Must provide only one of `account_id`, `zone_id`. + description: |- + (String) The account identifier to target for the resource. Must provide only one of account_id, zone_id. + The account identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +94,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +121,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +136,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,54 +158,54 @@ spec: type: object type: object dataset: - description: 'Uniquely identifies a resource (such as an s3 bucket) - where data will be pushed. Additional configuration parameters - supported by the destination may be included. See [Logpush destination - documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). - Available values: `access_requests`, `firewall_events`, `http_requests`, - `spectrum_events`, `nel_reports`, `audit_logs`, `gateway_dns`, - `gateway_http`, `gateway_network`, `dns_logs`, `network_analytics_logs`, - `workers_trace_events`.' + description: |- + (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. Available values: access_requests, firewall_events, http_requests, spectrum_events, nel_reports, audit_logs, gateway_dns, gateway_http, gateway_network, dns_logs, network_analytics_logs, workers_trace_events. + Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See [Logpush destination documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). Available values: `access_requests`, `firewall_events`, `http_requests`, `spectrum_events`, `nel_reports`, `audit_logs`, `gateway_dns`, `gateway_http`, `gateway_network`, `dns_logs`, `network_analytics_logs`, `workers_trace_events`. type: string destinationConf: - description: Uniquely identifies a resource (such as an s3 bucket) - where data will be pushed. Additional configuration parameters - supported by the destination may be included. See [Logpush destination - documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). + description: |- + (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. + Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See [Logpush destination documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). type: string enabled: - description: Whether to enable the job. + description: |- + (Boolean) Whether to enable the job. + Whether to enable the job. type: boolean filter: - description: Use filters to select the events to include and/or - remove from your logs. For more information, refer to [Filters](https://developers.cloudflare.com/logs/reference/logpush-api-configuration/filters/). + description: |- + (String) Use filters to select the events to include and/or remove from your logs. For more information, refer to Filters. + Use filters to select the events to include and/or remove from your logs. For more information, refer to [Filters](https://developers.cloudflare.com/logs/reference/logpush-api-configuration/filters/). type: string frequency: - description: 'A higher frequency will result in logs being pushed - on faster with smaller files. `low` frequency will push logs - less often with larger files. Available values: `high`, `low`. - Defaults to `high`.' + description: |- + (String) A higher frequency will result in logs being pushed on faster with smaller files. low frequency will push logs less often with larger files. Available values: high, low. Defaults to high. + A higher frequency will result in logs being pushed on faster with smaller files. `low` frequency will push logs less often with larger files. Available values: `high`, `low`. Defaults to `high`. type: string kind: - description: 'The kind of logpush job to create. Available values: - `edge`, `instant-logs`, `""`.' + description: |- + logs, "". + The kind of logpush job to create. Available values: `edge`, `instant-logs`, `""`. type: string logpullOptions: - description: Configuration string for the Logshare API. It specifies - things like requested fields and timestamp formats. See [Logpull - options documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#options). + description: |- + (String) Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See Logpull options documentation. + Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See [Logpull options documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#options). type: string name: - description: The name of the logpush job to create. + description: |- + (String) The name of the logpush job to create. + The name of the logpush job to create. type: string ownershipChallenge: - description: Ownership challenge token to prove destination ownership, - required when destination is Amazon S3, Google Cloud Storage, - Microsoft Azure or Sumo Logic. See [Developer documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#usage). + description: |- + (String) Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See Developer documentation. + Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See [Developer documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#usage). type: string zoneId: - description: The zone identifier to target for the resource. Must - provide only one of `account_id`, `zone_id`. + description: |- + (String) The zone identifier to target for the resource. Must provide only one of account_id, zone_id. + The zone identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -201,21 +218,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -228,8 +245,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -242,73 +260,279 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - dataset - - destinationConf type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Must provide only one of account_id, zone_id. + The account identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + dataset: + description: |- + (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. Available values: access_requests, firewall_events, http_requests, spectrum_events, nel_reports, audit_logs, gateway_dns, gateway_http, gateway_network, dns_logs, network_analytics_logs, workers_trace_events. + Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See [Logpush destination documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). Available values: `access_requests`, `firewall_events`, `http_requests`, `spectrum_events`, `nel_reports`, `audit_logs`, `gateway_dns`, `gateway_http`, `gateway_network`, `dns_logs`, `network_analytics_logs`, `workers_trace_events`. + type: string + destinationConf: + description: |- + (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. + Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See [Logpush destination documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). + type: string + enabled: + description: |- + (Boolean) Whether to enable the job. + Whether to enable the job. + type: boolean + filter: + description: |- + (String) Use filters to select the events to include and/or remove from your logs. For more information, refer to Filters. + Use filters to select the events to include and/or remove from your logs. For more information, refer to [Filters](https://developers.cloudflare.com/logs/reference/logpush-api-configuration/filters/). + type: string + frequency: + description: |- + (String) A higher frequency will result in logs being pushed on faster with smaller files. low frequency will push logs less often with larger files. Available values: high, low. Defaults to high. + A higher frequency will result in logs being pushed on faster with smaller files. `low` frequency will push logs less often with larger files. Available values: `high`, `low`. Defaults to `high`. + type: string + kind: + description: |- + logs, "". + The kind of logpush job to create. Available values: `edge`, `instant-logs`, `""`. + type: string + logpullOptions: + description: |- + (String) Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See Logpull options documentation. + Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See [Logpull options documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#options). + type: string + name: + description: |- + (String) The name of the logpush job to create. + The name of the logpush job to create. + type: string + ownershipChallenge: + description: |- + (String) Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See Developer documentation. + Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See [Developer documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#usage). + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Must provide only one of account_id, zone_id. + The zone identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -318,21 +542,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -342,17 +566,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -362,21 +588,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -391,21 +617,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -416,14 +643,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -438,12 +666,77 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.dataset is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.dataset) + || (has(self.initProvider) && has(self.initProvider.dataset))' + - message: spec.forProvider.destinationConf is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.destinationConf) + || (has(self.initProvider) && has(self.initProvider.destinationConf))' status: description: JobStatus defines the observed state of Job. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Must provide only one of account_id, zone_id. + The account identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. + type: string + dataset: + description: |- + (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. Available values: access_requests, firewall_events, http_requests, spectrum_events, nel_reports, audit_logs, gateway_dns, gateway_http, gateway_network, dns_logs, network_analytics_logs, workers_trace_events. + Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See [Logpush destination documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). Available values: `access_requests`, `firewall_events`, `http_requests`, `spectrum_events`, `nel_reports`, `audit_logs`, `gateway_dns`, `gateway_http`, `gateway_network`, `dns_logs`, `network_analytics_logs`, `workers_trace_events`. + type: string + destinationConf: + description: |- + (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. + Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See [Logpush destination documentation](https://developers.cloudflare.com/logs/reference/logpush-api-configuration#destination). + type: string + enabled: + description: |- + (Boolean) Whether to enable the job. + Whether to enable the job. + type: boolean + filter: + description: |- + (String) Use filters to select the events to include and/or remove from your logs. For more information, refer to Filters. + Use filters to select the events to include and/or remove from your logs. For more information, refer to [Filters](https://developers.cloudflare.com/logs/reference/logpush-api-configuration/filters/). + type: string + frequency: + description: |- + (String) A higher frequency will result in logs being pushed on faster with smaller files. low frequency will push logs less often with larger files. Available values: high, low. Defaults to high. + A higher frequency will result in logs being pushed on faster with smaller files. `low` frequency will push logs less often with larger files. Available values: `high`, `low`. Defaults to `high`. + type: string id: + description: (String) The ID of this resource. + type: string + kind: + description: |- + logs, "". + The kind of logpush job to create. Available values: `edge`, `instant-logs`, `""`. + type: string + logpullOptions: + description: |- + (String) Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See Logpull options documentation. + Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See [Logpull options documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#options). + type: string + name: + description: |- + (String) The name of the logpush job to create. + The name of the logpush job to create. + type: string + ownershipChallenge: + description: |- + (String) Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See Developer documentation. + Ownership challenge token to prove destination ownership, required when destination is Amazon S3, Google Cloud Storage, Microsoft Azure or Sumo Logic. See [Developer documentation](https://developers.cloudflare.com/logs/logpush/logpush-configuration-api/understanding-logpush-api/#usage). + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Must provide only one of account_id, zone_id. + The zone identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. type: string type: object conditions: @@ -452,13 +745,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -469,8 +764,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -479,6 +775,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -487,9 +786,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/logpush.cloudflare.upbound.io_ownershipchallenges.yaml b/package/crds/logpush.cloudflare.upbound.io_ownershipchallenges.yaml index 3d81d1a..02bd610 100644 --- a/package/crds/logpush.cloudflare.upbound.io_ownershipchallenges.yaml +++ b/package/crds/logpush.cloudflare.upbound.io_ownershipchallenges.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: ownershipchallenges.logpush.cloudflare.upbound.io spec: group: logpush.cloudflare.upbound.io @@ -36,17 +35,23 @@ spec: schema: openAPIV3Schema: description: OwnershipChallenge is the Schema for the OwnershipChallenges - API. + API. Provides a resource which manages Cloudflare Logpush ownership challenges + to use in a Logpush Job. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,8 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Must provide only one of `account_id`, `zone_id`. + description: |- + The account ID where the logpush ownership challenge should be created. Either account_id or zone_id are required. + The account identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -79,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -106,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -120,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -142,12 +154,14 @@ spec: type: object type: object destinationConf: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. + **Modifying this attribute will force creation of a new resource.** type: string zoneId: - description: The zone identifier to target for the resource. Must - provide only one of `account_id`, `zone_id`. + description: |- + The zone ID where the logpush ownership challenge should be created. Either account_id or zone_id are required. + The zone identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -160,21 +174,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -187,8 +201,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -201,72 +216,239 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - destinationConf type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The account ID where the logpush ownership challenge should be created. Either account_id or zone_id are required. + The account identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + destinationConf: + description: |- + Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. + **Modifying this attribute will force creation of a new resource.** + type: string + zoneId: + description: |- + The zone ID where the logpush ownership challenge should be created. Either account_id or zone_id are required. + The zone identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -276,21 +458,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -300,17 +482,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -320,21 +504,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -349,21 +533,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -374,14 +559,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -396,14 +582,37 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.destinationConf is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.destinationConf) + || (has(self.initProvider) && has(self.initProvider.destinationConf))' status: description: OwnershipChallengeStatus defines the observed state of OwnershipChallenge. properties: atProvider: properties: + accountId: + description: |- + The account ID where the logpush ownership challenge should be created. Either account_id or zone_id are required. + The account identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. + type: string + destinationConf: + description: |- + Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. + **Modifying this attribute will force creation of a new resource.** + type: string id: type: string ownershipChallengeFilename: + description: |- + The filename of the ownership challenge which + contains the contents required for Logpush Job creation. + type: string + zoneId: + description: |- + The zone ID where the logpush ownership challenge should be created. Either account_id or zone_id are required. + The zone identifier to target for the resource. Must provide only one of `account_id`, `zone_id`. type: string type: object conditions: @@ -412,13 +621,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -429,8 +640,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -439,6 +651,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -447,9 +662,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/magic.cloudflare.upbound.io_firewallrulesets.yaml b/package/crds/magic.cloudflare.upbound.io_firewallrulesets.yaml index 5d4c05c..3b88950 100644 --- a/package/crds/magic.cloudflare.upbound.io_firewallrulesets.yaml +++ b/package/crds/magic.cloudflare.upbound.io_firewallrulesets.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: firewallrulesets.magic.cloudflare.upbound.io spec: group: magic.cloudflare.upbound.io @@ -35,18 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: FirewallRuleset is the Schema for the FirewallRulesets API. + description: FirewallRuleset is the Schema for the FirewallRulesets API. Provides + the ability to manage a Magic Firewall Ruleset and it's firewall rules which + are used with Magic Transit. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,7 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + The ID of the account where the ruleset is being created. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,10 +154,12 @@ spec: type: object type: object description: + description: A note that can be used to annotate the ruleset. type: string name: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + The name of the ruleset. + **Modifying this attribute will force creation of a new resource.** type: string rules: items: @@ -152,51 +167,148 @@ spec: type: string type: object type: array - required: - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The ID of the account where the ruleset is being created. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + description: + description: A note that can be used to annotate the ruleset. + type: string + name: + description: |- + The name of the ruleset. + **Modifying this attribute will force creation of a new resource.** + type: string + rules: + items: + additionalProperties: + type: string + type: object + type: array type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -206,21 +318,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -230,17 +342,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -250,21 +364,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -279,21 +393,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -304,14 +419,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -326,13 +442,37 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: FirewallRulesetStatus defines the observed state of FirewallRuleset. properties: atProvider: properties: + accountId: + description: |- + The ID of the account where the ruleset is being created. + The account identifier to target for the resource. + type: string + description: + description: A note that can be used to annotate the ruleset. + type: string id: type: string + name: + description: |- + The name of the ruleset. + **Modifying this attribute will force creation of a new resource.** + type: string + rules: + items: + additionalProperties: + type: string + type: object + type: array type: object conditions: description: Conditions of the resource. @@ -340,13 +480,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -357,8 +499,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -367,6 +510,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -375,9 +521,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/magic.cloudflare.upbound.io_gretunnels.yaml b/package/crds/magic.cloudflare.upbound.io_gretunnels.yaml index 9fc24bb..1907a94 100644 --- a/package/crds/magic.cloudflare.upbound.io_gretunnels.yaml +++ b/package/crds/magic.cloudflare.upbound.io_gretunnels.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: gretunnels.magic.cloudflare.upbound.io spec: group: magic.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: GRETunnel is the Schema for the GRETunnels API. + description: GRETunnel is the Schema for the GRETunnels API. Provides a resource + which manages GRE tunnels for Magic Transit. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - **Modifying this attribute will force creation of a new resource.** + description: |- + The ID of the account where the tunnel is being created. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,73 +153,211 @@ spec: type: object type: object cloudflareGreEndpoint: + description: The IP address assigned to the Cloudflare side of + the GRE tunnel. type: string customerGreEndpoint: + description: The IP address assigned to the customer side of the + GRE tunnel. type: string description: + description: An optional description of the GRE tunnel. type: string healthCheckEnabled: + description: 'Specifies if ICMP tunnel health checks are enabled + Default: true.' type: boolean healthCheckTarget: + description: 'The IP address of the customer endpoint that will + receive tunnel health checks. Default: .' type: string healthCheckType: + description: 'Specifies the ICMP echo type for the health check + (request or reply) Default: reply.' type: string interfaceAddress: + description: 31-bit prefix (/31 in CIDR notation) supporting 2 + hosts, one for each side of the tunnel. type: string mtu: + description: 'Maximum Transmission Unit (MTU) in bytes for the + GRE tunnel. Maximum value 1476 and minimum value 576. Default: + 1476.' type: number name: + description: Name of the GRE tunnel. type: string ttl: + description: 'Time To Live (TTL) in number of hops of the GRE + tunnel. Minimum value 64. Default: 64.' type: number - required: - - cloudflareGreEndpoint - - customerGreEndpoint - - interfaceAddress - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The ID of the account where the tunnel is being created. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + cloudflareGreEndpoint: + description: The IP address assigned to the Cloudflare side of + the GRE tunnel. + type: string + customerGreEndpoint: + description: The IP address assigned to the customer side of the + GRE tunnel. + type: string + description: + description: An optional description of the GRE tunnel. + type: string + healthCheckEnabled: + description: 'Specifies if ICMP tunnel health checks are enabled + Default: true.' + type: boolean + healthCheckTarget: + description: 'The IP address of the customer endpoint that will + receive tunnel health checks. Default: .' + type: string + healthCheckType: + description: 'Specifies the ICMP echo type for the health check + (request or reply) Default: reply.' + type: string + interfaceAddress: + description: 31-bit prefix (/31 in CIDR notation) supporting 2 + hosts, one for each side of the tunnel. + type: string + mtu: + description: 'Maximum Transmission Unit (MTU) in bytes for the + GRE tunnel. Maximum value 1476 and minimum value 576. Default: + 1476.' + type: number + name: + description: Name of the GRE tunnel. + type: string + ttl: + description: 'Time To Live (TTL) in number of hops of the GRE + tunnel. Minimum value 64. Default: 64.' + type: number type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -217,21 +367,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -241,17 +391,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -261,21 +413,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -290,21 +442,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -315,14 +468,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -337,13 +491,74 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.cloudflareGreEndpoint is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.cloudflareGreEndpoint) + || (has(self.initProvider) && has(self.initProvider.cloudflareGreEndpoint))' + - message: spec.forProvider.customerGreEndpoint is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.customerGreEndpoint) + || (has(self.initProvider) && has(self.initProvider.customerGreEndpoint))' + - message: spec.forProvider.interfaceAddress is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.interfaceAddress) + || (has(self.initProvider) && has(self.initProvider.interfaceAddress))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: GRETunnelStatus defines the observed state of GRETunnel. properties: atProvider: properties: + accountId: + description: |- + The ID of the account where the tunnel is being created. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + cloudflareGreEndpoint: + description: The IP address assigned to the Cloudflare side of + the GRE tunnel. + type: string + customerGreEndpoint: + description: The IP address assigned to the customer side of the + GRE tunnel. + type: string + description: + description: An optional description of the GRE tunnel. + type: string + healthCheckEnabled: + description: 'Specifies if ICMP tunnel health checks are enabled + Default: true.' + type: boolean + healthCheckTarget: + description: 'The IP address of the customer endpoint that will + receive tunnel health checks. Default: .' + type: string + healthCheckType: + description: 'Specifies the ICMP echo type for the health check + (request or reply) Default: reply.' + type: string id: type: string + interfaceAddress: + description: 31-bit prefix (/31 in CIDR notation) supporting 2 + hosts, one for each side of the tunnel. + type: string + mtu: + description: 'Maximum Transmission Unit (MTU) in bytes for the + GRE tunnel. Maximum value 1476 and minimum value 576. Default: + 1476.' + type: number + name: + description: Name of the GRE tunnel. + type: string + ttl: + description: 'Time To Live (TTL) in number of hops of the GRE + tunnel. Minimum value 64. Default: 64.' + type: number type: object conditions: description: Conditions of the resource. @@ -351,13 +566,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -368,8 +585,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -378,6 +596,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -386,9 +607,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/magic.cloudflare.upbound.io_ipsectunnels.yaml b/package/crds/magic.cloudflare.upbound.io_ipsectunnels.yaml index 004147e..ef2d34a 100644 --- a/package/crds/magic.cloudflare.upbound.io_ipsectunnels.yaml +++ b/package/crds/magic.cloudflare.upbound.io_ipsectunnels.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: ipsectunnels.magic.cloudflare.upbound.io spec: group: magic.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: IPsecTunnel is the Schema for the IPsecTunnels API. + description: IPsecTunnel is the Schema for the IPsecTunnels API. Provides + a resource, that manages IPsec tunnels for Magic Transit. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - **Modifying this attribute will force creation of a new resource.** + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,51 +153,64 @@ spec: type: object type: object allowNullCipher: - description: Specifies if this tunnel may use a null cipher (ENCR_NULL) - in Phase 2. Defaults to `false`. + description: |- + (Boolean) Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to false. + Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to `false`. type: boolean cloudflareEndpoint: - description: IP address assigned to the Cloudflare side of the - IPsec tunnel. + description: |- + (String) IP address assigned to the Cloudflare side of the IPsec tunnel. + IP address assigned to the Cloudflare side of the IPsec tunnel. type: string customerEndpoint: - description: IP address assigned to the customer side of the IPsec - tunnel. + description: |- + (String) IP address assigned to the customer side of the IPsec tunnel. + IP address assigned to the customer side of the IPsec tunnel. type: string description: - description: An optional description of the IPsec tunnel. + description: |- + (String) An optional description of the IPsec tunnel. + An optional description of the IPsec tunnel. type: string fqdnId: - description: '`remote_id` in the form of a fqdn. This value is - generated by cloudflare.' + description: |- + (String) remote_id in the form of a fqdn. This value is generated by cloudflare. + `remote_id` in the form of a fqdn. This value is generated by cloudflare. type: string healthCheckEnabled: - description: 'Specifies if ICMP tunnel health checks are enabled. - Default: `true`.' + description: |- + (Boolean) Specifies if ICMP tunnel health checks are enabled. Default: true. + Specifies if ICMP tunnel health checks are enabled. Default: `true`. type: boolean healthCheckTarget: - description: 'The IP address of the customer endpoint that will - receive tunnel health checks. Default: ``.' + description: |- + (String) The IP address of the customer endpoint that will receive tunnel health checks. Default: . + The IP address of the customer endpoint that will receive tunnel health checks. Default: ``. type: string healthCheckType: - description: 'Specifies the ICMP echo type for the health check - (`request` or `reply`). Available values: `request`, `reply` - Default: `reply`.' + description: |- + (String) Specifies the ICMP echo type for the health check (request or reply). Available values: request, reply Default: reply. + Specifies the ICMP echo type for the health check (`request` or `reply`). Available values: `request`, `reply` Default: `reply`. type: string hexId: - description: '`remote_id` as a hex string. This value is generated - by cloudflare.' + description: |- + (String) remote_id as a hex string. This value is generated by cloudflare. + `remote_id` as a hex string. This value is generated by cloudflare. type: string interfaceAddress: - description: 31-bit prefix (/31 in CIDR notation) supporting 2 - hosts, one for each side of the tunnel. + description: |- + bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + 31-bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. type: string name: - description: Name of the IPsec tunnel. + description: |- + (String) Name of the IPsec tunnel. + Name of the IPsec tunnel. type: string pskSecretRef: - description: Pre shared key to be used with the IPsec tunnel. - If left unset, it will be autogenerated. + description: |- + (String, Sensitive) Pre shared key to be used with the IPsec tunnel. If left unset, it will be autogenerated. + Pre shared key to be used with the IPsec tunnel. If left unset, it will be autogenerated. properties: key: description: The key to select. @@ -202,61 +227,208 @@ spec: - namespace type: object remoteId: - description: ID to be used while setting up the IPsec tunnel. - This value is generated by cloudflare. + description: |- + (String) ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. + ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. type: string userId: - description: '`remote_id` in the form of an email address. This - value is generated by cloudflare.' + description: |- + (String) remote_id in the form of an email address. This value is generated by cloudflare. + `remote_id` in the form of an email address. This value is generated by cloudflare. type: string - required: - - cloudflareEndpoint - - customerEndpoint - - interfaceAddress - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + allowNullCipher: + description: |- + (Boolean) Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to false. + Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to `false`. + type: boolean + cloudflareEndpoint: + description: |- + (String) IP address assigned to the Cloudflare side of the IPsec tunnel. + IP address assigned to the Cloudflare side of the IPsec tunnel. + type: string + customerEndpoint: + description: |- + (String) IP address assigned to the customer side of the IPsec tunnel. + IP address assigned to the customer side of the IPsec tunnel. + type: string + description: + description: |- + (String) An optional description of the IPsec tunnel. + An optional description of the IPsec tunnel. + type: string + fqdnId: + description: |- + (String) remote_id in the form of a fqdn. This value is generated by cloudflare. + `remote_id` in the form of a fqdn. This value is generated by cloudflare. + type: string + healthCheckEnabled: + description: |- + (Boolean) Specifies if ICMP tunnel health checks are enabled. Default: true. + Specifies if ICMP tunnel health checks are enabled. Default: `true`. + type: boolean + healthCheckTarget: + description: |- + (String) The IP address of the customer endpoint that will receive tunnel health checks. Default: . + The IP address of the customer endpoint that will receive tunnel health checks. Default: ``. + type: string + healthCheckType: + description: |- + (String) Specifies the ICMP echo type for the health check (request or reply). Available values: request, reply Default: reply. + Specifies the ICMP echo type for the health check (`request` or `reply`). Available values: `request`, `reply` Default: `reply`. + type: string + hexId: + description: |- + (String) remote_id as a hex string. This value is generated by cloudflare. + `remote_id` as a hex string. This value is generated by cloudflare. + type: string + interfaceAddress: + description: |- + bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + 31-bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + type: string + name: + description: |- + (String) Name of the IPsec tunnel. + Name of the IPsec tunnel. + type: string + remoteId: + description: |- + (String) ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. + ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. + type: string + userId: + description: |- + (String) remote_id in the form of an email address. This value is generated by cloudflare. + `remote_id` in the form of an email address. This value is generated by cloudflare. + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -266,21 +438,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -290,17 +462,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -310,21 +484,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -339,21 +513,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -364,14 +539,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -386,12 +562,100 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.cloudflareEndpoint is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.cloudflareEndpoint) + || (has(self.initProvider) && has(self.initProvider.cloudflareEndpoint))' + - message: spec.forProvider.customerEndpoint is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.customerEndpoint) + || (has(self.initProvider) && has(self.initProvider.customerEndpoint))' + - message: spec.forProvider.interfaceAddress is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.interfaceAddress) + || (has(self.initProvider) && has(self.initProvider.interfaceAddress))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: IPsecTunnelStatus defines the observed state of IPsecTunnel. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + allowNullCipher: + description: |- + (Boolean) Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to false. + Specifies if this tunnel may use a null cipher (ENCR_NULL) in Phase 2. Defaults to `false`. + type: boolean + cloudflareEndpoint: + description: |- + (String) IP address assigned to the Cloudflare side of the IPsec tunnel. + IP address assigned to the Cloudflare side of the IPsec tunnel. + type: string + customerEndpoint: + description: |- + (String) IP address assigned to the customer side of the IPsec tunnel. + IP address assigned to the customer side of the IPsec tunnel. + type: string + description: + description: |- + (String) An optional description of the IPsec tunnel. + An optional description of the IPsec tunnel. + type: string + fqdnId: + description: |- + (String) remote_id in the form of a fqdn. This value is generated by cloudflare. + `remote_id` in the form of a fqdn. This value is generated by cloudflare. + type: string + healthCheckEnabled: + description: |- + (Boolean) Specifies if ICMP tunnel health checks are enabled. Default: true. + Specifies if ICMP tunnel health checks are enabled. Default: `true`. + type: boolean + healthCheckTarget: + description: |- + (String) The IP address of the customer endpoint that will receive tunnel health checks. Default: . + The IP address of the customer endpoint that will receive tunnel health checks. Default: ``. + type: string + healthCheckType: + description: |- + (String) Specifies the ICMP echo type for the health check (request or reply). Available values: request, reply Default: reply. + Specifies the ICMP echo type for the health check (`request` or `reply`). Available values: `request`, `reply` Default: `reply`. + type: string + hexId: + description: |- + (String) remote_id as a hex string. This value is generated by cloudflare. + `remote_id` as a hex string. This value is generated by cloudflare. + type: string id: + description: (String) The ID of this resource. + type: string + interfaceAddress: + description: |- + bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + 31-bit prefix (/31 in CIDR notation) supporting 2 hosts, one for each side of the tunnel. + type: string + name: + description: |- + (String) Name of the IPsec tunnel. + Name of the IPsec tunnel. + type: string + remoteId: + description: |- + (String) ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. + ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare. + type: string + userId: + description: |- + (String) remote_id in the form of an email address. This value is generated by cloudflare. + `remote_id` in the form of an email address. This value is generated by cloudflare. type: string type: object conditions: @@ -400,13 +664,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -417,8 +683,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -427,6 +694,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -435,9 +705,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/magic.cloudflare.upbound.io_staticroutes.yaml b/package/crds/magic.cloudflare.upbound.io_staticroutes.yaml index 4543e99..d837bec 100644 --- a/package/crds/magic.cloudflare.upbound.io_staticroutes.yaml +++ b/package/crds/magic.cloudflare.upbound.io_staticroutes.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: staticroutes.magic.cloudflare.upbound.io spec: group: magic.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: StaticRoute is the Schema for the StaticRoutes API. + description: StaticRoute is the Schema for the StaticRoutes API. Provides + a resource which manages Cloudflare static routes for Magic Transit or Magic + WAN. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - **Modifying this attribute will force creation of a new resource.** + description: |- + The ID of the account where the static route is being created. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,72 +154,193 @@ spec: type: object type: object coloNames: + description: Optional list of Cloudflare colocation names for + this static route. items: type: string type: array coloRegions: + description: Optional list of Cloudflare colocation regions for + this static route. items: type: string type: array description: + description: Description of the static route. type: string nexthop: + description: The nexthop IP address where traffic will be routed + to. type: string prefix: + description: Your network prefix using CIDR notation. type: string priority: + description: The priority for the static route. type: number weight: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + The optional weight for ECMP routes. + **Modifying this attribute will force creation of a new resource.** type: number - required: - - nexthop - - prefix - - priority type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The ID of the account where the static route is being created. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + coloNames: + description: Optional list of Cloudflare colocation names for + this static route. + items: + type: string + type: array + coloRegions: + description: Optional list of Cloudflare colocation regions for + this static route. + items: + type: string + type: array + description: + description: Description of the static route. + type: string + nexthop: + description: The nexthop IP address where traffic will be routed + to. + type: string + prefix: + description: Your network prefix using CIDR notation. + type: string + priority: + description: The priority for the static route. + type: number + weight: + description: |- + The optional weight for ECMP routes. + **Modifying this attribute will force creation of a new resource.** + type: number type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -216,21 +350,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -240,17 +374,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -260,21 +396,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -289,21 +425,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -314,14 +451,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -336,13 +474,61 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.nexthop is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.nexthop) + || (has(self.initProvider) && has(self.initProvider.nexthop))' + - message: spec.forProvider.prefix is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.prefix) + || (has(self.initProvider) && has(self.initProvider.prefix))' + - message: spec.forProvider.priority is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.priority) + || (has(self.initProvider) && has(self.initProvider.priority))' status: description: StaticRouteStatus defines the observed state of StaticRoute. properties: atProvider: properties: + accountId: + description: |- + The ID of the account where the static route is being created. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + coloNames: + description: Optional list of Cloudflare colocation names for + this static route. + items: + type: string + type: array + coloRegions: + description: Optional list of Cloudflare colocation regions for + this static route. + items: + type: string + type: array + description: + description: Description of the static route. + type: string id: type: string + nexthop: + description: The nexthop IP address where traffic will be routed + to. + type: string + prefix: + description: Your network prefix using CIDR notation. + type: string + priority: + description: The priority for the static route. + type: number + weight: + description: |- + The optional weight for ECMP routes. + **Modifying this attribute will force creation of a new resource.** + type: number type: object conditions: description: Conditions of the resource. @@ -350,13 +536,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -367,8 +555,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -377,6 +566,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -385,9 +577,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/notification.cloudflare.upbound.io_policies.yaml b/package/crds/notification.cloudflare.upbound.io_policies.yaml index ca99a2b..9621868 100644 --- a/package/crds/notification.cloudflare.upbound.io_policies.yaml +++ b/package/crds/notification.cloudflare.upbound.io_policies.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: policies.notification.cloudflare.upbound.io spec: group: notification.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Policy is the Schema for the Policys API. + description: Policy is the Schema for the Policys API. Provides a resource, + that manages a notification policy for Cloudflare's products. The delivery + mechanisms supported are email, webhooks, and PagerDuty. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,178 +154,211 @@ spec: type: object type: object alertType: - description: 'The event type that will trigger the dispatch of - a notification. See the developer documentation for descriptions - of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). - Available values: `billing_usage_alert`, `health_check_status_notification`, - `g6_pool_toggle_alert`, `real_origin_monitoring`, `universal_ssl_event_type`, - `dedicated_ssl_certificate_event_type`, `custom_ssl_certificate_event_type`, - `access_custom_certificate_expiration_type`, `zone_aop_custom_certificate_expiration_type`, - `bgp_hijack_notification`, `http_alert_origin_error`, `workers_alert`, - `weekly_account_overview`, `expiring_service_token_alert`, `secondary_dns_all_primaries_failing`, - `secondary_dns_zone_validation_warning`, `secondary_dns_primaries_failing`, - `secondary_dns_zone_successfully_updated`, `dos_attack_l7`, - `dos_attack_l4`, `advanced_ddos_attack_l7_alert`, `advanced_ddos_attack_l4_alert`, - `fbm_volumetric_attack`, `fbm_auto_advertisement`, `load_balancing_pool_enablement_alert`, - `load_balancing_health_alert`, `g6_health_alert`, `http_alert_edge_error`, - `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, - `failing_logpush_job_disabled_alert`, `scriptmonitor_alert_new_hosts`, - `scriptmonitor_alert_new_scripts`, `scriptmonitor_alert_new_malicious_scripts`, - `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_code_change_detections`, - `scriptmonitor_alert_new_max_length_script_url`, `scriptmonitor_alert_new_malicious_hosts`, - `sentinel_alert`, `hostname_aop_custom_certificate_expiration_type`, - `stream_live_notifications`, `block_notification_new_block`, - `block_notification_review_rejected`, `block_notification_review_accepted`, - `web_analytics_metrics_update`, `workers_uptime`.' + description: |- + (String) The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of available alert types. Available values: billing_usage_alert, health_check_status_notification, g6_pool_toggle_alert, real_origin_monitoring, universal_ssl_event_type, dedicated_ssl_certificate_event_type, custom_ssl_certificate_event_type, access_custom_certificate_expiration_type, zone_aop_custom_certificate_expiration_type, bgp_hijack_notification, http_alert_origin_error, workers_alert, weekly_account_overview, expiring_service_token_alert, secondary_dns_all_primaries_failing, secondary_dns_zone_validation_warning, secondary_dns_primaries_failing, secondary_dns_zone_successfully_updated, dos_attack_l7, dos_attack_l4, advanced_ddos_attack_l7_alert, advanced_ddos_attack_l4_alert, fbm_volumetric_attack, fbm_auto_advertisement, load_balancing_pool_enablement_alert, load_balancing_health_alert, g6_health_alert, http_alert_edge_error, clickhouse_alert_fw_anomaly, clickhouse_alert_fw_ent_anomaly, failing_logpush_job_disabled_alert, scriptmonitor_alert_new_hosts, scriptmonitor_alert_new_scripts, scriptmonitor_alert_new_malicious_scripts, scriptmonitor_alert_new_malicious_url, scriptmonitor_alert_new_code_change_detections, scriptmonitor_alert_new_max_length_script_url, scriptmonitor_alert_new_malicious_hosts, sentinel_alert, hostname_aop_custom_certificate_expiration_type, stream_live_notifications, block_notification_new_block, block_notification_review_rejected, block_notification_review_accepted, web_analytics_metrics_update, workers_uptime. + The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `billing_usage_alert`, `health_check_status_notification`, `g6_pool_toggle_alert`, `real_origin_monitoring`, `universal_ssl_event_type`, `dedicated_ssl_certificate_event_type`, `custom_ssl_certificate_event_type`, `access_custom_certificate_expiration_type`, `zone_aop_custom_certificate_expiration_type`, `bgp_hijack_notification`, `http_alert_origin_error`, `workers_alert`, `weekly_account_overview`, `expiring_service_token_alert`, `secondary_dns_all_primaries_failing`, `secondary_dns_zone_validation_warning`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `dos_attack_l7`, `dos_attack_l4`, `advanced_ddos_attack_l7_alert`, `advanced_ddos_attack_l4_alert`, `fbm_volumetric_attack`, `fbm_auto_advertisement`, `load_balancing_pool_enablement_alert`, `load_balancing_health_alert`, `g6_health_alert`, `http_alert_edge_error`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `failing_logpush_job_disabled_alert`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_scripts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_max_length_script_url`, `scriptmonitor_alert_new_malicious_hosts`, `sentinel_alert`, `hostname_aop_custom_certificate_expiration_type`, `stream_live_notifications`, `block_notification_new_block`, `block_notification_review_rejected`, `block_notification_review_accepted`, `web_analytics_metrics_update`, `workers_uptime`. type: string description: - description: Description of the notification policy. + description: |- + (String) Description of the notification policy. + Description of the notification policy. type: string emailIntegration: - description: The email id to which the notification should be - dispatched. One of email, webhooks, or PagerDuty mechanisms - is required. + description: |- + (Block Set) The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. items: properties: id: + description: (String) The ID of this resource. type: string name: + description: (String) The name of the notification policy. type: string - required: - - id type: object type: array enabled: - description: The status of the notification policy. + description: |- + (Boolean) The status of the notification policy. + The status of the notification policy. type: boolean filters: - description: An optional nested block of filters that applies - to the selected `alert_type`. A key-value map that specifies - the type of filter and the values to match against (refer to - the alert type block for available fields). + description: |- + value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). (see below for nested schema) + An optional nested block of filters that applies to the selected `alert_type`. A key-value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). items: properties: enabled: - description: State of the pool to alert on. + description: |- + (Boolean) The status of the notification policy. + State of the pool to alert on. items: type: string type: array + x-kubernetes-list-type: set eventSource: - description: Source configuration to alert on for pool or - origin. + description: |- + (Set of String) Source configuration to alert on for pool or origin. + Source configuration to alert on for pool or origin. items: type: string type: array + x-kubernetes-list-type: set eventType: - description: Stream event type to alert on. + description: |- + (Set of String) Stream event type to alert on. + Stream event type to alert on. items: type: string type: array + x-kubernetes-list-type: set healthCheckId: - description: Identifier health check. Required when using - `filters.0.status`. + description: |- + (Set of String) Identifier health check. Required when using filters.0.status. + Identifier health check. Required when using `filters.0.status`. items: type: string type: array + x-kubernetes-list-type: set inputId: - description: Stream input id to alert on. + description: |- + (Set of String) Stream input id to alert on. + Stream input id to alert on. items: type: string type: array + x-kubernetes-list-type: set limit: - description: 'A numerical limit. Example: `100`.' + description: |- + (Set of String) A numerical limit. Example: 100. + A numerical limit. Example: `100`. items: type: string type: array + x-kubernetes-list-type: set newHealth: - description: Health status to alert on for pool or origin. + description: |- + (Set of String) Health status to alert on for pool or origin. + Health status to alert on for pool or origin. items: type: string type: array + x-kubernetes-list-type: set packetsPerSecond: - description: Packets per second threshold for dos alert. + description: |- + (Set of String) Packets per second threshold for dos alert. + Packets per second threshold for dos alert. items: type: string type: array + x-kubernetes-list-type: set poolId: - description: Load balancer pool identifier. + description: |- + (Set of String) Load balancer pool identifier. + Load balancer pool identifier. items: type: string type: array + x-kubernetes-list-type: set product: - description: 'Product name. Available values: `worker_requests`, - `worker_durable_objects_requests`, `worker_durable_objects_duration`, - `worker_durable_objects_data_transfer`, `worker_durable_objects_stored_data`, - `worker_durable_objects_storage_deletes`, `worker_durable_objects_storage_writes`, - `worker_durable_objects_storage_reads`.' + description: |- + (Set of String) Product name. Available values: worker_requests, worker_durable_objects_requests, worker_durable_objects_duration, worker_durable_objects_data_transfer, worker_durable_objects_stored_data, worker_durable_objects_storage_deletes, worker_durable_objects_storage_writes, worker_durable_objects_storage_reads. + Product name. Available values: `worker_requests`, `worker_durable_objects_requests`, `worker_durable_objects_duration`, `worker_durable_objects_data_transfer`, `worker_durable_objects_stored_data`, `worker_durable_objects_storage_deletes`, `worker_durable_objects_storage_writes`, `worker_durable_objects_storage_reads`. items: type: string type: array + x-kubernetes-list-type: set protocol: - description: Protocol to alert on for dos. + description: |- + (Set of String) Protocol to alert on for dos. + Protocol to alert on for dos. items: type: string type: array + x-kubernetes-list-type: set requestsPerSecond: - description: Requests per second threshold for dos alert. + description: |- + (Set of String) Requests per second threshold for dos alert. + Requests per second threshold for dos alert. items: type: string type: array + x-kubernetes-list-type: set services: + description: (Set of String) items: type: string type: array + x-kubernetes-list-type: set slo: - description: 'A numerical limit. Example: `99.9`.' + description: |- + (Set of String) A numerical limit. Example: 99.9. + A numerical limit. Example: `99.9`. items: type: string type: array + x-kubernetes-list-type: set status: - description: Status to alert on. + description: |- + (Set of String) Status to alert on. + Status to alert on. items: type: string type: array + x-kubernetes-list-type: set targetHost: - description: Target host to alert on for dos. + description: |- + (Set of String) Target host to alert on for dos. + Target host to alert on for dos. items: type: string type: array + x-kubernetes-list-type: set targetZoneName: - description: Target domain to alert on. + description: |- + (Set of String) Target domain to alert on. + Target domain to alert on. items: type: string type: array + x-kubernetes-list-type: set zones: - description: A list of zone identifiers. + description: |- + (Set of String) A list of zone identifiers. + A list of zone identifiers. items: type: string type: array + x-kubernetes-list-type: set type: object type: array name: - description: The name of the notification policy. + description: |- + (String) The name of the notification policy. + The name of the notification policy. type: string pagerdutyIntegration: - description: The unique id of a configured pagerduty endpoint - to which the notification should be dispatched. One of email, - webhooks, or PagerDuty mechanisms is required. + description: |- + (Block Set) The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. items: properties: id: + description: (String) The ID of this resource. type: string name: + description: (String) The name of the notification policy. type: string - required: - - id type: object type: array webhooksIntegration: - description: The unique id of a configured webhooks endpoint to - which the notification should be dispatched. One of email, webhooks, - or PagerDuty mechanisms is required. + description: |- + (Block Set) The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. items: properties: id: + description: (String) The ID of this resource. type: string idRef: description: Reference to a PolicyWebhooks to populate id. @@ -324,22 +371,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is - 'Required', which means the reconcile will fail - if the reference cannot be resolved. 'Optional' - means this reference will be a no-op if it cannot - be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference - should be resolved. The default is 'IfNotPresent', - which will attempt to resolve the reference only - when the corresponding field is not present. Use - 'Always' to resolve the reference on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -352,9 +398,9 @@ spec: description: Selector for a PolicyWebhooks to populate id. properties: matchControllerRef: - description: MatchControllerRef ensures an object with - the same controller reference as the selecting object - is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -367,22 +413,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is - 'Required', which means the reconcile will fail - if the reference cannot be resolved. 'Optional' - means this reference will be a no-op if it cannot - be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference - should be resolved. The default is 'IfNotPresent', - which will attempt to resolve the reference only - when the corresponding field is not present. Use - 'Always' to resolve the reference on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -390,56 +435,424 @@ spec: type: object type: object name: + description: (String) The name of the notification policy. type: string type: object type: array - required: - - alertType - - enabled - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + alertType: + description: |- + (String) The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of available alert types. Available values: billing_usage_alert, health_check_status_notification, g6_pool_toggle_alert, real_origin_monitoring, universal_ssl_event_type, dedicated_ssl_certificate_event_type, custom_ssl_certificate_event_type, access_custom_certificate_expiration_type, zone_aop_custom_certificate_expiration_type, bgp_hijack_notification, http_alert_origin_error, workers_alert, weekly_account_overview, expiring_service_token_alert, secondary_dns_all_primaries_failing, secondary_dns_zone_validation_warning, secondary_dns_primaries_failing, secondary_dns_zone_successfully_updated, dos_attack_l7, dos_attack_l4, advanced_ddos_attack_l7_alert, advanced_ddos_attack_l4_alert, fbm_volumetric_attack, fbm_auto_advertisement, load_balancing_pool_enablement_alert, load_balancing_health_alert, g6_health_alert, http_alert_edge_error, clickhouse_alert_fw_anomaly, clickhouse_alert_fw_ent_anomaly, failing_logpush_job_disabled_alert, scriptmonitor_alert_new_hosts, scriptmonitor_alert_new_scripts, scriptmonitor_alert_new_malicious_scripts, scriptmonitor_alert_new_malicious_url, scriptmonitor_alert_new_code_change_detections, scriptmonitor_alert_new_max_length_script_url, scriptmonitor_alert_new_malicious_hosts, sentinel_alert, hostname_aop_custom_certificate_expiration_type, stream_live_notifications, block_notification_new_block, block_notification_review_rejected, block_notification_review_accepted, web_analytics_metrics_update, workers_uptime. + The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `billing_usage_alert`, `health_check_status_notification`, `g6_pool_toggle_alert`, `real_origin_monitoring`, `universal_ssl_event_type`, `dedicated_ssl_certificate_event_type`, `custom_ssl_certificate_event_type`, `access_custom_certificate_expiration_type`, `zone_aop_custom_certificate_expiration_type`, `bgp_hijack_notification`, `http_alert_origin_error`, `workers_alert`, `weekly_account_overview`, `expiring_service_token_alert`, `secondary_dns_all_primaries_failing`, `secondary_dns_zone_validation_warning`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `dos_attack_l7`, `dos_attack_l4`, `advanced_ddos_attack_l7_alert`, `advanced_ddos_attack_l4_alert`, `fbm_volumetric_attack`, `fbm_auto_advertisement`, `load_balancing_pool_enablement_alert`, `load_balancing_health_alert`, `g6_health_alert`, `http_alert_edge_error`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `failing_logpush_job_disabled_alert`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_scripts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_max_length_script_url`, `scriptmonitor_alert_new_malicious_hosts`, `sentinel_alert`, `hostname_aop_custom_certificate_expiration_type`, `stream_live_notifications`, `block_notification_new_block`, `block_notification_review_rejected`, `block_notification_review_accepted`, `web_analytics_metrics_update`, `workers_uptime`. + type: string + description: + description: |- + (String) Description of the notification policy. + Description of the notification policy. + type: string + emailIntegration: + description: |- + (Block Set) The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. + items: + properties: + id: + description: (String) The ID of this resource. + type: string + name: + description: (String) The name of the notification policy. + type: string + type: object + type: array + enabled: + description: |- + (Boolean) The status of the notification policy. + The status of the notification policy. + type: boolean + filters: + description: |- + value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). (see below for nested schema) + An optional nested block of filters that applies to the selected `alert_type`. A key-value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). + items: + properties: + enabled: + description: |- + (Boolean) The status of the notification policy. + State of the pool to alert on. + items: + type: string + type: array + x-kubernetes-list-type: set + eventSource: + description: |- + (Set of String) Source configuration to alert on for pool or origin. + Source configuration to alert on for pool or origin. + items: + type: string + type: array + x-kubernetes-list-type: set + eventType: + description: |- + (Set of String) Stream event type to alert on. + Stream event type to alert on. + items: + type: string + type: array + x-kubernetes-list-type: set + healthCheckId: + description: |- + (Set of String) Identifier health check. Required when using filters.0.status. + Identifier health check. Required when using `filters.0.status`. + items: + type: string + type: array + x-kubernetes-list-type: set + inputId: + description: |- + (Set of String) Stream input id to alert on. + Stream input id to alert on. + items: + type: string + type: array + x-kubernetes-list-type: set + limit: + description: |- + (Set of String) A numerical limit. Example: 100. + A numerical limit. Example: `100`. + items: + type: string + type: array + x-kubernetes-list-type: set + newHealth: + description: |- + (Set of String) Health status to alert on for pool or origin. + Health status to alert on for pool or origin. + items: + type: string + type: array + x-kubernetes-list-type: set + packetsPerSecond: + description: |- + (Set of String) Packets per second threshold for dos alert. + Packets per second threshold for dos alert. + items: + type: string + type: array + x-kubernetes-list-type: set + poolId: + description: |- + (Set of String) Load balancer pool identifier. + Load balancer pool identifier. + items: + type: string + type: array + x-kubernetes-list-type: set + product: + description: |- + (Set of String) Product name. Available values: worker_requests, worker_durable_objects_requests, worker_durable_objects_duration, worker_durable_objects_data_transfer, worker_durable_objects_stored_data, worker_durable_objects_storage_deletes, worker_durable_objects_storage_writes, worker_durable_objects_storage_reads. + Product name. Available values: `worker_requests`, `worker_durable_objects_requests`, `worker_durable_objects_duration`, `worker_durable_objects_data_transfer`, `worker_durable_objects_stored_data`, `worker_durable_objects_storage_deletes`, `worker_durable_objects_storage_writes`, `worker_durable_objects_storage_reads`. + items: + type: string + type: array + x-kubernetes-list-type: set + protocol: + description: |- + (Set of String) Protocol to alert on for dos. + Protocol to alert on for dos. + items: + type: string + type: array + x-kubernetes-list-type: set + requestsPerSecond: + description: |- + (Set of String) Requests per second threshold for dos alert. + Requests per second threshold for dos alert. + items: + type: string + type: array + x-kubernetes-list-type: set + services: + description: (Set of String) + items: + type: string + type: array + x-kubernetes-list-type: set + slo: + description: |- + (Set of String) A numerical limit. Example: 99.9. + A numerical limit. Example: `99.9`. + items: + type: string + type: array + x-kubernetes-list-type: set + status: + description: |- + (Set of String) Status to alert on. + Status to alert on. + items: + type: string + type: array + x-kubernetes-list-type: set + targetHost: + description: |- + (Set of String) Target host to alert on for dos. + Target host to alert on for dos. + items: + type: string + type: array + x-kubernetes-list-type: set + targetZoneName: + description: |- + (Set of String) Target domain to alert on. + Target domain to alert on. + items: + type: string + type: array + x-kubernetes-list-type: set + zones: + description: |- + (Set of String) A list of zone identifiers. + A list of zone identifiers. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + name: + description: |- + (String) The name of the notification policy. + The name of the notification policy. + type: string + pagerdutyIntegration: + description: |- + (Block Set) The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. + items: + properties: + id: + description: (String) The ID of this resource. + type: string + name: + description: (String) The name of the notification policy. + type: string + type: object + type: array + webhooksIntegration: + description: |- + (Block Set) The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. + items: + properties: + id: + description: (String) The ID of this resource. + type: string + idRef: + description: Reference to a PolicyWebhooks to populate id. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + idSelector: + description: Selector for a PolicyWebhooks to populate id. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + name: + description: (String) The name of the notification policy. + type: string + type: object + type: array type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -449,21 +862,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -473,17 +886,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -493,21 +908,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -522,21 +937,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -547,14 +963,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -569,19 +986,254 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.alertType is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.alertType) + || (has(self.initProvider) && has(self.initProvider.alertType))' + - message: spec.forProvider.enabled is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.enabled) + || (has(self.initProvider) && has(self.initProvider.enabled))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: PolicyStatus defines the observed state of Policy. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string + alertType: + description: |- + (String) The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of available alert types. Available values: billing_usage_alert, health_check_status_notification, g6_pool_toggle_alert, real_origin_monitoring, universal_ssl_event_type, dedicated_ssl_certificate_event_type, custom_ssl_certificate_event_type, access_custom_certificate_expiration_type, zone_aop_custom_certificate_expiration_type, bgp_hijack_notification, http_alert_origin_error, workers_alert, weekly_account_overview, expiring_service_token_alert, secondary_dns_all_primaries_failing, secondary_dns_zone_validation_warning, secondary_dns_primaries_failing, secondary_dns_zone_successfully_updated, dos_attack_l7, dos_attack_l4, advanced_ddos_attack_l7_alert, advanced_ddos_attack_l4_alert, fbm_volumetric_attack, fbm_auto_advertisement, load_balancing_pool_enablement_alert, load_balancing_health_alert, g6_health_alert, http_alert_edge_error, clickhouse_alert_fw_anomaly, clickhouse_alert_fw_ent_anomaly, failing_logpush_job_disabled_alert, scriptmonitor_alert_new_hosts, scriptmonitor_alert_new_scripts, scriptmonitor_alert_new_malicious_scripts, scriptmonitor_alert_new_malicious_url, scriptmonitor_alert_new_code_change_detections, scriptmonitor_alert_new_max_length_script_url, scriptmonitor_alert_new_malicious_hosts, sentinel_alert, hostname_aop_custom_certificate_expiration_type, stream_live_notifications, block_notification_new_block, block_notification_review_rejected, block_notification_review_accepted, web_analytics_metrics_update, workers_uptime. + The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `billing_usage_alert`, `health_check_status_notification`, `g6_pool_toggle_alert`, `real_origin_monitoring`, `universal_ssl_event_type`, `dedicated_ssl_certificate_event_type`, `custom_ssl_certificate_event_type`, `access_custom_certificate_expiration_type`, `zone_aop_custom_certificate_expiration_type`, `bgp_hijack_notification`, `http_alert_origin_error`, `workers_alert`, `weekly_account_overview`, `expiring_service_token_alert`, `secondary_dns_all_primaries_failing`, `secondary_dns_zone_validation_warning`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `dos_attack_l7`, `dos_attack_l4`, `advanced_ddos_attack_l7_alert`, `advanced_ddos_attack_l4_alert`, `fbm_volumetric_attack`, `fbm_auto_advertisement`, `load_balancing_pool_enablement_alert`, `load_balancing_health_alert`, `g6_health_alert`, `http_alert_edge_error`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `failing_logpush_job_disabled_alert`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_scripts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_max_length_script_url`, `scriptmonitor_alert_new_malicious_hosts`, `sentinel_alert`, `hostname_aop_custom_certificate_expiration_type`, `stream_live_notifications`, `block_notification_new_block`, `block_notification_review_rejected`, `block_notification_review_accepted`, `web_analytics_metrics_update`, `workers_uptime`. + type: string created: - description: When the notification policy was created. + description: |- + (String) When the notification policy was created. + When the notification policy was created. type: string + description: + description: |- + (String) Description of the notification policy. + Description of the notification policy. + type: string + emailIntegration: + description: |- + (Block Set) The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + The email id to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. + items: + properties: + id: + description: (String) The ID of this resource. + type: string + name: + description: (String) The name of the notification policy. + type: string + type: object + type: array + enabled: + description: |- + (Boolean) The status of the notification policy. + The status of the notification policy. + type: boolean + filters: + description: |- + value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). (see below for nested schema) + An optional nested block of filters that applies to the selected `alert_type`. A key-value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). + items: + properties: + enabled: + description: |- + (Boolean) The status of the notification policy. + State of the pool to alert on. + items: + type: string + type: array + x-kubernetes-list-type: set + eventSource: + description: |- + (Set of String) Source configuration to alert on for pool or origin. + Source configuration to alert on for pool or origin. + items: + type: string + type: array + x-kubernetes-list-type: set + eventType: + description: |- + (Set of String) Stream event type to alert on. + Stream event type to alert on. + items: + type: string + type: array + x-kubernetes-list-type: set + healthCheckId: + description: |- + (Set of String) Identifier health check. Required when using filters.0.status. + Identifier health check. Required when using `filters.0.status`. + items: + type: string + type: array + x-kubernetes-list-type: set + inputId: + description: |- + (Set of String) Stream input id to alert on. + Stream input id to alert on. + items: + type: string + type: array + x-kubernetes-list-type: set + limit: + description: |- + (Set of String) A numerical limit. Example: 100. + A numerical limit. Example: `100`. + items: + type: string + type: array + x-kubernetes-list-type: set + newHealth: + description: |- + (Set of String) Health status to alert on for pool or origin. + Health status to alert on for pool or origin. + items: + type: string + type: array + x-kubernetes-list-type: set + packetsPerSecond: + description: |- + (Set of String) Packets per second threshold for dos alert. + Packets per second threshold for dos alert. + items: + type: string + type: array + x-kubernetes-list-type: set + poolId: + description: |- + (Set of String) Load balancer pool identifier. + Load balancer pool identifier. + items: + type: string + type: array + x-kubernetes-list-type: set + product: + description: |- + (Set of String) Product name. Available values: worker_requests, worker_durable_objects_requests, worker_durable_objects_duration, worker_durable_objects_data_transfer, worker_durable_objects_stored_data, worker_durable_objects_storage_deletes, worker_durable_objects_storage_writes, worker_durable_objects_storage_reads. + Product name. Available values: `worker_requests`, `worker_durable_objects_requests`, `worker_durable_objects_duration`, `worker_durable_objects_data_transfer`, `worker_durable_objects_stored_data`, `worker_durable_objects_storage_deletes`, `worker_durable_objects_storage_writes`, `worker_durable_objects_storage_reads`. + items: + type: string + type: array + x-kubernetes-list-type: set + protocol: + description: |- + (Set of String) Protocol to alert on for dos. + Protocol to alert on for dos. + items: + type: string + type: array + x-kubernetes-list-type: set + requestsPerSecond: + description: |- + (Set of String) Requests per second threshold for dos alert. + Requests per second threshold for dos alert. + items: + type: string + type: array + x-kubernetes-list-type: set + services: + description: (Set of String) + items: + type: string + type: array + x-kubernetes-list-type: set + slo: + description: |- + (Set of String) A numerical limit. Example: 99.9. + A numerical limit. Example: `99.9`. + items: + type: string + type: array + x-kubernetes-list-type: set + status: + description: |- + (Set of String) Status to alert on. + Status to alert on. + items: + type: string + type: array + x-kubernetes-list-type: set + targetHost: + description: |- + (Set of String) Target host to alert on for dos. + Target host to alert on for dos. + items: + type: string + type: array + x-kubernetes-list-type: set + targetZoneName: + description: |- + (Set of String) Target domain to alert on. + Target domain to alert on. + items: + type: string + type: array + x-kubernetes-list-type: set + zones: + description: |- + (Set of String) A list of zone identifiers. + A list of zone identifiers. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array id: + description: (String) The ID of this resource. type: string modified: - description: When the notification policy was last modified. + description: |- + (String) When the notification policy was last modified. + When the notification policy was last modified. + type: string + name: + description: |- + (String) The name of the notification policy. + The name of the notification policy. type: string + pagerdutyIntegration: + description: |- + (Block Set) The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + The unique id of a configured pagerduty endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. + items: + properties: + id: + description: (String) The ID of this resource. + type: string + name: + description: (String) The name of the notification policy. + type: string + type: object + type: array + webhooksIntegration: + description: |- + (Block Set) The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. (see below for nested schema) + The unique id of a configured webhooks endpoint to which the notification should be dispatched. One of email, webhooks, or PagerDuty mechanisms is required. + items: + properties: + id: + description: (String) The ID of this resource. + type: string + name: + description: (String) The name of the notification policy. + type: string + type: object + type: array type: object conditions: description: Conditions of the resource. @@ -589,13 +1241,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -606,8 +1260,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -616,6 +1271,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -624,9 +1282,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/notification.cloudflare.upbound.io_policywebhooks.yaml b/package/crds/notification.cloudflare.upbound.io_policywebhooks.yaml index 9d756b7..858defc 100644 --- a/package/crds/notification.cloudflare.upbound.io_policywebhooks.yaml +++ b/package/crds/notification.cloudflare.upbound.io_policywebhooks.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: policywebhooks.notification.cloudflare.upbound.io spec: group: notification.cloudflare.upbound.io @@ -35,18 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: PolicyWebhooks is the Schema for the PolicyWebhookss API. + description: PolicyWebhooks is the Schema for the PolicyWebhookss API. Provides + a resource to create and manage webhooks destinations for Cloudflare's notification + policies. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,7 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + The ID of the account for which the webhook destination has to be connected. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,56 +154,157 @@ spec: type: object type: object name: + description: The name of the webhook destination. type: string secret: + description: |- + An optional secret can be provided that will be passed in the cf-webhook-auth header when dispatching a webhook notification. + Secrets are not returned in any API response body. + Refer to the documentation for more details - https://api.cloudflare.com/#notification-webhooks-create-webhook. type: string url: + description: The URL of the webhook destinations. type: string - required: - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The ID of the account for which the webhook destination has to be connected. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + name: + description: The name of the webhook destination. + type: string + secret: + description: |- + An optional secret can be provided that will be passed in the cf-webhook-auth header when dispatching a webhook notification. + Secrets are not returned in any API response body. + Refer to the documentation for more details - https://api.cloudflare.com/#notification-webhooks-create-webhook. + type: string + url: + description: The URL of the webhook destinations. + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -200,21 +314,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -224,17 +338,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -244,21 +360,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -273,21 +389,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -298,14 +415,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -320,11 +438,21 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: PolicyWebhooksStatus defines the observed state of PolicyWebhooks. properties: atProvider: properties: + accountId: + description: |- + The ID of the account for which the webhook destination has to be connected. + The account identifier to target for the resource. + type: string createdAt: type: string id: @@ -333,8 +461,20 @@ spec: type: string lastSuccess: type: string + name: + description: The name of the webhook destination. + type: string + secret: + description: |- + An optional secret can be provided that will be passed in the cf-webhook-auth header when dispatching a webhook notification. + Secrets are not returned in any API response body. + Refer to the documentation for more details - https://api.cloudflare.com/#notification-webhooks-create-webhook. + type: string type: type: string + url: + description: The URL of the webhook destinations. + type: string type: object conditions: description: Conditions of the resource. @@ -342,13 +482,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -359,8 +501,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -369,6 +512,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -377,9 +523,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/originca.cloudflare.upbound.io_certificates.yaml b/package/crds/originca.cloudflare.upbound.io_certificates.yaml index ba28c42..f7336a0 100644 --- a/package/crds/originca.cloudflare.upbound.io_certificates.yaml +++ b/package/crds/originca.cloudflare.upbound.io_certificates.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: certificates.originca.cloudflare.upbound.io spec: group: originca.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Certificate is the Schema for the Certificates API. + description: Certificate is the Schema for the Certificates API. Provides + a Cloudflare Origin CA certificate used to protect traffic to your origin + without involving a third party Certificate Authority. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,75 +75,104 @@ spec: forProvider: properties: csr: - description: The Certificate Signing Request. Must be newline-encoded. - **Modifying this attribute will force creation of a new resource.** + description: |- + encoded. Modifying this attribute will force creation of a new resource. + The Certificate Signing Request. Must be newline-encoded. **Modifying this attribute will force creation of a new resource.** type: string hostnames: - description: A list of hostnames or wildcard names bound to the - certificate. **Modifying this attribute will force creation - of a new resource.** + description: |- + (Set of String) A list of hostnames or wildcard names bound to the certificate. Modifying this attribute will force creation of a new resource. + A list of hostnames or wildcard names bound to the certificate. **Modifying this attribute will force creation of a new resource.** items: type: string type: array + x-kubernetes-list-type: set minDaysForRenewal: type: number requestType: - description: 'The signature type desired on the certificate. Available - values: `origin-rsa`, `origin-ecc`, `keyless-certificate`. **Modifying - this attribute will force creation of a new resource.**' + description: |- + rsa, origin-ecc, keyless-certificate. Modifying this attribute will force creation of a new resource. + The signature type desired on the certificate. Available values: `origin-rsa`, `origin-ecc`, `keyless-certificate`. **Modifying this attribute will force creation of a new resource.** type: string requestedValidity: - description: 'The number of days for which the certificate should - be valid. Available values: `7`, `30`, `90`, `365`, `730`, `1095`, - `5475`. **Modifying this attribute will force creation of a - new resource.**' + description: |- + (Number) The number of days for which the certificate should be valid. Available values: 7, 30, 90, 365, 730, 1095, 5475. Modifying this attribute will force creation of a new resource. + The number of days for which the certificate should be valid. Available values: `7`, `30`, `90`, `365`, `730`, `1095`, `5475`. **Modifying this attribute will force creation of a new resource.** type: number - required: - - hostnames - - requestType type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + csr: + description: |- + encoded. Modifying this attribute will force creation of a new resource. + The Certificate Signing Request. Must be newline-encoded. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name + hostnames: + description: |- + (Set of String) A list of hostnames or wildcard names bound to the certificate. Modifying this attribute will force creation of a new resource. + A list of hostnames or wildcard names bound to the certificate. **Modifying this attribute will force creation of a new resource.** + items: + type: string + type: array + x-kubernetes-list-type: set + minDaysForRenewal: + type: number + requestType: + description: |- + rsa, origin-ecc, keyless-certificate. Modifying this attribute will force creation of a new resource. + The signature type desired on the certificate. Available values: `origin-rsa`, `origin-ecc`, `keyless-certificate`. **Modifying this attribute will force creation of a new resource.** + type: string + requestedValidity: + description: |- + (Number) The number of days for which the certificate should be valid. Available values: 7, 30, 90, 365, 730, 1095, 5475. Modifying this attribute will force creation of a new resource. + The number of days for which the certificate should be valid. Available values: `7`, `30`, `90`, `365`, `730`, `1095`, `5475`. **Modifying this attribute will force creation of a new resource.** + type: number type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -142,21 +182,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -166,17 +206,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -186,21 +228,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -215,21 +257,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -240,14 +283,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -262,19 +306,58 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.hostnames is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.hostnames) + || (has(self.initProvider) && has(self.initProvider.hostnames))' + - message: spec.forProvider.requestType is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.requestType) + || (has(self.initProvider) && has(self.initProvider.requestType))' status: description: CertificateStatus defines the observed state of Certificate. properties: atProvider: properties: certificate: - description: The Origin CA certificate. + description: |- + (String) The Origin CA certificate. + The Origin CA certificate. + type: string + csr: + description: |- + encoded. Modifying this attribute will force creation of a new resource. + The Certificate Signing Request. Must be newline-encoded. **Modifying this attribute will force creation of a new resource.** type: string expiresOn: - description: The datetime when the certificate will expire. + description: |- + (String) The datetime when the certificate will expire. + The datetime when the certificate will expire. type: string + hostnames: + description: |- + (Set of String) A list of hostnames or wildcard names bound to the certificate. Modifying this attribute will force creation of a new resource. + A list of hostnames or wildcard names bound to the certificate. **Modifying this attribute will force creation of a new resource.** + items: + type: string + type: array + x-kubernetes-list-type: set id: + description: (String) The ID of this resource. type: string + minDaysForRenewal: + type: number + requestType: + description: |- + rsa, origin-ecc, keyless-certificate. Modifying this attribute will force creation of a new resource. + The signature type desired on the certificate. Available values: `origin-rsa`, `origin-ecc`, `keyless-certificate`. **Modifying this attribute will force creation of a new resource.** + type: string + requestedValidity: + description: |- + (Number) The number of days for which the certificate should be valid. Available values: 7, 30, 90, 365, 730, 1095, 5475. Modifying this attribute will force creation of a new resource. + The number of days for which the certificate should be valid. Available values: `7`, `30`, `90`, `365`, `730`, `1095`, `5475`. **Modifying this attribute will force creation of a new resource.** + type: number type: object conditions: description: Conditions of the resource. @@ -282,13 +365,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -299,8 +384,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -309,6 +395,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -317,9 +406,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/page.cloudflare.upbound.io_rules.yaml b/package/crds/page.cloudflare.upbound.io_rules.yaml index b917b77..4bd28ea 100644 --- a/package/crds/page.cloudflare.upbound.io_rules.yaml +++ b/package/crds/page.cloudflare.upbound.io_rules.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: rules.page.cloudflare.upbound.io spec: group: page.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Rule is the Schema for the Rules API. + description: Rule is the Schema for the Rules API. Provides a Cloudflare page + rule resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,207 +74,316 @@ spec: forProvider: properties: actions: + description: The actions taken by the page rule, options given + below. items: properties: alwaysUseHttps: - description: Defaults to `false`. + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. type: boolean automaticHttpsRewrites: + description: Whether this action is "on" or "off". type: string browserCacheTtl: + description: The Time To Live for the browser cache. 0 means + 'Respect Existing Headers' type: string browserCheck: + description: Whether this action is "on" or "off". type: string bypassCacheOnCookie: + description: String value of cookie name to conditionally + bypass cache the page. type: string cacheByDeviceType: + description: Whether this action is "on" or "off". type: string cacheDeceptionArmor: + description: Whether this action is "on" or "off". type: string cacheKeyFields: + description: Controls how Cloudflare creates Cache Keys + used to identify files in cache. See below for full description. items: properties: cookie: + description: 'Controls what cookies go into Cache + Key:' items: properties: checkPresence: + description: Check for presence of specified + cookies, without including their actual values. items: type: string type: array + x-kubernetes-list-type: set include: + description: Use values of specified cookies + in Cache Key. items: type: string type: array + x-kubernetes-list-type: set type: object type: array header: + description: 'Controls what HTTP headers go into Cache + Key:' items: properties: checkPresence: + description: Check for presence of specified + cookies, without including their actual values. items: type: string type: array + x-kubernetes-list-type: set exclude: + description: Exclude these HTTP headers from + Cache Key. Currently, only the Origin header + can be excluded. items: type: string type: array + x-kubernetes-list-type: set include: + description: Use values of specified cookies + in Cache Key. items: type: string type: array + x-kubernetes-list-type: set type: object type: array host: + description: 'Controls which Host header goes into + Cache Key:' items: properties: resolved: - description: Defaults to `false`. + description: |- + false (default) - includes the Host header in the HTTP request sent to the origin; true - includes the Host header that was resolved to get the origin IP for the request (e.g. changed with Resolve Override Page Rule). + Defaults to `false`. type: boolean type: object type: array queryString: + description: Controls which URL query string parameters + go into the Cache Key. items: properties: exclude: + description: Exclude these HTTP headers from + Cache Key. Currently, only the Origin header + can be excluded. items: type: string type: array + x-kubernetes-list-type: set ignore: + description: false (default) - all query string + parameters are used for Cache Key, unless + explicitly excluded; true - all query string + parameters are ignored; value should be false + if any of exclude or include is non-empty. type: boolean include: + description: Use values of specified cookies + in Cache Key. items: type: string type: array + x-kubernetes-list-type: set type: object type: array user: + description: Controls which end user-related features + go into the Cache Key. items: properties: deviceType: + description: true - classifies a request as + “mobile”, “desktop”, or “tablet” based on + the User Agent; defaults to false. type: boolean geo: + description: true - includes the client’s country, + derived from the IP address; defaults to false. type: boolean lang: + description: true - includes the first language + code contained in the Accept-Language header + sent by the client; defaults to false. type: boolean type: object type: array - required: - - cookie - - header - - host - - queryString - - user type: object type: array cacheLevel: + description: Whether to set the cache level to "bypass", + "basic", "simplified", "aggressive", or "cache_everything". type: string cacheOnCookie: + description: String value of cookie name to conditionally + cache the page. type: string cacheTtlByStatus: + description: Set cache TTL based on the response status + from the origin web server. Can be specified multiple + times. See below for full description. items: properties: codes: + description: A HTTP code (e.g. 404) or range of codes + (e.g. 400-499) type: string ttl: + description: Duration a resource lives in the Cloudflare + cache. type: number - required: - - codes - - ttl type: object type: array disableApps: - description: Defaults to `false`. + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. type: boolean disablePerformance: - description: Defaults to `false`. + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. type: boolean disableRailgun: - description: Defaults to `false`. + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. type: boolean disableSecurity: - description: Defaults to `false`. + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. type: boolean disableZaraz: - description: Defaults to `false`. + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. type: boolean edgeCacheTtl: + description: The Time To Live for the edge cache. type: number emailObfuscation: + description: Whether this action is "on" or "off". type: string explicitCacheControl: + description: Whether origin Cache-Control action is "on" + or "off". type: string forwardingUrl: + description: The URL to forward to, and with what status. + See below. items: properties: statusCode: + description: The status code to use for the redirection. type: number url: + description: The URL to which the page rule should + forward. type: string - required: - - statusCode - - url type: object type: array hostHeaderOverride: + description: Value of the Host header to send. type: string ipGeolocation: + description: Whether this action is "on" or "off". type: string minify: + description: The configuration for HTML, CSS and JS minification. + See below for full list of options. items: properties: css: + description: Whether CSS should be minified. Valid + values are "on" or "off". type: string html: + description: Whether HTML should be minified. Valid + values are "on" or "off". type: string js: + description: Whether Javascript should be minified. + Valid values are "on" or "off". type: string - required: - - css - - html - - js type: object type: array mirage: + description: Whether this action is "on" or "off". type: string opportunisticEncryption: + description: Whether this action is "on" or "off". type: string originErrorPagePassThru: + description: Whether this action is "on" or "off". type: string polish: + description: Whether this action is "off", "lossless" or + "lossy". type: string resolveOverride: + description: Overridden origin server name. type: string respectStrongEtag: + description: Whether this action is "on" or "off". type: string responseBuffering: + description: Whether this action is "on" or "off". type: string rocketLoader: + description: Whether to set the rocket loader to "on", "off". type: string securityLevel: + description: Whether to set the security level to "off", + "essentially_off", "low", "medium", "high", or "under_attack". type: string serverSideExclude: + description: Whether this action is "on" or "off". type: string sortQueryStringForCache: + description: Whether this action is "on" or "off". type: string ssl: + description: Whether to set the SSL mode to "off", "flexible", + "full", "strict", or "origin_pull". type: string trueClientIpHeader: + description: Whether this action is "on" or "off". type: string waf: + description: Whether this action is "on" or "off". type: string type: object type: array priority: - description: Defaults to `1`. + description: |- + The priority of the page rule among others for this target, the higher the number the higher the priority as per API documentation. + Defaults to `1`. type: number status: - description: Defaults to `active`. + description: |- + Whether the page rule is active or disabled. + Defaults to `active`. type: string target: + description: The URL pattern to target with the page rule. type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + The DNS zone ID to which the page rule should be added. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -277,21 +396,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -304,8 +423,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -318,73 +438,462 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - actions - - target type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + actions: + description: The actions taken by the page rule, options given + below. + items: + properties: + alwaysUseHttps: + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. + type: boolean + automaticHttpsRewrites: + description: Whether this action is "on" or "off". + type: string + browserCacheTtl: + description: The Time To Live for the browser cache. 0 means + 'Respect Existing Headers' + type: string + browserCheck: + description: Whether this action is "on" or "off". + type: string + bypassCacheOnCookie: + description: String value of cookie name to conditionally + bypass cache the page. + type: string + cacheByDeviceType: + description: Whether this action is "on" or "off". + type: string + cacheDeceptionArmor: + description: Whether this action is "on" or "off". + type: string + cacheKeyFields: + description: Controls how Cloudflare creates Cache Keys + used to identify files in cache. See below for full description. + items: + properties: + cookie: + description: 'Controls what cookies go into Cache + Key:' + items: + properties: + checkPresence: + description: Check for presence of specified + cookies, without including their actual values. + items: + type: string + type: array + x-kubernetes-list-type: set + include: + description: Use values of specified cookies + in Cache Key. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + header: + description: 'Controls what HTTP headers go into Cache + Key:' + items: + properties: + checkPresence: + description: Check for presence of specified + cookies, without including their actual values. + items: + type: string + type: array + x-kubernetes-list-type: set + exclude: + description: Exclude these HTTP headers from + Cache Key. Currently, only the Origin header + can be excluded. + items: + type: string + type: array + x-kubernetes-list-type: set + include: + description: Use values of specified cookies + in Cache Key. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + host: + description: 'Controls which Host header goes into + Cache Key:' + items: + properties: + resolved: + description: |- + false (default) - includes the Host header in the HTTP request sent to the origin; true - includes the Host header that was resolved to get the origin IP for the request (e.g. changed with Resolve Override Page Rule). + Defaults to `false`. + type: boolean + type: object + type: array + queryString: + description: Controls which URL query string parameters + go into the Cache Key. + items: + properties: + exclude: + description: Exclude these HTTP headers from + Cache Key. Currently, only the Origin header + can be excluded. + items: + type: string + type: array + x-kubernetes-list-type: set + ignore: + description: false (default) - all query string + parameters are used for Cache Key, unless + explicitly excluded; true - all query string + parameters are ignored; value should be false + if any of exclude or include is non-empty. + type: boolean + include: + description: Use values of specified cookies + in Cache Key. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + user: + description: Controls which end user-related features + go into the Cache Key. + items: + properties: + deviceType: + description: true - classifies a request as + “mobile”, “desktop”, or “tablet” based on + the User Agent; defaults to false. + type: boolean + geo: + description: true - includes the client’s country, + derived from the IP address; defaults to false. + type: boolean + lang: + description: true - includes the first language + code contained in the Accept-Language header + sent by the client; defaults to false. + type: boolean + type: object + type: array + type: object + type: array + cacheLevel: + description: Whether to set the cache level to "bypass", + "basic", "simplified", "aggressive", or "cache_everything". + type: string + cacheOnCookie: + description: String value of cookie name to conditionally + cache the page. + type: string + cacheTtlByStatus: + description: Set cache TTL based on the response status + from the origin web server. Can be specified multiple + times. See below for full description. + items: + properties: + codes: + description: A HTTP code (e.g. 404) or range of codes + (e.g. 400-499) + type: string + ttl: + description: Duration a resource lives in the Cloudflare + cache. + type: number + type: object + type: array + disableApps: + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. + type: boolean + disablePerformance: + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. + type: boolean + disableRailgun: + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. + type: boolean + disableSecurity: + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. + type: boolean + disableZaraz: + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. + type: boolean + edgeCacheTtl: + description: The Time To Live for the edge cache. + type: number + emailObfuscation: + description: Whether this action is "on" or "off". + type: string + explicitCacheControl: + description: Whether origin Cache-Control action is "on" + or "off". + type: string + forwardingUrl: + description: The URL to forward to, and with what status. + See below. + items: + properties: + statusCode: + description: The status code to use for the redirection. + type: number + url: + description: The URL to which the page rule should + forward. + type: string + type: object + type: array + hostHeaderOverride: + description: Value of the Host header to send. + type: string + ipGeolocation: + description: Whether this action is "on" or "off". + type: string + minify: + description: The configuration for HTML, CSS and JS minification. + See below for full list of options. + items: + properties: + css: + description: Whether CSS should be minified. Valid + values are "on" or "off". + type: string + html: + description: Whether HTML should be minified. Valid + values are "on" or "off". + type: string + js: + description: Whether Javascript should be minified. + Valid values are "on" or "off". + type: string + type: object + type: array + mirage: + description: Whether this action is "on" or "off". + type: string + opportunisticEncryption: + description: Whether this action is "on" or "off". + type: string + originErrorPagePassThru: + description: Whether this action is "on" or "off". + type: string + polish: + description: Whether this action is "off", "lossless" or + "lossy". + type: string + resolveOverride: + description: Overridden origin server name. + type: string + respectStrongEtag: + description: Whether this action is "on" or "off". + type: string + responseBuffering: + description: Whether this action is "on" or "off". + type: string + rocketLoader: + description: Whether to set the rocket loader to "on", "off". + type: string + securityLevel: + description: Whether to set the security level to "off", + "essentially_off", "low", "medium", "high", or "under_attack". + type: string + serverSideExclude: + description: Whether this action is "on" or "off". + type: string + sortQueryStringForCache: + description: Whether this action is "on" or "off". + type: string + ssl: + description: Whether to set the SSL mode to "off", "flexible", + "full", "strict", or "origin_pull". + type: string + trueClientIpHeader: + description: Whether this action is "on" or "off". + type: string + waf: + description: Whether this action is "on" or "off". + type: string + type: object + type: array + priority: + description: |- + The priority of the page rule among others for this target, the higher the number the higher the priority as per API documentation. + Defaults to `1`. + type: number + status: + description: |- + Whether the page rule is active or disabled. + Defaults to `active`. type: string - policy: - description: Policies for referencing. + target: + description: The URL pattern to target with the page rule. + type: string + zoneId: + description: |- + The DNS zone ID to which the page rule should be added. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -394,21 +903,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -418,17 +927,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -438,21 +949,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -467,21 +978,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -492,14 +1004,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -514,12 +1027,334 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.actions is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.actions) + || (has(self.initProvider) && has(self.initProvider.actions))' + - message: spec.forProvider.target is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.target) + || (has(self.initProvider) && has(self.initProvider.target))' status: description: RuleStatus defines the observed state of Rule. properties: atProvider: properties: + actions: + description: The actions taken by the page rule, options given + below. + items: + properties: + alwaysUseHttps: + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. + type: boolean + automaticHttpsRewrites: + description: Whether this action is "on" or "off". + type: string + browserCacheTtl: + description: The Time To Live for the browser cache. 0 means + 'Respect Existing Headers' + type: string + browserCheck: + description: Whether this action is "on" or "off". + type: string + bypassCacheOnCookie: + description: String value of cookie name to conditionally + bypass cache the page. + type: string + cacheByDeviceType: + description: Whether this action is "on" or "off". + type: string + cacheDeceptionArmor: + description: Whether this action is "on" or "off". + type: string + cacheKeyFields: + description: Controls how Cloudflare creates Cache Keys + used to identify files in cache. See below for full description. + items: + properties: + cookie: + description: 'Controls what cookies go into Cache + Key:' + items: + properties: + checkPresence: + description: Check for presence of specified + cookies, without including their actual values. + items: + type: string + type: array + x-kubernetes-list-type: set + include: + description: Use values of specified cookies + in Cache Key. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + header: + description: 'Controls what HTTP headers go into Cache + Key:' + items: + properties: + checkPresence: + description: Check for presence of specified + cookies, without including their actual values. + items: + type: string + type: array + x-kubernetes-list-type: set + exclude: + description: Exclude these HTTP headers from + Cache Key. Currently, only the Origin header + can be excluded. + items: + type: string + type: array + x-kubernetes-list-type: set + include: + description: Use values of specified cookies + in Cache Key. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + host: + description: 'Controls which Host header goes into + Cache Key:' + items: + properties: + resolved: + description: |- + false (default) - includes the Host header in the HTTP request sent to the origin; true - includes the Host header that was resolved to get the origin IP for the request (e.g. changed with Resolve Override Page Rule). + Defaults to `false`. + type: boolean + type: object + type: array + queryString: + description: Controls which URL query string parameters + go into the Cache Key. + items: + properties: + exclude: + description: Exclude these HTTP headers from + Cache Key. Currently, only the Origin header + can be excluded. + items: + type: string + type: array + x-kubernetes-list-type: set + ignore: + description: false (default) - all query string + parameters are used for Cache Key, unless + explicitly excluded; true - all query string + parameters are ignored; value should be false + if any of exclude or include is non-empty. + type: boolean + include: + description: Use values of specified cookies + in Cache Key. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + user: + description: Controls which end user-related features + go into the Cache Key. + items: + properties: + deviceType: + description: true - classifies a request as + “mobile”, “desktop”, or “tablet” based on + the User Agent; defaults to false. + type: boolean + geo: + description: true - includes the client’s country, + derived from the IP address; defaults to false. + type: boolean + lang: + description: true - includes the first language + code contained in the Accept-Language header + sent by the client; defaults to false. + type: boolean + type: object + type: array + type: object + type: array + cacheLevel: + description: Whether to set the cache level to "bypass", + "basic", "simplified", "aggressive", or "cache_everything". + type: string + cacheOnCookie: + description: String value of cookie name to conditionally + cache the page. + type: string + cacheTtlByStatus: + description: Set cache TTL based on the response status + from the origin web server. Can be specified multiple + times. See below for full description. + items: + properties: + codes: + description: A HTTP code (e.g. 404) or range of codes + (e.g. 400-499) + type: string + ttl: + description: Duration a resource lives in the Cloudflare + cache. + type: number + type: object + type: array + disableApps: + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. + type: boolean + disablePerformance: + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. + type: boolean + disableRailgun: + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. + type: boolean + disableSecurity: + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. + type: boolean + disableZaraz: + description: |- + Boolean of whether this action is enabled. Default: false. + Defaults to `false`. + type: boolean + edgeCacheTtl: + description: The Time To Live for the edge cache. + type: number + emailObfuscation: + description: Whether this action is "on" or "off". + type: string + explicitCacheControl: + description: Whether origin Cache-Control action is "on" + or "off". + type: string + forwardingUrl: + description: The URL to forward to, and with what status. + See below. + items: + properties: + statusCode: + description: The status code to use for the redirection. + type: number + url: + description: The URL to which the page rule should + forward. + type: string + type: object + type: array + hostHeaderOverride: + description: Value of the Host header to send. + type: string + ipGeolocation: + description: Whether this action is "on" or "off". + type: string + minify: + description: The configuration for HTML, CSS and JS minification. + See below for full list of options. + items: + properties: + css: + description: Whether CSS should be minified. Valid + values are "on" or "off". + type: string + html: + description: Whether HTML should be minified. Valid + values are "on" or "off". + type: string + js: + description: Whether Javascript should be minified. + Valid values are "on" or "off". + type: string + type: object + type: array + mirage: + description: Whether this action is "on" or "off". + type: string + opportunisticEncryption: + description: Whether this action is "on" or "off". + type: string + originErrorPagePassThru: + description: Whether this action is "on" or "off". + type: string + polish: + description: Whether this action is "off", "lossless" or + "lossy". + type: string + resolveOverride: + description: Overridden origin server name. + type: string + respectStrongEtag: + description: Whether this action is "on" or "off". + type: string + responseBuffering: + description: Whether this action is "on" or "off". + type: string + rocketLoader: + description: Whether to set the rocket loader to "on", "off". + type: string + securityLevel: + description: Whether to set the security level to "off", + "essentially_off", "low", "medium", "high", or "under_attack". + type: string + serverSideExclude: + description: Whether this action is "on" or "off". + type: string + sortQueryStringForCache: + description: Whether this action is "on" or "off". + type: string + ssl: + description: Whether to set the SSL mode to "off", "flexible", + "full", "strict", or "origin_pull". + type: string + trueClientIpHeader: + description: Whether this action is "on" or "off". + type: string + waf: + description: Whether this action is "on" or "off". + type: string + type: object + type: array id: + description: The page rule ID. + type: string + priority: + description: |- + The priority of the page rule among others for this target, the higher the number the higher the priority as per API documentation. + Defaults to `1`. + type: number + status: + description: |- + Whether the page rule is active or disabled. + Defaults to `active`. + type: string + target: + description: The URL pattern to target with the page rule. + type: string + zoneId: + description: |- + The DNS zone ID to which the page rule should be added. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -528,13 +1363,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -545,8 +1382,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -555,6 +1393,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -563,9 +1404,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/pages.cloudflare.upbound.io_domains.yaml b/package/crds/pages.cloudflare.upbound.io_domains.yaml index 7f06c97..5982a92 100644 --- a/package/crds/pages.cloudflare.upbound.io_domains.yaml +++ b/package/crds/pages.cloudflare.upbound.io_domains.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: domains.pages.cloudflare.upbound.io spec: group: pages.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Domain is the Schema for the Domains API. + description: Domain is the Schema for the Domains API. Provides a resource + for managing Cloudflare Pages domains. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - **Modifying this attribute will force creation of a new resource.** + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,12 +153,14 @@ spec: type: object type: object domain: - description: Custom domain. **Modifying this attribute will force - creation of a new resource.** + description: |- + (String) Custom domain. Modifying this attribute will force creation of a new resource. + Custom domain. **Modifying this attribute will force creation of a new resource.** type: string projectName: - description: Name of the Pages Project. **Modifying this attribute - will force creation of a new resource.** + description: |- + (String) Name of the Pages Project. Modifying this attribute will force creation of a new resource. + Name of the Pages Project. **Modifying this attribute will force creation of a new resource.** type: string projectNameRef: description: Reference to a Project to populate projectName. @@ -159,21 +173,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -186,8 +200,9 @@ spec: description: Selector for a Project to populate projectName. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -200,72 +215,239 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - domain type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + domain: + description: |- + (String) Custom domain. Modifying this attribute will force creation of a new resource. + Custom domain. **Modifying this attribute will force creation of a new resource.** + type: string + projectName: + description: |- + (String) Name of the Pages Project. Modifying this attribute will force creation of a new resource. + Name of the Pages Project. **Modifying this attribute will force creation of a new resource.** + type: string + projectNameRef: + description: Reference to a Project to populate projectName. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + projectNameSelector: + description: Selector for a Project to populate projectName. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -275,21 +457,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -299,17 +481,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -319,21 +503,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -348,21 +532,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -373,14 +558,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -395,15 +581,38 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.domain is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.domain) + || (has(self.initProvider) && has(self.initProvider.domain))' status: description: DomainStatus defines the observed state of Domain. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The account identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + domain: + description: |- + (String) Custom domain. Modifying this attribute will force creation of a new resource. + Custom domain. **Modifying this attribute will force creation of a new resource.** + type: string id: + description: (String) The ID of this resource. + type: string + projectName: + description: |- + (String) Name of the Pages Project. Modifying this attribute will force creation of a new resource. + Name of the Pages Project. **Modifying this attribute will force creation of a new resource.** type: string status: - description: Status of the custom domain. + description: |- + (String) Status of the custom domain. + Status of the custom domain. type: string type: object conditions: @@ -412,13 +621,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -429,8 +640,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -439,6 +651,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -447,9 +662,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/pages.cloudflare.upbound.io_projects.yaml b/package/crds/pages.cloudflare.upbound.io_projects.yaml index 359add3..3df1364 100644 --- a/package/crds/pages.cloudflare.upbound.io_projects.yaml +++ b/package/crds/pages.cloudflare.upbound.io_projects.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: projects.pages.cloudflare.upbound.io spec: group: pages.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Project is the Schema for the Projects API. + description: Project is the Schema for the Projects API. Provides a resource + which manages Cloudflare Pages projects. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,220 +153,615 @@ spec: type: object type: object buildConfig: - description: Configuration for the project build process. + description: |- + (Block List, Max: 1) Configuration for the project build process. (see below for nested schema) + Configuration for the project build process. items: properties: buildCommand: - description: Command used to build project. + description: |- + (String) Command used to build project. + Command used to build project. type: string destinationDir: - description: Output directory of the build. + description: |- + (String) Output directory of the build. + Output directory of the build. type: string rootDir: - description: Directory to run the command. + description: |- + (String) Directory to run the command. + Directory to run the command. type: string webAnalyticsTag: - description: The classifying tag for analytics. + description: |- + (String) The classifying tag for analytics. + The classifying tag for analytics. type: string webAnalyticsToken: - description: The auth token for analytics. + description: |- + (String) The auth token for analytics. + The auth token for analytics. type: string type: object type: array deploymentConfigs: - description: Configuration for deployments in a project. + description: |- + (Block List, Max: 1) Configuration for deployments in a project. (see below for nested schema) + Configuration for deployments in a project. items: properties: preview: - description: Configuration for preview deploys. + description: |- + (Block List, Max: 1) Configuration for preview deploys. (see below for nested schema) + Configuration for preview deploys. items: properties: compatibilityDate: - description: Compatibility date used for Pages Functions. + description: |- + (String) Compatibility date used for Pages Functions. + Compatibility date used for Pages Functions. type: string compatibilityFlags: - description: Compatibility flags used for Pages Functions. + description: |- + (List of String) Compatibility flags used for Pages Functions. + Compatibility flags used for Pages Functions. items: type: string type: array d1Databases: additionalProperties: type: string - description: D1 Databases used for Pages Functions. + description: |- + (Map of String) D1 Databases used for Pages Functions. + D1 Databases used for Pages Functions. type: object + x-kubernetes-map-type: granular durableObjectNamespaces: additionalProperties: type: string - description: Durable Object namespaces used for Pages - Functions. + description: |- + (Map of String) Durable Object namespaces used for Pages Functions. + Durable Object namespaces used for Pages Functions. type: object + x-kubernetes-map-type: granular environmentVariables: additionalProperties: type: string - description: Environment variables for Pages Functions. + description: |- + (Map of String) Environment variables for Pages Functions. + Environment variables for Pages Functions. type: object + x-kubernetes-map-type: granular kvNamespaces: additionalProperties: type: string - description: KV namespaces used for Pages Functions. + description: |- + (Map of String) KV namespaces used for Pages Functions. + KV namespaces used for Pages Functions. type: object + x-kubernetes-map-type: granular r2Buckets: additionalProperties: type: string - description: R2 Buckets used for Pages Functions. + description: |- + (Map of String) R2 Buckets used for Pages Functions. + R2 Buckets used for Pages Functions. type: object + x-kubernetes-map-type: granular type: object type: array production: - description: Configuration for production deploys. + description: |- + (Block List, Max: 1) Configuration for production deploys. (see below for nested schema) + Configuration for production deploys. items: properties: compatibilityDate: - description: Compatibility date used for Pages Functions. + description: |- + (String) Compatibility date used for Pages Functions. + Compatibility date used for Pages Functions. type: string compatibilityFlags: - description: Compatibility flags used for Pages Functions. + description: |- + (List of String) Compatibility flags used for Pages Functions. + Compatibility flags used for Pages Functions. items: type: string type: array d1Databases: additionalProperties: type: string - description: D1 Databases used for Pages Functions. + description: |- + (Map of String) D1 Databases used for Pages Functions. + D1 Databases used for Pages Functions. type: object + x-kubernetes-map-type: granular durableObjectNamespaces: additionalProperties: type: string - description: Durable Object namespaces used for Pages - Functions. + description: |- + (Map of String) Durable Object namespaces used for Pages Functions. + Durable Object namespaces used for Pages Functions. type: object + x-kubernetes-map-type: granular environmentVariables: additionalProperties: type: string - description: Environment variables for Pages Functions. + description: |- + (Map of String) Environment variables for Pages Functions. + Environment variables for Pages Functions. type: object + x-kubernetes-map-type: granular kvNamespaces: additionalProperties: type: string - description: KV namespaces used for Pages Functions. + description: |- + (Map of String) KV namespaces used for Pages Functions. + KV namespaces used for Pages Functions. type: object + x-kubernetes-map-type: granular r2Buckets: additionalProperties: type: string - description: R2 Buckets used for Pages Functions. + description: |- + (Map of String) R2 Buckets used for Pages Functions. + R2 Buckets used for Pages Functions. type: object + x-kubernetes-map-type: granular type: object type: array type: object type: array name: - description: Name of the project. + description: |- + (String) Name of the project. + Name of the project. type: string productionBranch: - description: The name of the branch that is used for the production - environment. + description: |- + (String) The name of the branch that is used for the production environment. + The name of the branch that is used for the production environment. type: string source: - description: Configuration for the project source. + description: |- + (Block List, Max: 1) Configuration for the project source. (see below for nested schema) + Configuration for the project source. items: properties: config: - description: Configuration for the source of the Cloudflare - Pages project. + description: |- + (Block List, Max: 1) Configuration for the source of the Cloudflare Pages project. (see below for nested schema) + Configuration for the source of the Cloudflare Pages project. items: properties: deploymentsEnabled: - description: Toggle deployments on this repo. Defaults - to `true`. + description: |- + (Boolean) Toggle deployments on this repo. Defaults to true. + Toggle deployments on this repo. Defaults to `true`. type: boolean owner: - description: Project owner username. + description: |- + (String) Project owner username. + Project owner username. type: string prCommentsEnabled: - description: Enable Pages to comment on Pull Requests. - Defaults to `true`. + description: |- + (Boolean) Enable Pages to comment on Pull Requests. Defaults to true. + Enable Pages to comment on Pull Requests. Defaults to `true`. type: boolean previewBranchExcludes: - description: Branches will be excluded from automatic - deployment. + description: |- + (List of String) Branches will be excluded from automatic deployment. + Branches will be excluded from automatic deployment. items: type: string type: array previewBranchIncludes: - description: Branches will be included for automatic - deployment. + description: |- + (List of String) Branches will be included for automatic deployment. + Branches will be included for automatic deployment. items: type: string type: array previewDeploymentSetting: - description: Preview Deployment Setting. Defaults - to `all`. + description: |- + (String) Preview Deployment Setting. Defaults to all. + Preview Deployment Setting. Defaults to `all`. type: string productionBranch: - description: Project production branch name. + description: |- + (String) The name of the branch that is used for the production environment. + Project production branch name. type: string productionDeploymentEnabled: - description: Enable production deployments. Defaults - to `true`. + description: |- + (Boolean) Enable production deployments. Defaults to true. + Enable production deployments. Defaults to `true`. type: boolean repoName: - description: Project repository name. + description: |- + (String) Project repository name. + Project repository name. type: string - required: - - productionBranch type: object type: array type: - description: Project host type. + description: |- + (String) Project host type. + Project host type. type: string type: object type: array - required: - - name - - productionBranch type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + buildConfig: + description: |- + (Block List, Max: 1) Configuration for the project build process. (see below for nested schema) + Configuration for the project build process. + items: + properties: + buildCommand: + description: |- + (String) Command used to build project. + Command used to build project. + type: string + destinationDir: + description: |- + (String) Output directory of the build. + Output directory of the build. + type: string + rootDir: + description: |- + (String) Directory to run the command. + Directory to run the command. + type: string + webAnalyticsTag: + description: |- + (String) The classifying tag for analytics. + The classifying tag for analytics. + type: string + webAnalyticsToken: + description: |- + (String) The auth token for analytics. + The auth token for analytics. + type: string + type: object + type: array + deploymentConfigs: + description: |- + (Block List, Max: 1) Configuration for deployments in a project. (see below for nested schema) + Configuration for deployments in a project. + items: + properties: + preview: + description: |- + (Block List, Max: 1) Configuration for preview deploys. (see below for nested schema) + Configuration for preview deploys. + items: + properties: + compatibilityDate: + description: |- + (String) Compatibility date used for Pages Functions. + Compatibility date used for Pages Functions. + type: string + compatibilityFlags: + description: |- + (List of String) Compatibility flags used for Pages Functions. + Compatibility flags used for Pages Functions. + items: + type: string + type: array + d1Databases: + additionalProperties: + type: string + description: |- + (Map of String) D1 Databases used for Pages Functions. + D1 Databases used for Pages Functions. + type: object + x-kubernetes-map-type: granular + durableObjectNamespaces: + additionalProperties: + type: string + description: |- + (Map of String) Durable Object namespaces used for Pages Functions. + Durable Object namespaces used for Pages Functions. + type: object + x-kubernetes-map-type: granular + environmentVariables: + additionalProperties: + type: string + description: |- + (Map of String) Environment variables for Pages Functions. + Environment variables for Pages Functions. + type: object + x-kubernetes-map-type: granular + kvNamespaces: + additionalProperties: + type: string + description: |- + (Map of String) KV namespaces used for Pages Functions. + KV namespaces used for Pages Functions. + type: object + x-kubernetes-map-type: granular + r2Buckets: + additionalProperties: + type: string + description: |- + (Map of String) R2 Buckets used for Pages Functions. + R2 Buckets used for Pages Functions. + type: object + x-kubernetes-map-type: granular + type: object + type: array + production: + description: |- + (Block List, Max: 1) Configuration for production deploys. (see below for nested schema) + Configuration for production deploys. + items: + properties: + compatibilityDate: + description: |- + (String) Compatibility date used for Pages Functions. + Compatibility date used for Pages Functions. + type: string + compatibilityFlags: + description: |- + (List of String) Compatibility flags used for Pages Functions. + Compatibility flags used for Pages Functions. + items: + type: string + type: array + d1Databases: + additionalProperties: + type: string + description: |- + (Map of String) D1 Databases used for Pages Functions. + D1 Databases used for Pages Functions. + type: object + x-kubernetes-map-type: granular + durableObjectNamespaces: + additionalProperties: + type: string + description: |- + (Map of String) Durable Object namespaces used for Pages Functions. + Durable Object namespaces used for Pages Functions. + type: object + x-kubernetes-map-type: granular + environmentVariables: + additionalProperties: + type: string + description: |- + (Map of String) Environment variables for Pages Functions. + Environment variables for Pages Functions. + type: object + x-kubernetes-map-type: granular + kvNamespaces: + additionalProperties: + type: string + description: |- + (Map of String) KV namespaces used for Pages Functions. + KV namespaces used for Pages Functions. + type: object + x-kubernetes-map-type: granular + r2Buckets: + additionalProperties: + type: string + description: |- + (Map of String) R2 Buckets used for Pages Functions. + R2 Buckets used for Pages Functions. + type: object + x-kubernetes-map-type: granular + type: object + type: array + type: object + type: array + name: + description: |- + (String) Name of the project. + Name of the project. + type: string + productionBranch: + description: |- + (String) The name of the branch that is used for the production environment. + The name of the branch that is used for the production environment. + type: string + source: + description: |- + (Block List, Max: 1) Configuration for the project source. (see below for nested schema) + Configuration for the project source. + items: + properties: + config: + description: |- + (Block List, Max: 1) Configuration for the source of the Cloudflare Pages project. (see below for nested schema) + Configuration for the source of the Cloudflare Pages project. + items: + properties: + deploymentsEnabled: + description: |- + (Boolean) Toggle deployments on this repo. Defaults to true. + Toggle deployments on this repo. Defaults to `true`. + type: boolean + owner: + description: |- + (String) Project owner username. + Project owner username. + type: string + prCommentsEnabled: + description: |- + (Boolean) Enable Pages to comment on Pull Requests. Defaults to true. + Enable Pages to comment on Pull Requests. Defaults to `true`. + type: boolean + previewBranchExcludes: + description: |- + (List of String) Branches will be excluded from automatic deployment. + Branches will be excluded from automatic deployment. + items: + type: string + type: array + previewBranchIncludes: + description: |- + (List of String) Branches will be included for automatic deployment. + Branches will be included for automatic deployment. + items: + type: string + type: array + previewDeploymentSetting: + description: |- + (String) Preview Deployment Setting. Defaults to all. + Preview Deployment Setting. Defaults to `all`. + type: string + productionBranch: + description: |- + (String) The name of the branch that is used for the production environment. + Project production branch name. + type: string + productionDeploymentEnabled: + description: |- + (Boolean) Enable production deployments. Defaults to true. + Enable production deployments. Defaults to `true`. + type: boolean + repoName: + description: |- + (String) Project repository name. + Project repository name. + type: string + type: object + type: array + type: + description: |- + (String) Project host type. + Project host type. + type: string + type: object + type: array type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -363,21 +771,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -387,17 +795,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -407,21 +817,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -436,21 +846,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -461,14 +872,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -483,23 +895,285 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.productionBranch is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.productionBranch) + || (has(self.initProvider) && has(self.initProvider.productionBranch))' status: description: ProjectStatus defines the observed state of Project. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string + buildConfig: + description: |- + (Block List, Max: 1) Configuration for the project build process. (see below for nested schema) + Configuration for the project build process. + items: + properties: + buildCommand: + description: |- + (String) Command used to build project. + Command used to build project. + type: string + destinationDir: + description: |- + (String) Output directory of the build. + Output directory of the build. + type: string + rootDir: + description: |- + (String) Directory to run the command. + Directory to run the command. + type: string + webAnalyticsTag: + description: |- + (String) The classifying tag for analytics. + The classifying tag for analytics. + type: string + webAnalyticsToken: + description: |- + (String) The auth token for analytics. + The auth token for analytics. + type: string + type: object + type: array createdOn: - description: When the project was created. + description: |- + (String) When the project was created. + When the project was created. type: string + deploymentConfigs: + description: |- + (Block List, Max: 1) Configuration for deployments in a project. (see below for nested schema) + Configuration for deployments in a project. + items: + properties: + preview: + description: |- + (Block List, Max: 1) Configuration for preview deploys. (see below for nested schema) + Configuration for preview deploys. + items: + properties: + compatibilityDate: + description: |- + (String) Compatibility date used for Pages Functions. + Compatibility date used for Pages Functions. + type: string + compatibilityFlags: + description: |- + (List of String) Compatibility flags used for Pages Functions. + Compatibility flags used for Pages Functions. + items: + type: string + type: array + d1Databases: + additionalProperties: + type: string + description: |- + (Map of String) D1 Databases used for Pages Functions. + D1 Databases used for Pages Functions. + type: object + x-kubernetes-map-type: granular + durableObjectNamespaces: + additionalProperties: + type: string + description: |- + (Map of String) Durable Object namespaces used for Pages Functions. + Durable Object namespaces used for Pages Functions. + type: object + x-kubernetes-map-type: granular + environmentVariables: + additionalProperties: + type: string + description: |- + (Map of String) Environment variables for Pages Functions. + Environment variables for Pages Functions. + type: object + x-kubernetes-map-type: granular + kvNamespaces: + additionalProperties: + type: string + description: |- + (Map of String) KV namespaces used for Pages Functions. + KV namespaces used for Pages Functions. + type: object + x-kubernetes-map-type: granular + r2Buckets: + additionalProperties: + type: string + description: |- + (Map of String) R2 Buckets used for Pages Functions. + R2 Buckets used for Pages Functions. + type: object + x-kubernetes-map-type: granular + type: object + type: array + production: + description: |- + (Block List, Max: 1) Configuration for production deploys. (see below for nested schema) + Configuration for production deploys. + items: + properties: + compatibilityDate: + description: |- + (String) Compatibility date used for Pages Functions. + Compatibility date used for Pages Functions. + type: string + compatibilityFlags: + description: |- + (List of String) Compatibility flags used for Pages Functions. + Compatibility flags used for Pages Functions. + items: + type: string + type: array + d1Databases: + additionalProperties: + type: string + description: |- + (Map of String) D1 Databases used for Pages Functions. + D1 Databases used for Pages Functions. + type: object + x-kubernetes-map-type: granular + durableObjectNamespaces: + additionalProperties: + type: string + description: |- + (Map of String) Durable Object namespaces used for Pages Functions. + Durable Object namespaces used for Pages Functions. + type: object + x-kubernetes-map-type: granular + environmentVariables: + additionalProperties: + type: string + description: |- + (Map of String) Environment variables for Pages Functions. + Environment variables for Pages Functions. + type: object + x-kubernetes-map-type: granular + kvNamespaces: + additionalProperties: + type: string + description: |- + (Map of String) KV namespaces used for Pages Functions. + KV namespaces used for Pages Functions. + type: object + x-kubernetes-map-type: granular + r2Buckets: + additionalProperties: + type: string + description: |- + (Map of String) R2 Buckets used for Pages Functions. + R2 Buckets used for Pages Functions. + type: object + x-kubernetes-map-type: granular + type: object + type: array + type: object + type: array domains: - description: A list of associated custom domains for the project. + description: |- + (List of String) A list of associated custom domains for the project. + A list of associated custom domains for the project. items: type: string type: array id: + description: (String) The ID of this resource. + type: string + name: + description: |- + (String) Name of the project. + Name of the project. + type: string + productionBranch: + description: |- + (String) The name of the branch that is used for the production environment. + The name of the branch that is used for the production environment. type: string + source: + description: |- + (Block List, Max: 1) Configuration for the project source. (see below for nested schema) + Configuration for the project source. + items: + properties: + config: + description: |- + (Block List, Max: 1) Configuration for the source of the Cloudflare Pages project. (see below for nested schema) + Configuration for the source of the Cloudflare Pages project. + items: + properties: + deploymentsEnabled: + description: |- + (Boolean) Toggle deployments on this repo. Defaults to true. + Toggle deployments on this repo. Defaults to `true`. + type: boolean + owner: + description: |- + (String) Project owner username. + Project owner username. + type: string + prCommentsEnabled: + description: |- + (Boolean) Enable Pages to comment on Pull Requests. Defaults to true. + Enable Pages to comment on Pull Requests. Defaults to `true`. + type: boolean + previewBranchExcludes: + description: |- + (List of String) Branches will be excluded from automatic deployment. + Branches will be excluded from automatic deployment. + items: + type: string + type: array + previewBranchIncludes: + description: |- + (List of String) Branches will be included for automatic deployment. + Branches will be included for automatic deployment. + items: + type: string + type: array + previewDeploymentSetting: + description: |- + (String) Preview Deployment Setting. Defaults to all. + Preview Deployment Setting. Defaults to `all`. + type: string + productionBranch: + description: |- + (String) The name of the branch that is used for the production environment. + Project production branch name. + type: string + productionDeploymentEnabled: + description: |- + (Boolean) Enable production deployments. Defaults to true. + Enable production deployments. Defaults to `true`. + type: boolean + repoName: + description: |- + (String) Project repository name. + Project repository name. + type: string + type: object + type: array + type: + description: |- + (String) Project host type. + Project host type. + type: string + type: object + type: array subdomain: - description: The Cloudflare subdomain associated with the project. + description: |- + (String) The Cloudflare subdomain associated with the project. + The Cloudflare subdomain associated with the project. type: string type: object conditions: @@ -508,13 +1182,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -525,8 +1201,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -535,6 +1212,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -543,9 +1223,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/ruleset.cloudflare.upbound.io_rulesets.yaml b/package/crds/ruleset.cloudflare.upbound.io_rulesets.yaml index c8a2294..d54ccce 100644 --- a/package/crds/ruleset.cloudflare.upbound.io_rulesets.yaml +++ b/package/crds/ruleset.cloudflare.upbound.io_rulesets.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: rulesets.ruleset.cloudflare.upbound.io spec: group: ruleset.cloudflare.upbound.io @@ -35,17 +34,27 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Ruleset is the Schema for the Rulesets API. + description: Ruleset is the Schema for the Rulesets API. The Cloudflare Ruleset + Engine https://developers.cloudflare.com/firewall/cf-rulesets allows you + to create and deploy rules and rulesets. The engine syntax, inspired by + the Wireshark Display Filter language, is the same syntax used in custom + Firewall Rules. Cloudflare uses the Ruleset Engine in different products, + allowing you to configure several products using the same basic syntax. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +63,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,8 +78,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. - Conflicts with `zone_id`. + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +93,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +120,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +135,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,771 +157,849 @@ spec: type: object type: object description: - description: Brief summary of the ruleset and its intended use. + description: |- + (String) Brief summary of the ruleset and its intended use. + Brief summary of the ruleset and its intended use. type: string kind: - description: 'Type of Ruleset to create. Available values: `custom`, - `managed`, `root`, `schema`, `zone`.' + description: |- + (String) Type of Ruleset to create. Available values: custom, managed, root, schema, zone. + Type of Ruleset to create. Available values: `custom`, `managed`, `root`, `schema`, `zone`. type: string name: - description: Name of the ruleset. **Modifying this attribute will - force creation of a new resource.** + description: |- + (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + Name of the ruleset. **Modifying this attribute will force creation of a new resource.** type: string phase: - description: 'Point in the request/response lifecycle where the - ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, - `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, - `http_request_firewall_custom`, `http_request_firewall_managed`, - `http_request_late_transform`, `http_request_late_transform_managed`, - `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, - `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, - `http_response_firewall_managed`, `http_response_headers_transform`, - `http_response_headers_transform_managed`, `magic_transit`, - `http_ratelimit`, `http_request_sbfm`, `http_config_settings`.' + description: |- + (String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings. + Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_late_transform_managed`, `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, `http_response_firewall_managed`, `http_response_headers_transform`, `http_response_headers_transform_managed`, `magic_transit`, `http_ratelimit`, `http_request_sbfm`, `http_config_settings`. type: string rules: - description: List of rules to apply to the ruleset. + description: |- + (Block List) List of rules to apply to the ruleset. (see below for nested schema) + List of rules to apply to the ruleset. items: properties: action: - description: 'Action to perform in the ruleset rule. Available - values: `block`, `challenge`, `ddos_dynamic`, `execute`, - `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, - `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, - `set_cache_settings`, `set_config`, `serve_error`, `skip`.' + description: |- + (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + Action to perform in the ruleset rule. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. type: string actionParameters: - description: List of parameters that configure the behavior - of the ruleset rule action. + description: |- + (Block List, Max: 1) List of parameters that configure the behavior of the ruleset rule action. (see below for nested schema) + List of parameters that configure the behavior of the ruleset rule action. items: properties: automaticHttpsRewrites: - description: Turn on or off Cloudflare Automatic HTTPS - rewrites. + description: |- + (Boolean) Turn on or off Cloudflare Automatic HTTPS rewrites. + Turn on or off Cloudflare Automatic HTTPS rewrites. type: boolean autominify: - description: Indicate which file extensions to minify - automatically. + description: |- + (Block List) Indicate which file extensions to minify automatically. (see below for nested schema) + Indicate which file extensions to minify automatically. items: properties: css: - description: SSL minification. + description: |- + (Boolean) SSL minification. + SSL minification. type: boolean html: - description: HTML minification. + description: |- + (Boolean) HTML minification. + HTML minification. type: boolean js: - description: JS minification. + description: |- + (Boolean) JS minification. + JS minification. type: boolean type: object type: array bic: - description: Inspect the visitor's browser for headers - commonly associated with spammers and certain bots. + description: |- + (Boolean) Inspect the visitor's browser for headers commonly associated with spammers and certain bots. + Inspect the visitor's browser for headers commonly associated with spammers and certain bots. type: boolean browserTtl: - description: List of browser TTL parameters to apply - to the request. + description: |- + (Block List, Max: 1) List of browser TTL parameters to apply to the request. (see below for nested schema) + List of browser TTL parameters to apply to the request. items: properties: default: - description: Default browser TTL. + description: |- + (Number) Default browser TTL. + Default browser TTL. type: number mode: - description: Mode of the browser TTL. + description: |- + (String) Mode of the browser TTL. + Mode of the browser TTL. type: string - required: - - mode type: object type: array cache: - description: Whether to cache if expression matches. + description: |- + (Boolean) Whether to cache if expression matches. + Whether to cache if expression matches. type: boolean cacheKey: - description: List of cache key parameters to apply - to the request. + description: |- + (Block List, Max: 1) List of cache key parameters to apply to the request. (see below for nested schema) + List of cache key parameters to apply to the request. items: properties: cacheByDeviceType: - description: Cache by device type. Conflicts - with "custom_key.user.device_type". + description: |- + (Boolean) Cache by device type. Conflicts with "custom_key.user.device_type". + Cache by device type. Conflicts with "custom_key.user.device_type". type: boolean cacheDeceptionArmor: - description: Cache deception armor. + description: |- + (Boolean) Cache deception armor. + Cache deception armor. type: boolean customKey: - description: Custom key parameters for the request. + description: |- + (Block List, Max: 1) Custom key parameters for the request. (see below for nested schema) + Custom key parameters for the request. items: properties: cookie: - description: Cookie parameters for the - custom key. + description: |- + (Block List, Max: 1) Cookie parameters for the custom key. (see below for nested schema) + Cookie parameters for the custom key. items: properties: checkPresence: - description: List of cookies to - check for presence in the custom - key. + description: |- + (List of String) List of cookies to check for presence in the custom key. + List of cookies to check for presence in the custom key. items: type: string type: array include: - description: List of cookies to - include in the custom key. + description: |- + (List of String) List of cookies to include in the custom key. + List of cookies to include in the custom key. items: type: string type: array type: object type: array header: - description: Header parameters for the - custom key. + description: |- + (Block List, Max: 1) Header parameters for the custom key. (see below for nested schema) + Header parameters for the custom key. items: properties: checkPresence: - description: List of headers to - check for presence in the custom - key. + description: |- + (List of String) List of cookies to check for presence in the custom key. + List of headers to check for presence in the custom key. items: type: string type: array excludeOrigin: - description: Exclude the origin - header from the custom key. + description: |- + (Boolean) Exclude the origin header from the custom key. + Exclude the origin header from the custom key. type: boolean include: - description: List of headers to - include in the custom key. + description: |- + (List of String) List of cookies to include in the custom key. + List of headers to include in the custom key. items: type: string type: array type: object type: array host: - description: Host parameters for the custom - key. + description: |- + (Block List, Max: 1) Host parameters for the custom key. (see below for nested schema) + Host parameters for the custom key. items: properties: resolved: - description: Resolve hostname to - IP address. + description: |- + (Boolean) Resolve hostname to IP address. + Resolve hostname to IP address. type: boolean type: object type: array queryString: - description: Query string parameters for - the custom key. + description: |- + (Block List, Max: 1) Query string parameters for the custom key. (see below for nested schema) + Query string parameters for the custom key. items: properties: exclude: - description: List of query string - parameters to exclude from the - custom key. Conflicts with "include". + description: |- + (List of String) List of query string parameters to exclude from the custom key. Conflicts with "include". + List of query string parameters to exclude from the custom key. Conflicts with "include". items: type: string type: array include: - description: List of query string - parameters to include in the custom - key. Conflicts with "exclude". + description: |- + (List of String) List of cookies to include in the custom key. + List of query string parameters to include in the custom key. Conflicts with "exclude". items: type: string type: array type: object type: array user: - description: User parameters for the custom - key. + description: |- + (Block List, Max: 1) User parameters for the custom key. (see below for nested schema) + User parameters for the custom key. items: properties: deviceType: - description: Add device type to - the custom key. Conflicts with - "cache_key.cache_by_device_type". + description: |- + (Boolean) Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". + Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". type: boolean geo: - description: Add geo data to the - custom key. + description: |- + (Boolean) Add geo data to the custom key. + Add geo data to the custom key. type: boolean lang: - description: Add language data to - the custom key. + description: |- + (Boolean) Add language data to the custom key. + Add language data to the custom key. type: boolean type: object type: array type: object type: array ignoreQueryStringsOrder: - description: Ignore query strings order. + description: |- + (Boolean) Ignore query strings order. + Ignore query strings order. type: boolean type: object type: array content: - description: Content of the custom error response. + description: |- + (String) Content of the custom error response. + Content of the custom error response. type: string contentType: - description: Content-Type of the custom error response. + description: |- + Type of the custom error response. + Content-Type of the custom error response. type: string cookieFields: - description: List of cookie values to include as part - of custom fields logging. + description: |- + (Set of String) List of cookie values to include as part of custom fields logging. + List of cookie values to include as part of custom fields logging. items: type: string type: array + x-kubernetes-list-type: set disableApps: - description: Turn off all active Cloudflare Apps. + description: |- + (Boolean) Turn off all active Cloudflare Apps. + Turn off all active Cloudflare Apps. type: boolean disableRailgun: - description: Turn off railgun feature of the Cloudflare - Speed app. + description: |- + (Boolean) Turn off railgun feature of the Cloudflare Speed app. + Turn off railgun feature of the Cloudflare Speed app. type: boolean disableZaraz: - description: Turn off zaraz feature. + description: |- + (Boolean) Turn off zaraz feature. + Turn off zaraz feature. type: boolean edgeTtl: - description: List of edge TTL parameters to apply - to the request. + description: |- + (Block List, Max: 1) List of edge TTL parameters to apply to the request. (see below for nested schema) + List of edge TTL parameters to apply to the request. items: properties: default: - description: Default edge TTL. + description: |- + (Number) Default browser TTL. + Default edge TTL. type: number mode: - description: Mode of the edge TTL. + description: |- + (String) Mode of the browser TTL. + Mode of the edge TTL. type: string statusCodeTtl: - description: Edge TTL for the status codes. + description: |- + (Block List) Edge TTL for the status codes. (see below for nested schema) + Edge TTL for the status codes. items: properties: statusCode: - description: Status code for which the - edge TTL is applied. Conflicts with - "status_code_range". + description: |- + (Number) HTTP status code of the custom error response. + Status code for which the edge TTL is applied. Conflicts with "status_code_range". type: number statusCodeRange: - description: Status code range for which - the edge TTL is applied. Conflicts with - "status_code". + description: |- + (Block List) Status code range for which the edge TTL is applied. Conflicts with "status_code". (see below for nested schema) + Status code range for which the edge TTL is applied. Conflicts with "status_code". items: properties: from: - description: From status code. + description: |- + (Number) From status code. + From status code. type: number to: - description: To status code. + description: |- + (Number) To status code. + To status code. type: number type: object type: array value: - description: Status code edge TTL value. + description: |- + (Number) Status code edge TTL value. + Status code edge TTL value. type: number - required: - - value type: object type: array - required: - - mode type: object type: array emailObfuscation: - description: Turn on or off the Cloudflare Email Obfuscation - feature of the Cloudflare Scrape Shield app. + description: |- + (Boolean) Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. + Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. type: boolean fromList: - description: Use a list to lookup information for - the action. + description: |- + (Block List, Max: 1) Use a list to lookup information for the action. (see below for nested schema) + Use a list to lookup information for the action. items: properties: key: - description: Expression to use for the list - lookup. + description: |- + (String) Expression to use for the list lookup. + Expression to use for the list lookup. type: string name: - description: Name of the list. + description: |- + (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + Name of the list. type: string - required: - - key - - name type: object type: array fromValue: - description: Use a value to lookup information for - the action. + description: |- + (Block List, Max: 1) Use a value to lookup information for the action. (see below for nested schema) + Use a value to lookup information for the action. items: properties: preserveQueryString: - description: Preserve query string for redirect - URL. + description: |- + (Boolean) Preserve query string for redirect URL. + Preserve query string for redirect URL. type: boolean statusCode: - description: Status code for redirect. + description: |- + (Number) HTTP status code of the custom error response. + Status code for redirect. type: number targetUrl: - description: Target URL for redirect. + description: |- + (Block List, Max: 1) Target URL for redirect. (see below for nested schema) + Target URL for redirect. items: properties: expression: - description: Use a value dynamically determined - by the Firewall Rules expression language - based on Wireshark display filters. - Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) - documentation for all available fields, - operators, and functions. Conflicts - with `"value"`. + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. Conflicts with `"value"`. type: string value: - description: Static value to provide as - the HTTP request header value. Conflicts - with `"expression"`. + description: |- + (Number) Status code edge TTL value. + Static value to provide as the HTTP request header value. Conflicts with `"expression"`. type: string type: object type: array type: object type: array headers: - description: List of HTTP header modifications to - perform in the ruleset rule. + description: |- + (Block List) List of HTTP header modifications to perform in the ruleset rule. (see below for nested schema) + List of HTTP header modifications to perform in the ruleset rule. items: properties: expression: - description: Use a value dynamically determined - by the Firewall Rules expression language - based on Wireshark display filters. Refer - to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) - documentation for all available fields, operators, - and functions. Conflicts with `"value"`. + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. Conflicts with `"value"`. type: string name: - description: Name of the HTTP request header - to target. + description: |- + (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + Name of the HTTP request header to target. type: string operation: - description: 'Action to perform on the HTTP - request header. Available values: `remove`, - `set`.' + description: |- + (String) Action to perform on the HTTP request header. Available values: remove, set. + Action to perform on the HTTP request header. Available values: `remove`, `set`. type: string value: - description: Static value to provide as the - HTTP request header value. Conflicts with - `"expression"`. + description: |- + (Number) Status code edge TTL value. + Static value to provide as the HTTP request header value. Conflicts with `"expression"`. type: string type: object type: array hostHeader: - description: Host Header that request origin receives. + description: |- + (String) Host Header that request origin receives. + Host Header that request origin receives. type: string hotlinkProtection: - description: Turn on or off the hotlink protection - feature. + description: |- + (Boolean) Turn on or off the hotlink protection feature. + Turn on or off the hotlink protection feature. type: boolean id: - description: Identifier of the action parameter to - modify. + description: |- + (String) The ID of this resource. + Identifier of the action parameter to modify. type: string increment: + description: (Number) type: number matchedData: - description: List of properties to configure WAF payload - logging. + description: |- + (Block List, Max: 1) List of properties to configure WAF payload logging. (see below for nested schema) + List of properties to configure WAF payload logging. items: properties: publicKey: - description: Public key to use within WAF Ruleset - payload logging to view the HTTP request parameters. - You can generate a public key [using the `matched-data-cli` - command-line tool](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/command-line/generate-key-pair) - or [in the Cloudflare dashboard](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/configure). + description: |- + (String) Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the or in the Cloudflare dashboard. + Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key [using the `matched-data-cli` command-line tool](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/command-line/generate-key-pair) or [in the Cloudflare dashboard](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/configure). type: string type: object type: array mirage: - description: Turn on or off Cloudflare Mirage of the - Cloudflare Speed app. + description: |- + (Boolean) Turn on or off Cloudflare Mirage of the Cloudflare Speed app. + Turn on or off Cloudflare Mirage of the Cloudflare Speed app. type: boolean opportunisticEncryption: - description: Turn on or off the Cloudflare Opportunistic - Encryption feature of the Edge Certificates tab - in the Cloudflare SSL/TLS app. + description: |- + (Boolean) Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. type: boolean origin: - description: List of properties to change request - origin. + description: |- + (Block List, Max: 1) List of properties to change request origin. (see below for nested schema) + List of properties to change request origin. items: properties: host: - description: Origin Hostname where request is - sent. + description: |- + (Block List, Max: 1) Host parameters for the custom key. (see below for nested schema) + Origin Hostname where request is sent. type: string port: - description: Origin Port where request is sent. + description: |- + (Number) Origin Port where request is sent. + Origin Port where request is sent. type: number type: object type: array originErrorPagePassthru: - description: Pass-through error page for origin. + description: |- + through error page for origin. + Pass-through error page for origin. type: boolean overrides: - description: List of override configurations to apply - to the ruleset. + description: |- + (Block List, Max: 1) List of override configurations to apply to the ruleset. (see below for nested schema) + List of override configurations to apply to the ruleset. items: properties: action: - description: 'Action to perform in the rule-level - override. Available values: `block`, `challenge`, - `ddos_dynamic`, `execute`, `force_connection_close`, - `js_challenge`, `log`, `log_custom_field`, - `managed_challenge`, `redirect`, `rewrite`, - `route`, `score`, `set_cache_settings`, `set_config`, - `serve_error`, `skip`.' + description: |- + (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + Action to perform in the rule-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. type: string categories: - description: List of tag-based overrides. + description: |- + based overrides. (see below for nested schema) + List of tag-based overrides. items: properties: action: - description: 'Action to perform in the - tag-level override. Available values: - `block`, `challenge`, `ddos_dynamic`, - `execute`, `force_connection_close`, - `js_challenge`, `log`, `log_custom_field`, - `managed_challenge`, `redirect`, `rewrite`, - `route`, `score`, `set_cache_settings`, - `set_config`, `serve_error`, `skip`.' + description: |- + (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + Action to perform in the tag-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. type: string category: - description: Tag name to apply the ruleset - rule override to. + description: |- + (String) Tag name to apply the ruleset rule override to. + Tag name to apply the ruleset rule override to. type: string status: - description: 'Defines if the current tag-level - override enables or disables the ruleset - rules with the specified tag. Available - values: `enabled`, `disabled`. Defaults - to `""`.' + description: |- + level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + Defines if the current tag-level override enables or disables the ruleset rules with the specified tag. Available values: `enabled`, `disabled`. Defaults to `""`. type: string type: object type: array rules: - description: List of rule-based overrides. + description: |- + (Block List) List of rules to apply to the ruleset. (see below for nested schema) + List of rule-based overrides. items: properties: action: - description: 'Action to perform in the - rule-level override. Available values: - `block`, `challenge`, `ddos_dynamic`, - `execute`, `force_connection_close`, - `js_challenge`, `log`, `log_custom_field`, - `managed_challenge`, `redirect`, `rewrite`, - `route`, `score`, `set_cache_settings`, - `set_config`, `serve_error`, `skip`.' + description: |- + (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + Action to perform in the rule-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. type: string id: - description: Rule ID to apply the override - to. + description: |- + (String) The ID of this resource. + Rule ID to apply the override to. type: string scoreThreshold: - description: Anomaly score threshold to - apply in the ruleset rule override. - Only applicable to modsecurity-based - rulesets. + description: |- + based rulesets. + Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets. type: number sensitivityLevel: - description: Sensitivity level for a ruleset - rule override. + description: |- + (String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff. + Sensitivity level for a ruleset rule override. type: string status: - description: 'Defines if the current rule-level - override enables or disables the rule. - Available values: `enabled`, `disabled`. - Defaults to `""`.' + description: |- + level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + Defines if the current rule-level override enables or disables the rule. Available values: `enabled`, `disabled`. Defaults to `""`. type: string type: object type: array sensitivityLevel: - description: 'Sensitivity level to override - for all ruleset rules. Available values: `default`, - `medium`, `low`, `eoff`.' + description: |- + (String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff. + Sensitivity level to override for all ruleset rules. Available values: `default`, `medium`, `low`, `eoff`. type: string status: - description: 'Defines if the current ruleset-level - override enables or disables the ruleset. - Available values: `enabled`, `disabled`. Defaults - to `""`.' + description: |- + level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + Defines if the current ruleset-level override enables or disables the ruleset. Available values: `enabled`, `disabled`. Defaults to `""`. type: string type: object type: array phases: - description: 'Point in the request/response lifecycle - where the ruleset will be created. Available values: - `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, - `http_request_cache_settings`, `http_request_firewall_custom`, - `http_request_firewall_managed`, `http_request_late_transform`, - `http_request_late_transform_managed`, `http_request_main`, - `http_request_origin`, `http_request_dynamic_redirect`, - `http_request_redirect`, `http_request_sanitize`, - `http_request_transform`, `http_response_firewall_managed`, - `http_response_headers_transform`, `http_response_headers_transform_managed`, - `magic_transit`, `http_ratelimit`, `http_request_sbfm`, - `http_config_settings`.' + description: |- + (Set of String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings. + Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_late_transform_managed`, `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, `http_response_firewall_managed`, `http_response_headers_transform`, `http_response_headers_transform_managed`, `magic_transit`, `http_ratelimit`, `http_request_sbfm`, `http_config_settings`. items: type: string type: array + x-kubernetes-list-type: set polish: - description: Apply options from the Polish feature - of the Cloudflare Speed app. + description: |- + (String) Apply options from the Polish feature of the Cloudflare Speed app. + Apply options from the Polish feature of the Cloudflare Speed app. type: string products: - description: 'Products to target with the actions. - Available values: `bic`, `hot`, `ratelimit`, `securityLevel`, - `uablock`, `waf`, `zonelockdown`.' + description: |- + (Set of String) Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown. + Products to target with the actions. Available values: `bic`, `hot`, `ratelimit`, `securityLevel`, `uablock`, `waf`, `zonelockdown`. items: type: string type: array + x-kubernetes-list-type: set requestFields: - description: List of request headers to include as - part of custom fields logging, in lowercase. + description: |- + (Set of String) List of request headers to include as part of custom fields logging, in lowercase. + List of request headers to include as part of custom fields logging, in lowercase. items: type: string type: array + x-kubernetes-list-type: set respectStrongEtags: - description: Respect strong ETags. + description: |- + (Boolean) Respect strong ETags. + Respect strong ETags. type: boolean response: - description: List of parameters that configure the - response given to end users. + description: |- + (Block List) List of parameters that configure the response given to end users. (see below for nested schema) + List of parameters that configure the response given to end users. items: properties: content: - description: Body content to include in the - response. + description: |- + (String) Content of the custom error response. + Body content to include in the response. type: string contentType: - description: HTTP content type to send in the - response. + description: |- + Type of the custom error response. + HTTP content type to send in the response. type: string statusCode: - description: HTTP status code to send in the - response. + description: |- + (Number) HTTP status code of the custom error response. + HTTP status code to send in the response. type: number type: object type: array responseFields: - description: List of response headers to include as - part of custom fields logging, in lowercase. + description: |- + (Set of String) List of response headers to include as part of custom fields logging, in lowercase. + List of response headers to include as part of custom fields logging, in lowercase. items: type: string type: array + x-kubernetes-list-type: set rocketLoader: - description: Turn on or off Cloudflare Rocket Loader - in the Cloudflare Speed app. + description: |- + (Boolean) Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. + Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. type: boolean rules: additionalProperties: type: string - description: 'Map of managed WAF rule ID to comma-delimited - string of ruleset rule IDs. Example: `rules = { - "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" - }`.' + description: |- + (Block List) List of rules to apply to the ruleset. (see below for nested schema) + Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: `rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }`. type: object + x-kubernetes-map-type: granular ruleset: - description: Which ruleset ID to target. + description: |- + (String) Which ruleset ID to target. + Which ruleset ID to target. type: string rulesets: - description: List of managed WAF rule IDs to target. - Only valid when the `"action"` is set to skip. + description: |- + (Set of String) List of managed WAF rule IDs to target. Only valid when the "action" is set to skip. + List of managed WAF rule IDs to target. Only valid when the `"action"` is set to skip. items: type: string type: array + x-kubernetes-list-type: set securityLevel: - description: Control options for the Security Level - feature from the Security app. + description: |- + (String) Control options for the Security Level feature from the Security app. + Control options for the Security Level feature from the Security app. type: string serveStale: - description: List of serve stale parameters to apply - to the request. + description: |- + (Block List, Max: 1) List of serve stale parameters to apply to the request. (see below for nested schema) + List of serve stale parameters to apply to the request. items: properties: disableStaleWhileUpdating: - description: Disable stale while updating. + description: |- + (Boolean) Disable stale while updating. + Disable stale while updating. type: boolean type: object type: array serverSideExcludes: - description: Turn on or off the Server Side Excludes - feature of the Cloudflare Scrape Shield app. + description: |- + (Boolean) Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. + Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. type: boolean sni: - description: List of properties to manange Server - Name Indication. + description: |- + (Block List, Max: 1) List of properties to manange Server Name Indication. (see below for nested schema) + List of properties to manange Server Name Indication. items: properties: value: - description: Value to define for SNI. + description: |- + (Number) Status code edge TTL value. + Value to define for SNI. type: string type: object type: array ssl: - description: Control options for the SSL feature of - the Edge Certificates tab in the Cloudflare SSL/TLS - app. + description: |- + (String) Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. type: string statusCode: - description: HTTP status code of the custom error - response. + description: |- + (Number) HTTP status code of the custom error response. + HTTP status code of the custom error response. type: number sxg: - description: Turn on or off the SXG feature. + description: |- + (Boolean) Turn on or off the SXG feature. + Turn on or off the SXG feature. type: boolean uri: - description: List of URI properties to configure for - the ruleset rule when performing URL rewrite transformations. + description: |- + (Block List, Max: 1) List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. (see below for nested schema) + List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. items: properties: origin: + description: '(Block List, Max: 1) List of properties + to change request origin. (see below for nested + schema)' type: boolean path: - description: URI path configuration when performing - a URL rewrite. + description: |- + (Block List, Max: 1) URI path configuration when performing a URL rewrite. (see below for nested schema) + URI path configuration when performing a URL rewrite. items: properties: expression: - description: Expression that defines the - updated (dynamic) value of the URI path - or query string component. Uses the - Firewall Rules expression language based - on Wireshark display filters. Refer - to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) - documentation for all available fields, - operators, and functions. + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. type: string value: - description: Static string value of the - updated URI path or query string component. + description: |- + (Number) Status code edge TTL value. + Static string value of the updated URI path or query string component. type: string type: object type: array query: - description: Query string configuration when - performing a URL rewrite. + description: |- + (Block List, Max: 1) Query string configuration when performing a URL rewrite. (see below for nested schema) + Query string configuration when performing a URL rewrite. items: properties: expression: - description: Expression that defines the - updated (dynamic) value of the URI path - or query string component. Uses the - Firewall Rules expression language based - on Wireshark display filters. Refer - to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) - documentation for all available fields, - operators, and functions. + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. type: string value: - description: Static string value of the - updated URI path or query string component. + description: |- + (Number) Status code edge TTL value. + Static string value of the updated URI path or query string component. type: string type: object type: array type: object type: array version: - description: Version of the ruleset to deploy. + description: |- + (String) Version of the ruleset to deploy. + Version of the ruleset to deploy. type: string type: object type: array description: - description: Brief summary of the ruleset rule and its intended - use. + description: |- + (String) Brief summary of the ruleset and its intended use. + Brief summary of the ruleset rule and its intended use. type: string enabled: - description: Whether the rule is active. + description: |- + (Boolean) Whether the rule is active. + Whether the rule is active. type: boolean exposedCredentialCheck: - description: List of parameters that configure exposed credential - checks. + description: |- + (Block List, Max: 1) List of parameters that configure exposed credential checks. (see below for nested schema) + List of parameters that configure exposed credential checks. items: properties: passwordExpression: - description: Firewall Rules expression language based - on Wireshark display filters for where to check - for the "password" value. Refer to the [Firewall - Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). + description: |- + (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language. + Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). type: string usernameExpression: - description: Firewall Rules expression language based - on Wireshark display filters for where to check - for the "username" value. Refer to the [Firewall - Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). + description: |- + (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language. + Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). type: string type: object type: array expression: - description: Criteria for an HTTP request to trigger the - ruleset rule action. Uses the Firewall Rules expression - language based on Wireshark display filters. Refer to - the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) - documentation for all available fields, operators, and - functions. + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. type: string logging: - description: List parameters to configure how the rule generates - logs. + description: |- + (Block List, Max: 1) List parameters to configure how the rule generates logs. (see below for nested schema) + List parameters to configure how the rule generates logs. items: properties: status: - description: 'Override the default logging behavior - when a rule is matched. Available values: `enabled`, - `disabled`. Defaults to `""`.' + description: |- + level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + Override the default logging behavior when a rule is matched. Available values: `enabled`, `disabled`. Defaults to `""`. type: string type: object type: array ratelimit: - description: List of parameters that configure HTTP rate - limiting behaviour. + description: |- + (Block List, Max: 1) List of parameters that configure HTTP rate limiting behaviour. (see below for nested schema) + List of parameters that configure HTTP rate limiting behaviour. items: properties: characteristics: - description: List of parameters that define how Cloudflare - tracks the request rate for this rule. + description: |- + (Set of String) List of parameters that define how Cloudflare tracks the request rate for this rule. + List of parameters that define how Cloudflare tracks the request rate for this rule. items: type: string type: array + x-kubernetes-list-type: set countingExpression: - description: Criteria for counting HTTP requests to - trigger the Rate Limiting action. Uses the Firewall - Rules expression language based on Wireshark display - filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) - documentation for all available fields, operators, - and functions. + description: |- + (String) Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. type: string mitigationTimeout: - description: Once the request rate is reached, the - Rate Limiting rule blocks further requests for the - period of time defined in this field. + description: |- + (Number) Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. + Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. type: number period: - description: The period of time to consider (in seconds) - when evaluating the request rate. + description: |- + (Number) The period of time to consider (in seconds) when evaluating the request rate. + The period of time to consider (in seconds) when evaluating the request rate. type: number requestsPerPeriod: - description: The number of requests over the period - of time that will trigger the Rate Limiting rule. + description: |- + (Number) The number of requests over the period of time that will trigger the Rate Limiting rule. + The number of requests over the period of time that will trigger the Rate Limiting rule. type: number requestsToOrigin: - description: Whether to include requests to origin - within the Rate Limiting count. + description: |- + (Boolean) Whether to include requests to origin within the Rate Limiting count. + Whether to include requests to origin within the Rate Limiting count. type: boolean type: object type: array - required: - - expression type: object type: array shareableEntitlementName: - description: Name of entitlement that is shareable between entities. + description: |- + (String) Name of entitlement that is shareable between entities. + Name of entitlement that is shareable between entities. type: string zoneId: - description: The zone identifier to target for the resource. Conflicts - with `account_id`. + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -918,21 +1012,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -945,8 +1039,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -959,118 +1054,48 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - kind - - name - - phase - type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. - properties: - configRef: - default: - name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: name: description: Name of the referenced object. @@ -1080,21 +1105,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -1103,131 +1128,2039 @@ spec: required: - name type: object - metadata: - description: Metadata is the metadata for connection secret. + accountIdSelector: + description: Selector for a Account in account to populate accountId. properties: - annotations: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: MatchLabels ensures an object with matching labels + is selected. type: object - labels: - additionalProperties: - type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string type: object - type: - description: Type is the SecretType for the connection secret. - - Only valid for Kubernetes Secret Stores. - type: string type: object - name: - description: Name is the name of the connection secret. + description: + description: |- + (String) Brief summary of the ruleset and its intended use. + Brief summary of the ruleset and its intended use. type: string - required: - - name - type: object - writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. - properties: - name: - description: Name of the secret. + kind: + description: |- + (String) Type of Ruleset to create. Available values: custom, managed, root, schema, zone. + Type of Ruleset to create. Available values: `custom`, `managed`, `root`, `schema`, `zone`. type: string - namespace: - description: Namespace of the secret. + name: + description: |- + (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + Name of the ruleset. **Modifying this attribute will force creation of a new resource.** type: string - required: - - name - - namespace - type: object - required: - - forProvider - type: object - status: - description: RulesetStatus defines the observed state of Ruleset. - properties: - atProvider: - properties: - id: + phase: + description: |- + (String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings. + Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_late_transform_managed`, `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, `http_response_firewall_managed`, `http_response_headers_transform`, `http_response_headers_transform_managed`, `magic_transit`, `http_ratelimit`, `http_request_sbfm`, `http_config_settings`. type: string rules: - description: List of rules to apply to the ruleset. + description: |- + (Block List) List of rules to apply to the ruleset. (see below for nested schema) + List of rules to apply to the ruleset. items: properties: + action: + description: |- + (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + Action to perform in the ruleset rule. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + type: string actionParameters: - description: List of parameters that configure the behavior - of the ruleset rule action. + description: |- + (Block List, Max: 1) List of parameters that configure the behavior of the ruleset rule action. (see below for nested schema) + List of parameters that configure the behavior of the ruleset rule action. items: properties: - overrides: - description: List of override configurations to apply - to the ruleset. + automaticHttpsRewrites: + description: |- + (Boolean) Turn on or off Cloudflare Automatic HTTPS rewrites. + Turn on or off Cloudflare Automatic HTTPS rewrites. + type: boolean + autominify: + description: |- + (Block List) Indicate which file extensions to minify automatically. (see below for nested schema) + Indicate which file extensions to minify automatically. items: properties: - categories: - description: List of tag-based overrides. + css: + description: |- + (Boolean) SSL minification. + SSL minification. + type: boolean + html: + description: |- + (Boolean) HTML minification. + HTML minification. + type: boolean + js: + description: |- + (Boolean) JS minification. + JS minification. + type: boolean + type: object + type: array + bic: + description: |- + (Boolean) Inspect the visitor's browser for headers commonly associated with spammers and certain bots. + Inspect the visitor's browser for headers commonly associated with spammers and certain bots. + type: boolean + browserTtl: + description: |- + (Block List, Max: 1) List of browser TTL parameters to apply to the request. (see below for nested schema) + List of browser TTL parameters to apply to the request. + items: + properties: + default: + description: |- + (Number) Default browser TTL. + Default browser TTL. + type: number + mode: + description: |- + (String) Mode of the browser TTL. + Mode of the browser TTL. + type: string + type: object + type: array + cache: + description: |- + (Boolean) Whether to cache if expression matches. + Whether to cache if expression matches. + type: boolean + cacheKey: + description: |- + (Block List, Max: 1) List of cache key parameters to apply to the request. (see below for nested schema) + List of cache key parameters to apply to the request. + items: + properties: + cacheByDeviceType: + description: |- + (Boolean) Cache by device type. Conflicts with "custom_key.user.device_type". + Cache by device type. Conflicts with "custom_key.user.device_type". + type: boolean + cacheDeceptionArmor: + description: |- + (Boolean) Cache deception armor. + Cache deception armor. + type: boolean + customKey: + description: |- + (Block List, Max: 1) Custom key parameters for the request. (see below for nested schema) + Custom key parameters for the request. items: properties: - enabled: - description: Defines if the current tag-level - override enables or disables the ruleset - rules with the specified tag. - type: boolean + cookie: + description: |- + (Block List, Max: 1) Cookie parameters for the custom key. (see below for nested schema) + Cookie parameters for the custom key. + items: + properties: + checkPresence: + description: |- + (List of String) List of cookies to check for presence in the custom key. + List of cookies to check for presence in the custom key. + items: + type: string + type: array + include: + description: |- + (List of String) List of cookies to include in the custom key. + List of cookies to include in the custom key. + items: + type: string + type: array + type: object + type: array + header: + description: |- + (Block List, Max: 1) Header parameters for the custom key. (see below for nested schema) + Header parameters for the custom key. + items: + properties: + checkPresence: + description: |- + (List of String) List of cookies to check for presence in the custom key. + List of headers to check for presence in the custom key. + items: + type: string + type: array + excludeOrigin: + description: |- + (Boolean) Exclude the origin header from the custom key. + Exclude the origin header from the custom key. + type: boolean + include: + description: |- + (List of String) List of cookies to include in the custom key. + List of headers to include in the custom key. + items: + type: string + type: array + type: object + type: array + host: + description: |- + (Block List, Max: 1) Host parameters for the custom key. (see below for nested schema) + Host parameters for the custom key. + items: + properties: + resolved: + description: |- + (Boolean) Resolve hostname to IP address. + Resolve hostname to IP address. + type: boolean + type: object + type: array + queryString: + description: |- + (Block List, Max: 1) Query string parameters for the custom key. (see below for nested schema) + Query string parameters for the custom key. + items: + properties: + exclude: + description: |- + (List of String) List of query string parameters to exclude from the custom key. Conflicts with "include". + List of query string parameters to exclude from the custom key. Conflicts with "include". + items: + type: string + type: array + include: + description: |- + (List of String) List of cookies to include in the custom key. + List of query string parameters to include in the custom key. Conflicts with "exclude". + items: + type: string + type: array + type: object + type: array + user: + description: |- + (Block List, Max: 1) User parameters for the custom key. (see below for nested schema) + User parameters for the custom key. + items: + properties: + deviceType: + description: |- + (Boolean) Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". + Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". + type: boolean + geo: + description: |- + (Boolean) Add geo data to the custom key. + Add geo data to the custom key. + type: boolean + lang: + description: |- + (Boolean) Add language data to the custom key. + Add language data to the custom key. + type: boolean + type: object + type: array type: object type: array - enabled: - description: Defines if the current ruleset-level - override enables or disables the ruleset. + ignoreQueryStringsOrder: + description: |- + (Boolean) Ignore query strings order. + Ignore query strings order. type: boolean - rules: - description: List of rule-based overrides. + type: object + type: array + content: + description: |- + (String) Content of the custom error response. + Content of the custom error response. + type: string + contentType: + description: |- + Type of the custom error response. + Content-Type of the custom error response. + type: string + cookieFields: + description: |- + (Set of String) List of cookie values to include as part of custom fields logging. + List of cookie values to include as part of custom fields logging. + items: + type: string + type: array + x-kubernetes-list-type: set + disableApps: + description: |- + (Boolean) Turn off all active Cloudflare Apps. + Turn off all active Cloudflare Apps. + type: boolean + disableRailgun: + description: |- + (Boolean) Turn off railgun feature of the Cloudflare Speed app. + Turn off railgun feature of the Cloudflare Speed app. + type: boolean + disableZaraz: + description: |- + (Boolean) Turn off zaraz feature. + Turn off zaraz feature. + type: boolean + edgeTtl: + description: |- + (Block List, Max: 1) List of edge TTL parameters to apply to the request. (see below for nested schema) + List of edge TTL parameters to apply to the request. + items: + properties: + default: + description: |- + (Number) Default browser TTL. + Default edge TTL. + type: number + mode: + description: |- + (String) Mode of the browser TTL. + Mode of the edge TTL. + type: string + statusCodeTtl: + description: |- + (Block List) Edge TTL for the status codes. (see below for nested schema) + Edge TTL for the status codes. items: properties: - enabled: - description: Defines if the current rule-level - override enables or disables the rule. - type: boolean + statusCode: + description: |- + (Number) HTTP status code of the custom error response. + Status code for which the edge TTL is applied. Conflicts with "status_code_range". + type: number + statusCodeRange: + description: |- + (Block List) Status code range for which the edge TTL is applied. Conflicts with "status_code". (see below for nested schema) + Status code range for which the edge TTL is applied. Conflicts with "status_code". + items: + properties: + from: + description: |- + (Number) From status code. + From status code. + type: number + to: + description: |- + (Number) To status code. + To status code. + type: number + type: object + type: array + value: + description: |- + (Number) Status code edge TTL value. + Status code edge TTL value. + type: number type: object type: array type: object type: array - type: object - type: array - id: - description: Unique rule identifier. - type: string + emailObfuscation: + description: |- + (Boolean) Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. + Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. + type: boolean + fromList: + description: |- + (Block List, Max: 1) Use a list to lookup information for the action. (see below for nested schema) + Use a list to lookup information for the action. + items: + properties: + key: + description: |- + (String) Expression to use for the list lookup. + Expression to use for the list lookup. + type: string + name: + description: |- + (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + Name of the list. + type: string + type: object + type: array + fromValue: + description: |- + (Block List, Max: 1) Use a value to lookup information for the action. (see below for nested schema) + Use a value to lookup information for the action. + items: + properties: + preserveQueryString: + description: |- + (Boolean) Preserve query string for redirect URL. + Preserve query string for redirect URL. + type: boolean + statusCode: + description: |- + (Number) HTTP status code of the custom error response. + Status code for redirect. + type: number + targetUrl: + description: |- + (Block List, Max: 1) Target URL for redirect. (see below for nested schema) + Target URL for redirect. + items: + properties: + expression: + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. Conflicts with `"value"`. + type: string + value: + description: |- + (Number) Status code edge TTL value. + Static value to provide as the HTTP request header value. Conflicts with `"expression"`. + type: string + type: object + type: array + type: object + type: array + headers: + description: |- + (Block List) List of HTTP header modifications to perform in the ruleset rule. (see below for nested schema) + List of HTTP header modifications to perform in the ruleset rule. + items: + properties: + expression: + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. Conflicts with `"value"`. + type: string + name: + description: |- + (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + Name of the HTTP request header to target. + type: string + operation: + description: |- + (String) Action to perform on the HTTP request header. Available values: remove, set. + Action to perform on the HTTP request header. Available values: `remove`, `set`. + type: string + value: + description: |- + (Number) Status code edge TTL value. + Static value to provide as the HTTP request header value. Conflicts with `"expression"`. + type: string + type: object + type: array + hostHeader: + description: |- + (String) Host Header that request origin receives. + Host Header that request origin receives. + type: string + hotlinkProtection: + description: |- + (Boolean) Turn on or off the hotlink protection feature. + Turn on or off the hotlink protection feature. + type: boolean + id: + description: |- + (String) The ID of this resource. + Identifier of the action parameter to modify. + type: string + increment: + description: (Number) + type: number + matchedData: + description: |- + (Block List, Max: 1) List of properties to configure WAF payload logging. (see below for nested schema) + List of properties to configure WAF payload logging. + items: + properties: + publicKey: + description: |- + (String) Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the or in the Cloudflare dashboard. + Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key [using the `matched-data-cli` command-line tool](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/command-line/generate-key-pair) or [in the Cloudflare dashboard](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/configure). + type: string + type: object + type: array + mirage: + description: |- + (Boolean) Turn on or off Cloudflare Mirage of the Cloudflare Speed app. + Turn on or off Cloudflare Mirage of the Cloudflare Speed app. + type: boolean + opportunisticEncryption: + description: |- + (Boolean) Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + type: boolean + origin: + description: |- + (Block List, Max: 1) List of properties to change request origin. (see below for nested schema) + List of properties to change request origin. + items: + properties: + host: + description: |- + (Block List, Max: 1) Host parameters for the custom key. (see below for nested schema) + Origin Hostname where request is sent. + type: string + port: + description: |- + (Number) Origin Port where request is sent. + Origin Port where request is sent. + type: number + type: object + type: array + originErrorPagePassthru: + description: |- + through error page for origin. + Pass-through error page for origin. + type: boolean + overrides: + description: |- + (Block List, Max: 1) List of override configurations to apply to the ruleset. (see below for nested schema) + List of override configurations to apply to the ruleset. + items: + properties: + action: + description: |- + (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + Action to perform in the rule-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + type: string + categories: + description: |- + based overrides. (see below for nested schema) + List of tag-based overrides. + items: + properties: + action: + description: |- + (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + Action to perform in the tag-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + type: string + category: + description: |- + (String) Tag name to apply the ruleset rule override to. + Tag name to apply the ruleset rule override to. + type: string + status: + description: |- + level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + Defines if the current tag-level override enables or disables the ruleset rules with the specified tag. Available values: `enabled`, `disabled`. Defaults to `""`. + type: string + type: object + type: array + rules: + description: |- + (Block List) List of rules to apply to the ruleset. (see below for nested schema) + List of rule-based overrides. + items: + properties: + action: + description: |- + (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + Action to perform in the rule-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + type: string + id: + description: |- + (String) The ID of this resource. + Rule ID to apply the override to. + type: string + scoreThreshold: + description: |- + based rulesets. + Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets. + type: number + sensitivityLevel: + description: |- + (String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff. + Sensitivity level for a ruleset rule override. + type: string + status: + description: |- + level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + Defines if the current rule-level override enables or disables the rule. Available values: `enabled`, `disabled`. Defaults to `""`. + type: string + type: object + type: array + sensitivityLevel: + description: |- + (String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff. + Sensitivity level to override for all ruleset rules. Available values: `default`, `medium`, `low`, `eoff`. + type: string + status: + description: |- + level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + Defines if the current ruleset-level override enables or disables the ruleset. Available values: `enabled`, `disabled`. Defaults to `""`. + type: string + type: object + type: array + phases: + description: |- + (Set of String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings. + Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_late_transform_managed`, `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, `http_response_firewall_managed`, `http_response_headers_transform`, `http_response_headers_transform_managed`, `magic_transit`, `http_ratelimit`, `http_request_sbfm`, `http_config_settings`. + items: + type: string + type: array + x-kubernetes-list-type: set + polish: + description: |- + (String) Apply options from the Polish feature of the Cloudflare Speed app. + Apply options from the Polish feature of the Cloudflare Speed app. + type: string + products: + description: |- + (Set of String) Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown. + Products to target with the actions. Available values: `bic`, `hot`, `ratelimit`, `securityLevel`, `uablock`, `waf`, `zonelockdown`. + items: + type: string + type: array + x-kubernetes-list-type: set + requestFields: + description: |- + (Set of String) List of request headers to include as part of custom fields logging, in lowercase. + List of request headers to include as part of custom fields logging, in lowercase. + items: + type: string + type: array + x-kubernetes-list-type: set + respectStrongEtags: + description: |- + (Boolean) Respect strong ETags. + Respect strong ETags. + type: boolean + response: + description: |- + (Block List) List of parameters that configure the response given to end users. (see below for nested schema) + List of parameters that configure the response given to end users. + items: + properties: + content: + description: |- + (String) Content of the custom error response. + Body content to include in the response. + type: string + contentType: + description: |- + Type of the custom error response. + HTTP content type to send in the response. + type: string + statusCode: + description: |- + (Number) HTTP status code of the custom error response. + HTTP status code to send in the response. + type: number + type: object + type: array + responseFields: + description: |- + (Set of String) List of response headers to include as part of custom fields logging, in lowercase. + List of response headers to include as part of custom fields logging, in lowercase. + items: + type: string + type: array + x-kubernetes-list-type: set + rocketLoader: + description: |- + (Boolean) Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. + Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. + type: boolean + rules: + additionalProperties: + type: string + description: |- + (Block List) List of rules to apply to the ruleset. (see below for nested schema) + Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: `rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }`. + type: object + x-kubernetes-map-type: granular + ruleset: + description: |- + (String) Which ruleset ID to target. + Which ruleset ID to target. + type: string + rulesets: + description: |- + (Set of String) List of managed WAF rule IDs to target. Only valid when the "action" is set to skip. + List of managed WAF rule IDs to target. Only valid when the `"action"` is set to skip. + items: + type: string + type: array + x-kubernetes-list-type: set + securityLevel: + description: |- + (String) Control options for the Security Level feature from the Security app. + Control options for the Security Level feature from the Security app. + type: string + serveStale: + description: |- + (Block List, Max: 1) List of serve stale parameters to apply to the request. (see below for nested schema) + List of serve stale parameters to apply to the request. + items: + properties: + disableStaleWhileUpdating: + description: |- + (Boolean) Disable stale while updating. + Disable stale while updating. + type: boolean + type: object + type: array + serverSideExcludes: + description: |- + (Boolean) Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. + Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. + type: boolean + sni: + description: |- + (Block List, Max: 1) List of properties to manange Server Name Indication. (see below for nested schema) + List of properties to manange Server Name Indication. + items: + properties: + value: + description: |- + (Number) Status code edge TTL value. + Value to define for SNI. + type: string + type: object + type: array + ssl: + description: |- + (String) Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + type: string + statusCode: + description: |- + (Number) HTTP status code of the custom error response. + HTTP status code of the custom error response. + type: number + sxg: + description: |- + (Boolean) Turn on or off the SXG feature. + Turn on or off the SXG feature. + type: boolean + uri: + description: |- + (Block List, Max: 1) List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. (see below for nested schema) + List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. + items: + properties: + origin: + description: '(Block List, Max: 1) List of properties + to change request origin. (see below for nested + schema)' + type: boolean + path: + description: |- + (Block List, Max: 1) URI path configuration when performing a URL rewrite. (see below for nested schema) + URI path configuration when performing a URL rewrite. + items: + properties: + expression: + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + type: string + value: + description: |- + (Number) Status code edge TTL value. + Static string value of the updated URI path or query string component. + type: string + type: object + type: array + query: + description: |- + (Block List, Max: 1) Query string configuration when performing a URL rewrite. (see below for nested schema) + Query string configuration when performing a URL rewrite. + items: + properties: + expression: + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + type: string + value: + description: |- + (Number) Status code edge TTL value. + Static string value of the updated URI path or query string component. + type: string + type: object + type: array + type: object + type: array + version: + description: |- + (String) Version of the ruleset to deploy. + Version of the ruleset to deploy. + type: string + type: object + type: array + description: + description: |- + (String) Brief summary of the ruleset and its intended use. + Brief summary of the ruleset rule and its intended use. + type: string + enabled: + description: |- + (Boolean) Whether the rule is active. + Whether the rule is active. + type: boolean + exposedCredentialCheck: + description: |- + (Block List, Max: 1) List of parameters that configure exposed credential checks. (see below for nested schema) + List of parameters that configure exposed credential checks. + items: + properties: + passwordExpression: + description: |- + (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language. + Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). + type: string + usernameExpression: + description: |- + (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language. + Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). + type: string + type: object + type: array + expression: + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + type: string + logging: + description: |- + (Block List, Max: 1) List parameters to configure how the rule generates logs. (see below for nested schema) + List parameters to configure how the rule generates logs. + items: + properties: + status: + description: |- + level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + Override the default logging behavior when a rule is matched. Available values: `enabled`, `disabled`. Defaults to `""`. + type: string + type: object + type: array + ratelimit: + description: |- + (Block List, Max: 1) List of parameters that configure HTTP rate limiting behaviour. (see below for nested schema) + List of parameters that configure HTTP rate limiting behaviour. + items: + properties: + characteristics: + description: |- + (Set of String) List of parameters that define how Cloudflare tracks the request rate for this rule. + List of parameters that define how Cloudflare tracks the request rate for this rule. + items: + type: string + type: array + x-kubernetes-list-type: set + countingExpression: + description: |- + (String) Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + type: string + mitigationTimeout: + description: |- + (Number) Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. + Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. + type: number + period: + description: |- + (Number) The period of time to consider (in seconds) when evaluating the request rate. + The period of time to consider (in seconds) when evaluating the request rate. + type: number + requestsPerPeriod: + description: |- + (Number) The number of requests over the period of time that will trigger the Rate Limiting rule. + The number of requests over the period of time that will trigger the Rate Limiting rule. + type: number + requestsToOrigin: + description: |- + (Boolean) Whether to include requests to origin within the Rate Limiting count. + Whether to include requests to origin within the Rate Limiting count. + type: boolean + type: object + type: array + type: object + type: array + shareableEntitlementName: + description: |- + (String) Name of entitlement that is shareable between entities. + Name of entitlement that is shareable between entities. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + type: object + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + publishConnectionDetailsTo: + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + properties: + configRef: + default: + name: default + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + metadata: + description: Metadata is the metadata for connection secret. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. + type: object + labels: + additionalProperties: + type: string + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. + type: object + type: + description: |- + Type is the SecretType for the connection secret. + - Only valid for Kubernetes Secret Stores. + type: string + type: object + name: + description: Name is the name of the connection secret. + type: string + required: + - name + type: object + writeConnectionSecretToRef: + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. + properties: + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - name + - namespace + type: object + required: + - forProvider + type: object + x-kubernetes-validations: + - message: spec.forProvider.kind is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.kind) + || (has(self.initProvider) && has(self.initProvider.kind))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.phase is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.phase) + || (has(self.initProvider) && has(self.initProvider.phase))' + status: + description: RulesetStatus defines the observed state of Ruleset. + properties: + atProvider: + properties: + accountId: + description: |- + (String) The account identifier to target for the resource. Conflicts with zone_id. + The account identifier to target for the resource. Conflicts with `zone_id`. + type: string + description: + description: |- + (String) Brief summary of the ruleset and its intended use. + Brief summary of the ruleset and its intended use. + type: string + id: + description: (String) The ID of this resource. + type: string + kind: + description: |- + (String) Type of Ruleset to create. Available values: custom, managed, root, schema, zone. + Type of Ruleset to create. Available values: `custom`, `managed`, `root`, `schema`, `zone`. + type: string + name: + description: |- + (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + Name of the ruleset. **Modifying this attribute will force creation of a new resource.** + type: string + phase: + description: |- + (String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings. + Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_late_transform_managed`, `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, `http_response_firewall_managed`, `http_response_headers_transform`, `http_response_headers_transform_managed`, `magic_transit`, `http_ratelimit`, `http_request_sbfm`, `http_config_settings`. + type: string + rules: + description: |- + (Block List) List of rules to apply to the ruleset. (see below for nested schema) + List of rules to apply to the ruleset. + items: + properties: + action: + description: |- + (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + Action to perform in the ruleset rule. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + type: string + actionParameters: + description: |- + (Block List, Max: 1) List of parameters that configure the behavior of the ruleset rule action. (see below for nested schema) + List of parameters that configure the behavior of the ruleset rule action. + items: + properties: + automaticHttpsRewrites: + description: |- + (Boolean) Turn on or off Cloudflare Automatic HTTPS rewrites. + Turn on or off Cloudflare Automatic HTTPS rewrites. + type: boolean + autominify: + description: |- + (Block List) Indicate which file extensions to minify automatically. (see below for nested schema) + Indicate which file extensions to minify automatically. + items: + properties: + css: + description: |- + (Boolean) SSL minification. + SSL minification. + type: boolean + html: + description: |- + (Boolean) HTML minification. + HTML minification. + type: boolean + js: + description: |- + (Boolean) JS minification. + JS minification. + type: boolean + type: object + type: array + bic: + description: |- + (Boolean) Inspect the visitor's browser for headers commonly associated with spammers and certain bots. + Inspect the visitor's browser for headers commonly associated with spammers and certain bots. + type: boolean + browserTtl: + description: |- + (Block List, Max: 1) List of browser TTL parameters to apply to the request. (see below for nested schema) + List of browser TTL parameters to apply to the request. + items: + properties: + default: + description: |- + (Number) Default browser TTL. + Default browser TTL. + type: number + mode: + description: |- + (String) Mode of the browser TTL. + Mode of the browser TTL. + type: string + type: object + type: array + cache: + description: |- + (Boolean) Whether to cache if expression matches. + Whether to cache if expression matches. + type: boolean + cacheKey: + description: |- + (Block List, Max: 1) List of cache key parameters to apply to the request. (see below for nested schema) + List of cache key parameters to apply to the request. + items: + properties: + cacheByDeviceType: + description: |- + (Boolean) Cache by device type. Conflicts with "custom_key.user.device_type". + Cache by device type. Conflicts with "custom_key.user.device_type". + type: boolean + cacheDeceptionArmor: + description: |- + (Boolean) Cache deception armor. + Cache deception armor. + type: boolean + customKey: + description: |- + (Block List, Max: 1) Custom key parameters for the request. (see below for nested schema) + Custom key parameters for the request. + items: + properties: + cookie: + description: |- + (Block List, Max: 1) Cookie parameters for the custom key. (see below for nested schema) + Cookie parameters for the custom key. + items: + properties: + checkPresence: + description: |- + (List of String) List of cookies to check for presence in the custom key. + List of cookies to check for presence in the custom key. + items: + type: string + type: array + include: + description: |- + (List of String) List of cookies to include in the custom key. + List of cookies to include in the custom key. + items: + type: string + type: array + type: object + type: array + header: + description: |- + (Block List, Max: 1) Header parameters for the custom key. (see below for nested schema) + Header parameters for the custom key. + items: + properties: + checkPresence: + description: |- + (List of String) List of cookies to check for presence in the custom key. + List of headers to check for presence in the custom key. + items: + type: string + type: array + excludeOrigin: + description: |- + (Boolean) Exclude the origin header from the custom key. + Exclude the origin header from the custom key. + type: boolean + include: + description: |- + (List of String) List of cookies to include in the custom key. + List of headers to include in the custom key. + items: + type: string + type: array + type: object + type: array + host: + description: |- + (Block List, Max: 1) Host parameters for the custom key. (see below for nested schema) + Host parameters for the custom key. + items: + properties: + resolved: + description: |- + (Boolean) Resolve hostname to IP address. + Resolve hostname to IP address. + type: boolean + type: object + type: array + queryString: + description: |- + (Block List, Max: 1) Query string parameters for the custom key. (see below for nested schema) + Query string parameters for the custom key. + items: + properties: + exclude: + description: |- + (List of String) List of query string parameters to exclude from the custom key. Conflicts with "include". + List of query string parameters to exclude from the custom key. Conflicts with "include". + items: + type: string + type: array + include: + description: |- + (List of String) List of cookies to include in the custom key. + List of query string parameters to include in the custom key. Conflicts with "exclude". + items: + type: string + type: array + type: object + type: array + user: + description: |- + (Block List, Max: 1) User parameters for the custom key. (see below for nested schema) + User parameters for the custom key. + items: + properties: + deviceType: + description: |- + (Boolean) Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". + Add device type to the custom key. Conflicts with "cache_key.cache_by_device_type". + type: boolean + geo: + description: |- + (Boolean) Add geo data to the custom key. + Add geo data to the custom key. + type: boolean + lang: + description: |- + (Boolean) Add language data to the custom key. + Add language data to the custom key. + type: boolean + type: object + type: array + type: object + type: array + ignoreQueryStringsOrder: + description: |- + (Boolean) Ignore query strings order. + Ignore query strings order. + type: boolean + type: object + type: array + content: + description: |- + (String) Content of the custom error response. + Content of the custom error response. + type: string + contentType: + description: |- + Type of the custom error response. + Content-Type of the custom error response. + type: string + cookieFields: + description: |- + (Set of String) List of cookie values to include as part of custom fields logging. + List of cookie values to include as part of custom fields logging. + items: + type: string + type: array + x-kubernetes-list-type: set + disableApps: + description: |- + (Boolean) Turn off all active Cloudflare Apps. + Turn off all active Cloudflare Apps. + type: boolean + disableRailgun: + description: |- + (Boolean) Turn off railgun feature of the Cloudflare Speed app. + Turn off railgun feature of the Cloudflare Speed app. + type: boolean + disableZaraz: + description: |- + (Boolean) Turn off zaraz feature. + Turn off zaraz feature. + type: boolean + edgeTtl: + description: |- + (Block List, Max: 1) List of edge TTL parameters to apply to the request. (see below for nested schema) + List of edge TTL parameters to apply to the request. + items: + properties: + default: + description: |- + (Number) Default browser TTL. + Default edge TTL. + type: number + mode: + description: |- + (String) Mode of the browser TTL. + Mode of the edge TTL. + type: string + statusCodeTtl: + description: |- + (Block List) Edge TTL for the status codes. (see below for nested schema) + Edge TTL for the status codes. + items: + properties: + statusCode: + description: |- + (Number) HTTP status code of the custom error response. + Status code for which the edge TTL is applied. Conflicts with "status_code_range". + type: number + statusCodeRange: + description: |- + (Block List) Status code range for which the edge TTL is applied. Conflicts with "status_code". (see below for nested schema) + Status code range for which the edge TTL is applied. Conflicts with "status_code". + items: + properties: + from: + description: |- + (Number) From status code. + From status code. + type: number + to: + description: |- + (Number) To status code. + To status code. + type: number + type: object + type: array + value: + description: |- + (Number) Status code edge TTL value. + Status code edge TTL value. + type: number + type: object + type: array + type: object + type: array + emailObfuscation: + description: |- + (Boolean) Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. + Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. + type: boolean + fromList: + description: |- + (Block List, Max: 1) Use a list to lookup information for the action. (see below for nested schema) + Use a list to lookup information for the action. + items: + properties: + key: + description: |- + (String) Expression to use for the list lookup. + Expression to use for the list lookup. + type: string + name: + description: |- + (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + Name of the list. + type: string + type: object + type: array + fromValue: + description: |- + (Block List, Max: 1) Use a value to lookup information for the action. (see below for nested schema) + Use a value to lookup information for the action. + items: + properties: + preserveQueryString: + description: |- + (Boolean) Preserve query string for redirect URL. + Preserve query string for redirect URL. + type: boolean + statusCode: + description: |- + (Number) HTTP status code of the custom error response. + Status code for redirect. + type: number + targetUrl: + description: |- + (Block List, Max: 1) Target URL for redirect. (see below for nested schema) + Target URL for redirect. + items: + properties: + expression: + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. Conflicts with `"value"`. + type: string + value: + description: |- + (Number) Status code edge TTL value. + Static value to provide as the HTTP request header value. Conflicts with `"expression"`. + type: string + type: object + type: array + type: object + type: array + headers: + description: |- + (Block List) List of HTTP header modifications to perform in the ruleset rule. (see below for nested schema) + List of HTTP header modifications to perform in the ruleset rule. + items: + properties: + expression: + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. Conflicts with `"value"`. + type: string + name: + description: |- + (String) Name of the ruleset. Modifying this attribute will force creation of a new resource. + Name of the HTTP request header to target. + type: string + operation: + description: |- + (String) Action to perform on the HTTP request header. Available values: remove, set. + Action to perform on the HTTP request header. Available values: `remove`, `set`. + type: string + value: + description: |- + (Number) Status code edge TTL value. + Static value to provide as the HTTP request header value. Conflicts with `"expression"`. + type: string + type: object + type: array + hostHeader: + description: |- + (String) Host Header that request origin receives. + Host Header that request origin receives. + type: string + hotlinkProtection: + description: |- + (Boolean) Turn on or off the hotlink protection feature. + Turn on or off the hotlink protection feature. + type: boolean + id: + description: |- + (String) The ID of this resource. + Identifier of the action parameter to modify. + type: string + increment: + description: (Number) + type: number + matchedData: + description: |- + (Block List, Max: 1) List of properties to configure WAF payload logging. (see below for nested schema) + List of properties to configure WAF payload logging. + items: + properties: + publicKey: + description: |- + (String) Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the or in the Cloudflare dashboard. + Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key [using the `matched-data-cli` command-line tool](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/command-line/generate-key-pair) or [in the Cloudflare dashboard](https://developers.cloudflare.com/waf/managed-rulesets/payload-logging/configure). + type: string + type: object + type: array + mirage: + description: |- + (Boolean) Turn on or off Cloudflare Mirage of the Cloudflare Speed app. + Turn on or off Cloudflare Mirage of the Cloudflare Speed app. + type: boolean + opportunisticEncryption: + description: |- + (Boolean) Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + type: boolean + origin: + description: |- + (Block List, Max: 1) List of properties to change request origin. (see below for nested schema) + List of properties to change request origin. + items: + properties: + host: + description: |- + (Block List, Max: 1) Host parameters for the custom key. (see below for nested schema) + Origin Hostname where request is sent. + type: string + port: + description: |- + (Number) Origin Port where request is sent. + Origin Port where request is sent. + type: number + type: object + type: array + originErrorPagePassthru: + description: |- + through error page for origin. + Pass-through error page for origin. + type: boolean + overrides: + description: |- + (Block List, Max: 1) List of override configurations to apply to the ruleset. (see below for nested schema) + List of override configurations to apply to the ruleset. + items: + properties: + action: + description: |- + (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + Action to perform in the rule-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + type: string + categories: + description: |- + based overrides. (see below for nested schema) + List of tag-based overrides. + items: + properties: + action: + description: |- + (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + Action to perform in the tag-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + type: string + category: + description: |- + (String) Tag name to apply the ruleset rule override to. + Tag name to apply the ruleset rule override to. + type: string + enabled: + description: |- + (Boolean) Whether the rule is active. + Defines if the current tag-level override enables or disables the ruleset rules with the specified tag. + type: boolean + status: + description: |- + level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + Defines if the current tag-level override enables or disables the ruleset rules with the specified tag. Available values: `enabled`, `disabled`. Defaults to `""`. + type: string + type: object + type: array + enabled: + description: |- + (Boolean) Whether the rule is active. + Defines if the current ruleset-level override enables or disables the ruleset. + type: boolean + rules: + description: |- + (Block List) List of rules to apply to the ruleset. (see below for nested schema) + List of rule-based overrides. + items: + properties: + action: + description: |- + (String) Action to perform in the ruleset rule. Available values: block, challenge, ddos_dynamic, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, set_cache_settings, set_config, serve_error, skip. + Action to perform in the rule-level override. Available values: `block`, `challenge`, `ddos_dynamic`, `execute`, `force_connection_close`, `js_challenge`, `log`, `log_custom_field`, `managed_challenge`, `redirect`, `rewrite`, `route`, `score`, `set_cache_settings`, `set_config`, `serve_error`, `skip`. + type: string + enabled: + description: |- + (Boolean) Whether the rule is active. + Defines if the current rule-level override enables or disables the rule. + type: boolean + id: + description: |- + (String) The ID of this resource. + Rule ID to apply the override to. + type: string + scoreThreshold: + description: |- + based rulesets. + Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets. + type: number + sensitivityLevel: + description: |- + (String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff. + Sensitivity level for a ruleset rule override. + type: string + status: + description: |- + level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + Defines if the current rule-level override enables or disables the rule. Available values: `enabled`, `disabled`. Defaults to `""`. + type: string + type: object + type: array + sensitivityLevel: + description: |- + (String) Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff. + Sensitivity level to override for all ruleset rules. Available values: `default`, `medium`, `low`, `eoff`. + type: string + status: + description: |- + level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + Defines if the current ruleset-level override enables or disables the ruleset. Available values: `enabled`, `disabled`. Defaults to `""`. + type: string + type: object + type: array + phases: + description: |- + (Set of String) Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_custom_errors, http_log_custom_fields, http_request_cache_settings, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_late_transform_managed, http_request_main, http_request_origin, http_request_dynamic_redirect, http_request_redirect, http_request_sanitize, http_request_transform, http_response_firewall_managed, http_response_headers_transform, http_response_headers_transform_managed, magic_transit, http_ratelimit, http_request_sbfm, http_config_settings. + Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_custom_errors`, `http_log_custom_fields`, `http_request_cache_settings`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_late_transform_managed`, `http_request_main`, `http_request_origin`, `http_request_dynamic_redirect`, `http_request_redirect`, `http_request_sanitize`, `http_request_transform`, `http_response_firewall_managed`, `http_response_headers_transform`, `http_response_headers_transform_managed`, `magic_transit`, `http_ratelimit`, `http_request_sbfm`, `http_config_settings`. + items: + type: string + type: array + x-kubernetes-list-type: set + polish: + description: |- + (String) Apply options from the Polish feature of the Cloudflare Speed app. + Apply options from the Polish feature of the Cloudflare Speed app. + type: string + products: + description: |- + (Set of String) Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown. + Products to target with the actions. Available values: `bic`, `hot`, `ratelimit`, `securityLevel`, `uablock`, `waf`, `zonelockdown`. + items: + type: string + type: array + x-kubernetes-list-type: set + requestFields: + description: |- + (Set of String) List of request headers to include as part of custom fields logging, in lowercase. + List of request headers to include as part of custom fields logging, in lowercase. + items: + type: string + type: array + x-kubernetes-list-type: set + respectStrongEtags: + description: |- + (Boolean) Respect strong ETags. + Respect strong ETags. + type: boolean + response: + description: |- + (Block List) List of parameters that configure the response given to end users. (see below for nested schema) + List of parameters that configure the response given to end users. + items: + properties: + content: + description: |- + (String) Content of the custom error response. + Body content to include in the response. + type: string + contentType: + description: |- + Type of the custom error response. + HTTP content type to send in the response. + type: string + statusCode: + description: |- + (Number) HTTP status code of the custom error response. + HTTP status code to send in the response. + type: number + type: object + type: array + responseFields: + description: |- + (Set of String) List of response headers to include as part of custom fields logging, in lowercase. + List of response headers to include as part of custom fields logging, in lowercase. + items: + type: string + type: array + x-kubernetes-list-type: set + rocketLoader: + description: |- + (Boolean) Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. + Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app. + type: boolean + rules: + additionalProperties: + type: string + description: |- + (Block List) List of rules to apply to the ruleset. (see below for nested schema) + Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: `rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }`. + type: object + x-kubernetes-map-type: granular + ruleset: + description: |- + (String) Which ruleset ID to target. + Which ruleset ID to target. + type: string + rulesets: + description: |- + (Set of String) List of managed WAF rule IDs to target. Only valid when the "action" is set to skip. + List of managed WAF rule IDs to target. Only valid when the `"action"` is set to skip. + items: + type: string + type: array + x-kubernetes-list-type: set + securityLevel: + description: |- + (String) Control options for the Security Level feature from the Security app. + Control options for the Security Level feature from the Security app. + type: string + serveStale: + description: |- + (Block List, Max: 1) List of serve stale parameters to apply to the request. (see below for nested schema) + List of serve stale parameters to apply to the request. + items: + properties: + disableStaleWhileUpdating: + description: |- + (Boolean) Disable stale while updating. + Disable stale while updating. + type: boolean + type: object + type: array + serverSideExcludes: + description: |- + (Boolean) Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. + Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. + type: boolean + sni: + description: |- + (Block List, Max: 1) List of properties to manange Server Name Indication. (see below for nested schema) + List of properties to manange Server Name Indication. + items: + properties: + value: + description: |- + (Number) Status code edge TTL value. + Value to define for SNI. + type: string + type: object + type: array + ssl: + description: |- + (String) Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. + type: string + statusCode: + description: |- + (Number) HTTP status code of the custom error response. + HTTP status code of the custom error response. + type: number + sxg: + description: |- + (Boolean) Turn on or off the SXG feature. + Turn on or off the SXG feature. + type: boolean + uri: + description: |- + (Block List, Max: 1) List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. (see below for nested schema) + List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. + items: + properties: + origin: + description: '(Block List, Max: 1) List of properties + to change request origin. (see below for nested + schema)' + type: boolean + path: + description: |- + (Block List, Max: 1) URI path configuration when performing a URL rewrite. (see below for nested schema) + URI path configuration when performing a URL rewrite. + items: + properties: + expression: + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + type: string + value: + description: |- + (Number) Status code edge TTL value. + Static string value of the updated URI path or query string component. + type: string + type: object + type: array + query: + description: |- + (Block List, Max: 1) Query string configuration when performing a URL rewrite. (see below for nested schema) + Query string configuration when performing a URL rewrite. + items: + properties: + expression: + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + type: string + value: + description: |- + (Number) Status code edge TTL value. + Static string value of the updated URI path or query string component. + type: string + type: object + type: array + type: object + type: array + version: + description: |- + (String) Version of the ruleset to deploy. + Version of the ruleset to deploy. + type: string + type: object + type: array + description: + description: |- + (String) Brief summary of the ruleset and its intended use. + Brief summary of the ruleset rule and its intended use. + type: string + enabled: + description: |- + (Boolean) Whether the rule is active. + Whether the rule is active. + type: boolean + exposedCredentialCheck: + description: |- + (Block List, Max: 1) List of parameters that configure exposed credential checks. (see below for nested schema) + List of parameters that configure exposed credential checks. + items: + properties: + passwordExpression: + description: |- + (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language. + Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). + type: string + usernameExpression: + description: |- + (String) Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language. + Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language). + type: string + type: object + type: array + expression: + description: |- + (String) Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + type: string + id: + description: |- + (String) The ID of this resource. + Unique rule identifier. + type: string logging: - description: List parameters to configure how the rule generates - logs. + description: |- + (Block List, Max: 1) List parameters to configure how the rule generates logs. (see below for nested schema) + List parameters to configure how the rule generates logs. items: properties: enabled: - description: Override the default logging behavior - when a rule is matched. + description: |- + (Boolean) Whether the rule is active. + Override the default logging behavior when a rule is matched. + type: boolean + status: + description: |- + level override enables or disables the ruleset. Available values: enabled, disabled. Defaults to "". + Override the default logging behavior when a rule is matched. Available values: `enabled`, `disabled`. Defaults to `""`. + type: string + type: object + type: array + ratelimit: + description: |- + (Block List, Max: 1) List of parameters that configure HTTP rate limiting behaviour. (see below for nested schema) + List of parameters that configure HTTP rate limiting behaviour. + items: + properties: + characteristics: + description: |- + (Set of String) List of parameters that define how Cloudflare tracks the request rate for this rule. + List of parameters that define how Cloudflare tracks the request rate for this rule. + items: + type: string + type: array + x-kubernetes-list-type: set + countingExpression: + description: |- + (String) Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions. + Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions. + type: string + mitigationTimeout: + description: |- + (Number) Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. + Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field. + type: number + period: + description: |- + (Number) The period of time to consider (in seconds) when evaluating the request rate. + The period of time to consider (in seconds) when evaluating the request rate. + type: number + requestsPerPeriod: + description: |- + (Number) The number of requests over the period of time that will trigger the Rate Limiting rule. + The number of requests over the period of time that will trigger the Rate Limiting rule. + type: number + requestsToOrigin: + description: |- + (Boolean) Whether to include requests to origin within the Rate Limiting count. + Whether to include requests to origin within the Rate Limiting count. type: boolean type: object type: array ref: - description: Rule reference. + description: |- + (String) Rule reference. + Rule reference. type: string version: - description: Version of the ruleset to deploy. + description: |- + (String) Version of the ruleset to deploy. + Version of the ruleset to deploy. type: string type: object type: array + shareableEntitlementName: + description: |- + (String) Name of entitlement that is shareable between entities. + Name of entitlement that is shareable between entities. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Conflicts with account_id. + The zone identifier to target for the resource. Conflicts with `account_id`. + type: string type: object conditions: description: Conditions of the resource. @@ -1235,13 +3168,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -1252,8 +3187,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -1262,6 +3198,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -1270,9 +3209,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/spectrum.cloudflare.upbound.io_applications.yaml b/package/crds/spectrum.cloudflare.upbound.io_applications.yaml index 3b70776..e28ed90 100644 --- a/package/crds/spectrum.cloudflare.upbound.io_applications.yaml +++ b/package/crds/spectrum.cloudflare.upbound.io_applications.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: applications.spectrum.cloudflare.upbound.io spec: group: spectrum.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Application is the Schema for the Applications API. + description: Application is the Schema for the Applications API. Provides + a Cloudflare Spectrum Application resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,71 +74,103 @@ spec: forProvider: properties: argoSmartRouting: - description: Defaults to `false`. + description: |- + . Enables Argo Smart Routing. Defaults to false. + Defaults to `false`. type: boolean dns: + description: The name and type of DNS record for the Spectrum + application. Fields documented below. items: properties: name: + description: The name of the DNS record associated with + the application.i.e. ssh.example.com. type: string type: + description: 'The type of DNS record associated with the + application. Valid values: CNAME.' type: string - required: - - name - - type type: object type: array edgeIpConnectivity: + description: '. Choose which types of IP addresses will be provisioned + for this subdomain. Valid values are: all, ipv4, ipv6. Defaults + to all.' type: string edgeIps: + description: . A list of edge IPs (IPv4 and/or IPv6) to configure + Spectrum application to. Requires Bring Your Own IP provisioned. items: type: string type: array + x-kubernetes-list-type: set ipFirewall: - description: Defaults to `true`. + description: |- + Enables the IP Firewall for this application. Defaults to true. + Defaults to `true`. type: boolean originDirect: + description: A list of destination addresses to the origin. e.g. + tcp://192.0.2.1:22. items: type: string type: array originDns: + description: A destination DNS addresses to the origin. Fields + documented below. items: properties: name: + description: The name of the DNS record associated with + the application.i.e. ssh.example.com. type: string - required: - - name type: object type: array originPort: - description: Conflicts with `origin_port_range`. + description: |- + If using origin_dns and not origin_port_range, this is a required attribute. Origin port to proxy traffice to e.g. 22. + Conflicts with `origin_port_range`. type: number originPortRange: - description: Conflicts with `origin_port`. + description: |- + If using origin_dns and not origin_port, this is a required attribute. Origin port range to proxy traffice to. When using a range, the protocol field must also specify a range, e.g. tcp/22-23. Fields documented below. + Conflicts with `origin_port`. items: properties: end: + description: Upper bound of the origin port range, e.g. + 2000 type: number start: + description: Lower bound of the origin port range, e.g. + 1000 type: number - required: - - end - - start type: object type: array protocol: + description: The port configuration at Cloudflare’s edge. e.g. + tcp/22. type: string proxyProtocol: - description: Defaults to `off`. + description: |- + Enables a proxy protocol to the origin. Valid values are: off, v1, v2, and simple. Defaults to off. + Defaults to `off`. type: string tls: - description: Defaults to `off`. + description: |- + TLS configuration option for Cloudflare to connect to your origin. Valid values are: off, flexible, full and strict. Defaults to off. + Defaults to `off`. type: string trafficType: - description: Defaults to `direct`. + description: |- + Sets application type. Valid values are: direct, http, https. Defaults to direct. + Defaults to `direct`. type: string zoneId: - description: The zone identifier to target for the resource. + description: |- + The DNS zone ID to add the application to + The zone identifier to target for the resource. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -141,21 +183,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -168,8 +210,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -182,73 +225,249 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - dns - - protocol type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + argoSmartRouting: + description: |- + . Enables Argo Smart Routing. Defaults to false. + Defaults to `false`. + type: boolean + dns: + description: The name and type of DNS record for the Spectrum + application. Fields documented below. + items: + properties: + name: + description: The name of the DNS record associated with + the application.i.e. ssh.example.com. + type: string + type: + description: 'The type of DNS record associated with the + application. Valid values: CNAME.' + type: string + type: object + type: array + edgeIpConnectivity: + description: '. Choose which types of IP addresses will be provisioned + for this subdomain. Valid values are: all, ipv4, ipv6. Defaults + to all.' type: string - policy: - description: Policies for referencing. + edgeIps: + description: . A list of edge IPs (IPv4 and/or IPv6) to configure + Spectrum application to. Requires Bring Your Own IP provisioned. + items: + type: string + type: array + x-kubernetes-list-type: set + ipFirewall: + description: |- + Enables the IP Firewall for this application. Defaults to true. + Defaults to `true`. + type: boolean + originDirect: + description: A list of destination addresses to the origin. e.g. + tcp://192.0.2.1:22. + items: + type: string + type: array + originDns: + description: A destination DNS addresses to the origin. Fields + documented below. + items: + properties: + name: + description: The name of the DNS record associated with + the application.i.e. ssh.example.com. + type: string + type: object + type: array + originPort: + description: |- + If using origin_dns and not origin_port_range, this is a required attribute. Origin port to proxy traffice to e.g. 22. + Conflicts with `origin_port_range`. + type: number + originPortRange: + description: |- + If using origin_dns and not origin_port, this is a required attribute. Origin port range to proxy traffice to. When using a range, the protocol field must also specify a range, e.g. tcp/22-23. Fields documented below. + Conflicts with `origin_port`. + items: + properties: + end: + description: Upper bound of the origin port range, e.g. + 2000 + type: number + start: + description: Lower bound of the origin port range, e.g. + 1000 + type: number + type: object + type: array + protocol: + description: The port configuration at Cloudflare’s edge. e.g. + tcp/22. + type: string + proxyProtocol: + description: |- + Enables a proxy protocol to the origin. Valid values are: off, v1, v2, and simple. Defaults to off. + Defaults to `off`. + type: string + tls: + description: |- + TLS configuration option for Cloudflare to connect to your origin. Valid values are: off, flexible, full and strict. Defaults to off. + Defaults to `off`. + type: string + trafficType: + description: |- + Sets application type. Valid values are: direct, http, https. Defaults to direct. + Defaults to `direct`. + type: string + zoneId: + description: |- + The DNS zone ID to add the application to + The zone identifier to target for the resource. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -258,21 +477,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -282,17 +501,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -302,21 +523,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -331,21 +552,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -356,14 +578,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -378,12 +601,121 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.dns is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.dns) + || (has(self.initProvider) && has(self.initProvider.dns))' + - message: spec.forProvider.protocol is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.protocol) + || (has(self.initProvider) && has(self.initProvider.protocol))' status: description: ApplicationStatus defines the observed state of Application. properties: atProvider: properties: + argoSmartRouting: + description: |- + . Enables Argo Smart Routing. Defaults to false. + Defaults to `false`. + type: boolean + dns: + description: The name and type of DNS record for the Spectrum + application. Fields documented below. + items: + properties: + name: + description: The name of the DNS record associated with + the application.i.e. ssh.example.com. + type: string + type: + description: 'The type of DNS record associated with the + application. Valid values: CNAME.' + type: string + type: object + type: array + edgeIpConnectivity: + description: '. Choose which types of IP addresses will be provisioned + for this subdomain. Valid values are: all, ipv4, ipv6. Defaults + to all.' + type: string + edgeIps: + description: . A list of edge IPs (IPv4 and/or IPv6) to configure + Spectrum application to. Requires Bring Your Own IP provisioned. + items: + type: string + type: array + x-kubernetes-list-type: set id: + description: Unique identifier in the API for the spectrum application. + type: string + ipFirewall: + description: |- + Enables the IP Firewall for this application. Defaults to true. + Defaults to `true`. + type: boolean + originDirect: + description: A list of destination addresses to the origin. e.g. + tcp://192.0.2.1:22. + items: + type: string + type: array + originDns: + description: A destination DNS addresses to the origin. Fields + documented below. + items: + properties: + name: + description: The name of the DNS record associated with + the application.i.e. ssh.example.com. + type: string + type: object + type: array + originPort: + description: |- + If using origin_dns and not origin_port_range, this is a required attribute. Origin port to proxy traffice to e.g. 22. + Conflicts with `origin_port_range`. + type: number + originPortRange: + description: |- + If using origin_dns and not origin_port, this is a required attribute. Origin port range to proxy traffice to. When using a range, the protocol field must also specify a range, e.g. tcp/22-23. Fields documented below. + Conflicts with `origin_port`. + items: + properties: + end: + description: Upper bound of the origin port range, e.g. + 2000 + type: number + start: + description: Lower bound of the origin port range, e.g. + 1000 + type: number + type: object + type: array + protocol: + description: The port configuration at Cloudflare’s edge. e.g. + tcp/22. + type: string + proxyProtocol: + description: |- + Enables a proxy protocol to the origin. Valid values are: off, v1, v2, and simple. Defaults to off. + Defaults to `off`. + type: string + tls: + description: |- + TLS configuration option for Cloudflare to connect to your origin. Valid values are: off, flexible, full and strict. Defaults to off. + Defaults to `off`. + type: string + trafficType: + description: |- + Sets application type. Valid values are: direct, http, https. Defaults to direct. + Defaults to `direct`. + type: string + zoneId: + description: |- + The DNS zone ID to add the application to + The zone identifier to target for the resource. type: string type: object conditions: @@ -392,13 +724,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -409,8 +743,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -419,6 +754,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -427,9 +765,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/teams.cloudflare.upbound.io_accounts.yaml b/package/crds/teams.cloudflare.upbound.io_accounts.yaml index 07ab35e..a001bd5 100644 --- a/package/crds/teams.cloudflare.upbound.io_accounts.yaml +++ b/package/crds/teams.cloudflare.upbound.io_accounts.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: accounts.teams.cloudflare.upbound.io spec: group: teams.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Account is the Schema for the Accounts API. + description: Account is the Schema for the Accounts API. Provides a Cloudflare + Teams Account resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + The account to which the teams location should be added. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,43 +153,54 @@ spec: type: object type: object activityLogEnabled: + description: Indicator of enablement. type: boolean antivirus: + description: Configuration block for antivirus traffic scanning. items: properties: enabledDownloadPhase: + description: Scan on file download. type: boolean enabledUploadPhase: + description: Scan on file upload. type: boolean failClosed: + description: Block requests for files that cannot be scanned. type: boolean - required: - - enabledDownloadPhase - - enabledUploadPhase - - failClosed type: object type: array blockPage: + description: Configuration for a custom block page. items: properties: backgroundColor: + description: Hex code of block page background color. type: string enabled: + description: Indicator of enablement. type: boolean footerText: + description: Block page header text. type: string headerText: + description: Block page footer text. type: string logoPath: + description: URL of block page logo. type: string name: + description: Name of block page configuration. type: string type: object type: array fips: + description: Configure compliance with Federal Information Processing + Standards. items: properties: tls: + description: Only allow FIPS-compliant TLS configuration. type: boolean type: object type: array @@ -184,8 +208,14 @@ spec: items: properties: redactPii: + description: |- + Redact personally identifiable information from activity logging (PII fields are: source IP, + user email, user ID, device ID, URL, referrer, user agent). type: boolean settingsByRuleType: + description: |- + Represents whether all requests are logged or only the blocked requests are + logged in DNS, HTTP and L4 filters. items: properties: dns: @@ -195,9 +225,6 @@ spec: type: boolean logBlocks: type: boolean - required: - - logAll - - logBlocks type: object type: array http: @@ -207,9 +234,6 @@ spec: type: boolean logBlocks: type: boolean - required: - - logAll - - logBlocks type: object type: array l4: @@ -219,81 +243,281 @@ spec: type: boolean logBlocks: type: boolean - required: - - logAll - - logBlocks type: object type: array - required: - - dns - - http - - l4 type: object type: array - required: - - redactPii - - settingsByRuleType type: object type: array proxy: + description: Configuration block for specifying which protocols + are proxied. items: properties: tcp: + description: Whether gateway proxy is enabled on gateway + devices for tcp traffic. type: boolean udp: + description: Whether gateway proxy is enabled on gateway + devices for udp traffic. type: boolean - required: - - tcp - - udp type: object type: array tlsDecryptEnabled: + description: Indicator that decryption of TLS traffic is enabled. type: boolean urlBrowserIsolationEnabled: + description: Safely browse websites in Browser Isolation through + a URL. type: boolean type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The account to which the teams location should be added. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + activityLogEnabled: + description: Indicator of enablement. + type: boolean + antivirus: + description: Configuration block for antivirus traffic scanning. + items: + properties: + enabledDownloadPhase: + description: Scan on file download. + type: boolean + enabledUploadPhase: + description: Scan on file upload. + type: boolean + failClosed: + description: Block requests for files that cannot be scanned. + type: boolean + type: object + type: array + blockPage: + description: Configuration for a custom block page. + items: + properties: + backgroundColor: + description: Hex code of block page background color. + type: string + enabled: + description: Indicator of enablement. + type: boolean + footerText: + description: Block page header text. + type: string + headerText: + description: Block page footer text. + type: string + logoPath: + description: URL of block page logo. + type: string + name: + description: Name of block page configuration. + type: string + type: object + type: array + fips: + description: Configure compliance with Federal Information Processing + Standards. + items: + properties: + tls: + description: Only allow FIPS-compliant TLS configuration. + type: boolean + type: object + type: array + logging: + items: + properties: + redactPii: + description: |- + Redact personally identifiable information from activity logging (PII fields are: source IP, + user email, user ID, device ID, URL, referrer, user agent). + type: boolean + settingsByRuleType: + description: |- + Represents whether all requests are logged or only the blocked requests are + logged in DNS, HTTP and L4 filters. + items: + properties: + dns: + items: + properties: + logAll: + type: boolean + logBlocks: + type: boolean + type: object + type: array + http: + items: + properties: + logAll: + type: boolean + logBlocks: + type: boolean + type: object + type: array + l4: + items: + properties: + logAll: + type: boolean + logBlocks: + type: boolean + type: object + type: array + type: object + type: array + type: object + type: array + proxy: + description: Configuration block for specifying which protocols + are proxied. + items: + properties: + tcp: + description: Whether gateway proxy is enabled on gateway + devices for tcp traffic. + type: boolean + udp: + description: Whether gateway proxy is enabled on gateway + devices for udp traffic. + type: boolean + type: object + type: array + tlsDecryptEnabled: + description: Indicator that decryption of TLS traffic is enabled. + type: boolean + urlBrowserIsolationEnabled: + description: Safely browse websites in Browser Isolation through + a URL. + type: boolean type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -303,21 +527,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -327,17 +551,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -347,21 +573,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -376,21 +602,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -401,14 +628,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -428,8 +656,132 @@ spec: properties: atProvider: properties: + accountId: + description: |- + The account to which the teams location should be added. + The account identifier to target for the resource. + type: string + activityLogEnabled: + description: Indicator of enablement. + type: boolean + antivirus: + description: Configuration block for antivirus traffic scanning. + items: + properties: + enabledDownloadPhase: + description: Scan on file download. + type: boolean + enabledUploadPhase: + description: Scan on file upload. + type: boolean + failClosed: + description: Block requests for files that cannot be scanned. + type: boolean + type: object + type: array + blockPage: + description: Configuration for a custom block page. + items: + properties: + backgroundColor: + description: Hex code of block page background color. + type: string + enabled: + description: Indicator of enablement. + type: boolean + footerText: + description: Block page header text. + type: string + headerText: + description: Block page footer text. + type: string + logoPath: + description: URL of block page logo. + type: string + name: + description: Name of block page configuration. + type: string + type: object + type: array + fips: + description: Configure compliance with Federal Information Processing + Standards. + items: + properties: + tls: + description: Only allow FIPS-compliant TLS configuration. + type: boolean + type: object + type: array id: type: string + logging: + items: + properties: + redactPii: + description: |- + Redact personally identifiable information from activity logging (PII fields are: source IP, + user email, user ID, device ID, URL, referrer, user agent). + type: boolean + settingsByRuleType: + description: |- + Represents whether all requests are logged or only the blocked requests are + logged in DNS, HTTP and L4 filters. + items: + properties: + dns: + items: + properties: + logAll: + type: boolean + logBlocks: + type: boolean + type: object + type: array + http: + items: + properties: + logAll: + type: boolean + logBlocks: + type: boolean + type: object + type: array + l4: + items: + properties: + logAll: + type: boolean + logBlocks: + type: boolean + type: object + type: array + type: object + type: array + type: object + type: array + proxy: + description: Configuration block for specifying which protocols + are proxied. + items: + properties: + tcp: + description: Whether gateway proxy is enabled on gateway + devices for tcp traffic. + type: boolean + udp: + description: Whether gateway proxy is enabled on gateway + devices for udp traffic. + type: boolean + type: object + type: array + tlsDecryptEnabled: + description: Indicator that decryption of TLS traffic is enabled. + type: boolean + urlBrowserIsolationEnabled: + description: Safely browse websites in Browser Isolation through + a URL. + type: boolean type: object conditions: description: Conditions of the resource. @@ -437,13 +789,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -454,8 +808,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -464,6 +819,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -472,9 +830,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/teams.cloudflare.upbound.io_lists.yaml b/package/crds/teams.cloudflare.upbound.io_lists.yaml index 76f6a46..44e9732 100644 --- a/package/crds/teams.cloudflare.upbound.io_lists.yaml +++ b/package/crds/teams.cloudflare.upbound.io_lists.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: lists.teams.cloudflare.upbound.io spec: group: teams.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: List is the Schema for the Lists API. + description: List is the Schema for the Lists API. Provides a Cloudflare Teams + List resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + The account to which the teams list should be added. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,61 +153,165 @@ spec: type: object type: object description: + description: The description of the teams list. type: string items: + description: The items of the teams list. items: type: string type: array + x-kubernetes-list-type: set name: + description: Name of the teams list. type: string type: + description: The teams list type. Valid values are IP, SERIAL, + URL, DOMAIN, and EMAIL. type: string - required: - - name - - type type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The account to which the teams list should be added. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + description: + description: The description of the teams list. + type: string + items: + description: The items of the teams list. + items: + type: string + type: array + x-kubernetes-list-type: set + name: + description: Name of the teams list. + type: string + type: + description: The teams list type. Valid values are IP, SERIAL, + URL, DOMAIN, and EMAIL. + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -204,21 +321,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -228,17 +345,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -248,21 +367,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -277,21 +396,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -302,14 +422,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -324,12 +445,43 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.type is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.type) + || (has(self.initProvider) && has(self.initProvider.type))' status: description: ListStatus defines the observed state of List. properties: atProvider: properties: + accountId: + description: |- + The account to which the teams list should be added. + The account identifier to target for the resource. + type: string + description: + description: The description of the teams list. + type: string id: + description: ID of the teams list. + type: string + items: + description: The items of the teams list. + items: + type: string + type: array + x-kubernetes-list-type: set + name: + description: Name of the teams list. + type: string + type: + description: The teams list type. Valid values are IP, SERIAL, + URL, DOMAIN, and EMAIL. type: string type: object conditions: @@ -338,13 +490,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -355,8 +509,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -365,6 +520,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -373,9 +531,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/teams.cloudflare.upbound.io_locations.yaml b/package/crds/teams.cloudflare.upbound.io_locations.yaml index ca4a1df..43f2db1 100644 --- a/package/crds/teams.cloudflare.upbound.io_locations.yaml +++ b/package/crds/teams.cloudflare.upbound.io_locations.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: locations.teams.cloudflare.upbound.io spec: group: teams.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Location is the Schema for the Locations API. + description: Location is the Schema for the Locations API. Provides a Cloudflare + Teams Location resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + The account to which the teams location should be added. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,63 +153,161 @@ spec: type: object type: object clientDefault: + description: Indicator that this is the default location. type: boolean name: + description: Name of the teams location. type: string networks: + description: The networks CIDRs that comprise the location. items: properties: network: type: string - required: - - network type: object type: array - required: - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The account to which the teams location should be added. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + clientDefault: + description: Indicator that this is the default location. + type: boolean + name: + description: Name of the teams location. + type: string + networks: + description: The networks CIDRs that comprise the location. + items: + properties: + network: + type: string + type: object + type: array type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -206,21 +317,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -230,17 +341,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -250,21 +363,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -279,21 +392,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -304,14 +418,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -326,25 +441,50 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: LocationStatus defines the observed state of Location. properties: atProvider: properties: + accountId: + description: |- + The account to which the teams location should be added. + The account identifier to target for the resource. + type: string anonymizedLogsEnabled: + description: Indicator that anonymized logs are enabled. + type: boolean + clientDefault: + description: Indicator that this is the default location. type: boolean dohSubdomain: + description: The FQDN that DoH clients should be pointed at. type: string id: + description: ID of the teams location. type: string ip: + description: Client IP address type: string ipv4Destination: + description: IP to direct all IPv4 DNS queries too. + type: string + name: + description: Name of the teams location. type: string networks: + description: The networks CIDRs that comprise the location. items: properties: id: + description: ID of the teams location. + type: string + network: type: string type: object type: array @@ -359,13 +499,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -376,8 +518,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -386,6 +529,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -394,9 +540,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/teams.cloudflare.upbound.io_proxyendpoints.yaml b/package/crds/teams.cloudflare.upbound.io_proxyendpoints.yaml index ef601dc..90caedc 100644 --- a/package/crds/teams.cloudflare.upbound.io_proxyendpoints.yaml +++ b/package/crds/teams.cloudflare.upbound.io_proxyendpoints.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: proxyendpoints.teams.cloudflare.upbound.io spec: group: teams.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: ProxyEndpoint is the Schema for the ProxyEndpoints API. + description: ProxyEndpoint is the Schema for the ProxyEndpoints API. Provides + a Cloudflare Teams Proxy Endpoint resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + The account to which the teams proxy endpoint should be added. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,57 +153,153 @@ spec: type: object type: object ips: + description: The networks CIDRs that will be allowed to initiate + proxy connections. items: type: string type: array + x-kubernetes-list-type: set name: + description: Name of the teams proxy endpoint. type: string - required: - - ips - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The account to which the teams proxy endpoint should be added. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + ips: + description: The networks CIDRs that will be allowed to initiate + proxy connections. + items: + type: string + type: array + x-kubernetes-list-type: set + name: + description: Name of the teams proxy endpoint. + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -200,21 +309,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -224,17 +333,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -244,21 +355,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -273,21 +384,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -298,14 +410,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -320,14 +433,40 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.ips is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.ips) + || (has(self.initProvider) && has(self.initProvider.ips))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: ProxyEndpointStatus defines the observed state of ProxyEndpoint. properties: atProvider: properties: + accountId: + description: |- + The account to which the teams proxy endpoint should be added. + The account identifier to target for the resource. + type: string id: + description: ID of the teams proxy endpoint. + type: string + ips: + description: The networks CIDRs that will be allowed to initiate + proxy connections. + items: + type: string + type: array + x-kubernetes-list-type: set + name: + description: Name of the teams proxy endpoint. type: string subdomain: + description: The FQDN that proxy clients should be pointed at. type: string type: object conditions: @@ -336,13 +475,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -353,8 +494,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -363,6 +505,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -371,9 +516,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/teams.cloudflare.upbound.io_rules.yaml b/package/crds/teams.cloudflare.upbound.io_rules.yaml index 75e4d9d..07fc33a 100644 --- a/package/crds/teams.cloudflare.upbound.io_rules.yaml +++ b/package/crds/teams.cloudflare.upbound.io_rules.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: rules.teams.cloudflare.upbound.io spec: group: teams.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Rule is the Schema for the Rules API. + description: Rule is the Schema for the Rules API. Provides a Cloudflare Teams + rule resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + The account to which the teams rule should be added. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,133 +153,357 @@ spec: type: object type: object action: + description: The action executed by matched teams rule. type: string description: + description: The description of the teams rule. type: string devicePosture: + description: The wirefilter expression to be used for device_posture + check matching. type: string enabled: + description: Indicator of rule enablement. type: boolean filters: + description: The protocol or layer to evaluate the traffic and + identity expressions. items: type: string type: array identity: + description: The wirefilter expression to be used for identity + matching. type: string name: + description: The name of the teams rule. type: string precedence: + description: The evaluation precedence of the teams rule. type: number ruleSettings: + description: Additional rule settings (refer to the nested schema). items: properties: addHeaders: additionalProperties: type: string + description: Add custom headers to allowed requests in the + form of key-value pairs. type: object + x-kubernetes-map-type: granular bisoAdminControls: + description: Configure how browser isolation behaves (refer + to the nested schema). items: properties: disableCopyPaste: + description: (Boolean) Disable copy-paste. type: boolean disableDownload: + description: (Boolean) Disable download. type: boolean disableKeyboard: + description: (Boolean) Disable keyboard usage. type: boolean disablePrinting: + description: (Boolean) Disable printing. type: boolean disableUpload: + description: (Boolean) Disable upload. type: boolean type: object type: array blockPageEnabled: + description: Indicator of block page enablement. type: boolean blockPageReason: + description: The displayed reason for a user being blocked. type: string checkSession: + description: Configure how session check behaves (refer + to the nested schema). items: properties: duration: + description: Configure how fresh the session needs + to be to be considered valid. type: string enforce: + description: Enable session enforcement for this rule. type: boolean - required: - - duration - - enforce type: object type: array insecureDisableDnssecValidation: + description: Disable DNSSEC validation (must be Allow rule) type: boolean l4override: + description: Settings to forward layer 4 traffic (refer + to the nested schema). items: properties: ip: + description: Override IP to forward traffic to. type: string port: + description: Override Port to forward traffic to. type: number - required: - - ip - - port type: object type: array overrideHost: + description: The host to override matching DNS queries with. type: string overrideIps: + description: The IPs to override matching DNS queries with. items: type: string type: array type: object type: array traffic: + description: The wirefilter expression to be used for traffic + matching. type: string - required: - - action - - description - - name - - precedence type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The account to which the teams rule should be added. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + action: + description: The action executed by matched teams rule. + type: string + description: + description: The description of the teams rule. + type: string + devicePosture: + description: The wirefilter expression to be used for device_posture + check matching. + type: string + enabled: + description: Indicator of rule enablement. + type: boolean + filters: + description: The protocol or layer to evaluate the traffic and + identity expressions. + items: + type: string + type: array + identity: + description: The wirefilter expression to be used for identity + matching. + type: string + name: + description: The name of the teams rule. + type: string + precedence: + description: The evaluation precedence of the teams rule. + type: number + ruleSettings: + description: Additional rule settings (refer to the nested schema). + items: + properties: + addHeaders: + additionalProperties: + type: string + description: Add custom headers to allowed requests in the + form of key-value pairs. + type: object + x-kubernetes-map-type: granular + bisoAdminControls: + description: Configure how browser isolation behaves (refer + to the nested schema). + items: + properties: + disableCopyPaste: + description: (Boolean) Disable copy-paste. + type: boolean + disableDownload: + description: (Boolean) Disable download. + type: boolean + disableKeyboard: + description: (Boolean) Disable keyboard usage. + type: boolean + disablePrinting: + description: (Boolean) Disable printing. + type: boolean + disableUpload: + description: (Boolean) Disable upload. + type: boolean + type: object + type: array + blockPageEnabled: + description: Indicator of block page enablement. + type: boolean + blockPageReason: + description: The displayed reason for a user being blocked. + type: string + checkSession: + description: Configure how session check behaves (refer + to the nested schema). + items: + properties: + duration: + description: Configure how fresh the session needs + to be to be considered valid. + type: string + enforce: + description: Enable session enforcement for this rule. + type: boolean + type: object + type: array + insecureDisableDnssecValidation: + description: Disable DNSSEC validation (must be Allow rule) + type: boolean + l4override: + description: Settings to forward layer 4 traffic (refer + to the nested schema). + items: + properties: + ip: + description: Override IP to forward traffic to. + type: string + port: + description: Override Port to forward traffic to. + type: number + type: object + type: array + overrideHost: + description: The host to override matching DNS queries with. + type: string + overrideIps: + description: The IPs to override matching DNS queries with. + items: + type: string + type: array + type: object + type: array + traffic: + description: The wirefilter expression to be used for traffic + matching. + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -276,21 +513,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -300,17 +537,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -320,21 +559,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -349,21 +588,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -374,14 +614,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -396,13 +637,147 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.action is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.action) + || (has(self.initProvider) && has(self.initProvider.action))' + - message: spec.forProvider.description is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.description) + || (has(self.initProvider) && has(self.initProvider.description))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.precedence is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.precedence) + || (has(self.initProvider) && has(self.initProvider.precedence))' status: description: RuleStatus defines the observed state of Rule. properties: atProvider: properties: + accountId: + description: |- + The account to which the teams rule should be added. + The account identifier to target for the resource. + type: string + action: + description: The action executed by matched teams rule. + type: string + description: + description: The description of the teams rule. + type: string + devicePosture: + description: The wirefilter expression to be used for device_posture + check matching. + type: string + enabled: + description: Indicator of rule enablement. + type: boolean + filters: + description: The protocol or layer to evaluate the traffic and + identity expressions. + items: + type: string + type: array id: type: string + identity: + description: The wirefilter expression to be used for identity + matching. + type: string + name: + description: The name of the teams rule. + type: string + precedence: + description: The evaluation precedence of the teams rule. + type: number + ruleSettings: + description: Additional rule settings (refer to the nested schema). + items: + properties: + addHeaders: + additionalProperties: + type: string + description: Add custom headers to allowed requests in the + form of key-value pairs. + type: object + x-kubernetes-map-type: granular + bisoAdminControls: + description: Configure how browser isolation behaves (refer + to the nested schema). + items: + properties: + disableCopyPaste: + description: (Boolean) Disable copy-paste. + type: boolean + disableDownload: + description: (Boolean) Disable download. + type: boolean + disableKeyboard: + description: (Boolean) Disable keyboard usage. + type: boolean + disablePrinting: + description: (Boolean) Disable printing. + type: boolean + disableUpload: + description: (Boolean) Disable upload. + type: boolean + type: object + type: array + blockPageEnabled: + description: Indicator of block page enablement. + type: boolean + blockPageReason: + description: The displayed reason for a user being blocked. + type: string + checkSession: + description: Configure how session check behaves (refer + to the nested schema). + items: + properties: + duration: + description: Configure how fresh the session needs + to be to be considered valid. + type: string + enforce: + description: Enable session enforcement for this rule. + type: boolean + type: object + type: array + insecureDisableDnssecValidation: + description: Disable DNSSEC validation (must be Allow rule) + type: boolean + l4override: + description: Settings to forward layer 4 traffic (refer + to the nested schema). + items: + properties: + ip: + description: Override IP to forward traffic to. + type: string + port: + description: Override Port to forward traffic to. + type: number + type: object + type: array + overrideHost: + description: The host to override matching DNS queries with. + type: string + overrideIps: + description: The IPs to override matching DNS queries with. + items: + type: string + type: array + type: object + type: array + traffic: + description: The wirefilter expression to be used for traffic + matching. + type: string version: type: number type: object @@ -412,13 +787,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -429,8 +806,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -439,6 +817,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -447,9 +828,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/waf.cloudflare.upbound.io_groups.yaml b/package/crds/waf.cloudflare.upbound.io_groups.yaml index c602815..ff46910 100644 --- a/package/crds/waf.cloudflare.upbound.io_groups.yaml +++ b/package/crds/waf.cloudflare.upbound.io_groups.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: groups.waf.cloudflare.upbound.io spec: group: waf.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Group is the Schema for the Groups API. + description: Group is the Schema for the Groups API. Provides a Cloudflare + WAF rule group resource for a particular zone. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,17 +74,23 @@ spec: forProvider: properties: groupId: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + The WAF Rule Group ID. + **Modifying this attribute will force creation of a new resource.** type: string mode: - description: Defaults to `on`. + description: |- + The mode of the group, can be one of ["on", "off"]. + Defaults to `on`. type: string packageId: + description: The ID of the WAF Rule Package that contains the + group. type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + The DNS zone ID to apply to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -87,21 +103,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -114,8 +130,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -128,72 +145,169 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - groupId type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + groupId: + description: |- + The WAF Rule Group ID. + **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + mode: + description: |- + The mode of the group, can be one of ["on", "off"]. + Defaults to `on`. + type: string + packageId: + description: The ID of the WAF Rule Package that contains the + group. + type: string + zoneId: + description: |- + The DNS zone ID to apply to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -203,21 +317,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -227,17 +341,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -247,21 +363,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -276,21 +392,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -301,14 +418,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -323,12 +441,37 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.groupId is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.groupId) + || (has(self.initProvider) && has(self.initProvider.groupId))' status: description: GroupStatus defines the observed state of Group. properties: atProvider: properties: + groupId: + description: |- + The WAF Rule Group ID. + **Modifying this attribute will force creation of a new resource.** + type: string id: + description: The WAF Rule Group ID, the same as group_id. + type: string + mode: + description: |- + The mode of the group, can be one of ["on", "off"]. + Defaults to `on`. + type: string + packageId: + description: The ID of the WAF Rule Package that contains the + group. + type: string + zoneId: + description: |- + The DNS zone ID to apply to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -337,13 +480,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -354,8 +499,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -364,6 +510,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -372,9 +521,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/waf.cloudflare.upbound.io_overrides.yaml b/package/crds/waf.cloudflare.upbound.io_overrides.yaml index 94bb60f..a200de6 100644 --- a/package/crds/waf.cloudflare.upbound.io_overrides.yaml +++ b/package/crds/waf.cloudflare.upbound.io_overrides.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: overrides.waf.cloudflare.upbound.io spec: group: waf.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Override is the Schema for the Overrides API. + description: Override is the Schema for the Overrides API. Provides a Cloudflare + WAF Override resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,29 +74,44 @@ spec: forProvider: properties: description: + description: Description of what the WAF override does. type: string groups: additionalProperties: type: string + description: Similar to rules; which WAF groups you want to alter. type: object + x-kubernetes-map-type: granular paused: + description: Whether this package is currently paused. type: boolean priority: + description: Relative priority of this configuration when multiple + configurations match a single URL. type: number rewriteAction: additionalProperties: type: string + description: When a WAF rule matches, substitute its configured + action for a different action specified by this definition. type: object + x-kubernetes-map-type: granular rules: additionalProperties: type: string + description: A list of WAF rule ID to rule action you intend to + apply. type: object + x-kubernetes-map-type: granular urls: + description: An array of URLs to apply the WAF override to. items: type: string type: array zoneId: - description: The zone identifier to target for the resource. + description: |- + The DNS zone to which the WAF override condition should be added. + The zone identifier to target for the resource. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -99,21 +124,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -126,8 +151,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -140,72 +166,190 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - urls type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + description: + description: Description of what the WAF override does. type: string - policy: - description: Policies for referencing. + groups: + additionalProperties: + type: string + description: Similar to rules; which WAF groups you want to alter. + type: object + x-kubernetes-map-type: granular + paused: + description: Whether this package is currently paused. + type: boolean + priority: + description: Relative priority of this configuration when multiple + configurations match a single URL. + type: number + rewriteAction: + additionalProperties: + type: string + description: When a WAF rule matches, substitute its configured + action for a different action specified by this definition. + type: object + x-kubernetes-map-type: granular + rules: + additionalProperties: + type: string + description: A list of WAF rule ID to rule action you intend to + apply. + type: object + x-kubernetes-map-type: granular + urls: + description: An array of URLs to apply the WAF override to. + items: + type: string + type: array + zoneId: + description: |- + The DNS zone to which the WAF override condition should be added. + The zone identifier to target for the resource. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -215,21 +359,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -239,17 +383,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -259,21 +405,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -288,21 +434,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -313,14 +460,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -335,15 +483,60 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.urls is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.urls) + || (has(self.initProvider) && has(self.initProvider.urls))' status: description: OverrideStatus defines the observed state of Override. properties: atProvider: properties: + description: + description: Description of what the WAF override does. + type: string + groups: + additionalProperties: + type: string + description: Similar to rules; which WAF groups you want to alter. + type: object + x-kubernetes-map-type: granular id: type: string overrideId: type: string + paused: + description: Whether this package is currently paused. + type: boolean + priority: + description: Relative priority of this configuration when multiple + configurations match a single URL. + type: number + rewriteAction: + additionalProperties: + type: string + description: When a WAF rule matches, substitute its configured + action for a different action specified by this definition. + type: object + x-kubernetes-map-type: granular + rules: + additionalProperties: + type: string + description: A list of WAF rule ID to rule action you intend to + apply. + type: object + x-kubernetes-map-type: granular + urls: + description: An array of URLs to apply the WAF override to. + items: + type: string + type: array + zoneId: + description: |- + The DNS zone to which the WAF override condition should be added. + The zone identifier to target for the resource. + type: string type: object conditions: description: Conditions of the resource. @@ -351,13 +544,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -368,8 +563,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -378,6 +574,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -386,9 +585,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/waf.cloudflare.upbound.io_rules.yaml b/package/crds/waf.cloudflare.upbound.io_rules.yaml index 3049833..95fc35b 100644 --- a/package/crds/waf.cloudflare.upbound.io_rules.yaml +++ b/package/crds/waf.cloudflare.upbound.io_rules.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: rules.waf.cloudflare.upbound.io spec: group: waf.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Rule is the Schema for the Rules API. + description: Rule is the Schema for the Rules API. Provides a Cloudflare WAF + rule resource for a particular zone. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,13 +74,21 @@ spec: forProvider: properties: mode: + description: The mode of the rule, can be one of ["block", "challenge", + "default", "disable", "simulate"] or ["on", "off"] depending + on the WAF Rule type. type: string packageId: + description: The ID of the WAF Rule Package that contains the + rule. type: string ruleId: + description: The WAF Rule ID. type: string zoneId: - description: The zone identifier to target for the resource. + description: |- + The DNS zone ID to apply to. + The zone identifier to target for the resource. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -83,21 +101,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -110,8 +128,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -124,73 +143,167 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - mode - - ruleId type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + mode: + description: The mode of the rule, can be one of ["block", "challenge", + "default", "disable", "simulate"] or ["on", "off"] depending + on the WAF Rule type. type: string - policy: - description: Policies for referencing. + packageId: + description: The ID of the WAF Rule Package that contains the + rule. + type: string + ruleId: + description: The WAF Rule ID. + type: string + zoneId: + description: |- + The DNS zone ID to apply to. + The zone identifier to target for the resource. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -200,21 +313,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -224,17 +337,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -244,21 +359,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -273,21 +388,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -298,14 +414,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -320,14 +437,42 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.mode is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.mode) + || (has(self.initProvider) && has(self.initProvider.mode))' + - message: spec.forProvider.ruleId is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.ruleId) + || (has(self.initProvider) && has(self.initProvider.ruleId))' status: description: RuleStatus defines the observed state of Rule. properties: atProvider: properties: groupId: + description: The ID of the WAF Rule Group that contains the rule. type: string id: + description: The WAF Rule ID, the same as rule_id. + type: string + mode: + description: The mode of the rule, can be one of ["block", "challenge", + "default", "disable", "simulate"] or ["on", "off"] depending + on the WAF Rule type. + type: string + packageId: + description: The ID of the WAF Rule Package that contains the + rule. + type: string + ruleId: + description: The WAF Rule ID. + type: string + zoneId: + description: |- + The DNS zone ID to apply to. + The zone identifier to target for the resource. type: string type: object conditions: @@ -336,13 +481,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -353,8 +500,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -363,6 +511,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -371,9 +522,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/waf.cloudflare.upbound.io_wafpackages.yaml b/package/crds/waf.cloudflare.upbound.io_wafpackages.yaml index 9f7a8d1..0aafa79 100644 --- a/package/crds/waf.cloudflare.upbound.io_wafpackages.yaml +++ b/package/crds/waf.cloudflare.upbound.io_wafpackages.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: wafpackages.waf.cloudflare.upbound.io spec: group: waf.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: WAFPackage is the Schema for the WAFPackages API. + description: WAFPackage is the Schema for the WAFPackages API. Provides a + Cloudflare WAF rule package resource for a particular zone. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,18 +74,24 @@ spec: forProvider: properties: actionMode: - description: Defaults to `challenge`. + description: |- + The action mode of the package, can be one of ["block", "challenge", "simulate"]. + Defaults to `challenge`. type: string packageId: - description: '**Modifying this attribute will force creation of - a new resource.**' + description: |- + The WAF Package ID. + **Modifying this attribute will force creation of a new resource.** type: string sensitivity: - description: Defaults to `high`. + description: |- + The sensitivity of the package, can be one of ["high", "medium", "low", "off"]. + Defaults to `high`. type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + The DNS zone ID to apply to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -88,21 +104,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -115,8 +131,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -129,72 +146,170 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - packageId type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + actionMode: + description: |- + The action mode of the package, can be one of ["block", "challenge", "simulate"]. + Defaults to `challenge`. type: string - policy: - description: Policies for referencing. + packageId: + description: |- + The WAF Package ID. + **Modifying this attribute will force creation of a new resource.** + type: string + sensitivity: + description: |- + The sensitivity of the package, can be one of ["high", "medium", "low", "off"]. + Defaults to `high`. + type: string + zoneId: + description: |- + The DNS zone ID to apply to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -204,21 +319,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -228,17 +343,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -248,21 +365,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -277,21 +394,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -302,14 +420,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -324,12 +443,38 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.packageId is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.packageId) + || (has(self.initProvider) && has(self.initProvider.packageId))' status: description: WAFPackageStatus defines the observed state of WAFPackage. properties: atProvider: properties: + actionMode: + description: |- + The action mode of the package, can be one of ["block", "challenge", "simulate"]. + Defaults to `challenge`. + type: string id: + description: The WAF Package ID, the same as package_id. + type: string + packageId: + description: |- + The WAF Package ID. + **Modifying this attribute will force creation of a new resource.** + type: string + sensitivity: + description: |- + The sensitivity of the package, can be one of ["high", "medium", "low", "off"]. + Defaults to `high`. + type: string + zoneId: + description: |- + The DNS zone ID to apply to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -338,13 +483,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -355,8 +502,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -365,6 +513,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -373,9 +524,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/waitingroom.cloudflare.upbound.io_events.yaml b/package/crds/waitingroom.cloudflare.upbound.io_events.yaml index 9d5dc02..b07fa41 100644 --- a/package/crds/waitingroom.cloudflare.upbound.io_events.yaml +++ b/package/crds/waitingroom.cloudflare.upbound.io_events.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: events.waitingroom.cloudflare.upbound.io spec: group: waitingroom.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Event is the Schema for the Events API. + description: Event is the Schema for the Events API. Provides a Cloudflare + Waiting Room Event resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,63 +74,74 @@ spec: forProvider: properties: customPageHtml: - description: This is a templated html file that will be rendered - at the edge. + description: |- + (String) This is a templated html file that will be rendered at the edge. + This is a templated html file that will be rendered at the edge. type: string description: - description: A description to let users add more details about - the event. + description: |- + (String) A description to let users add more details about the event. + A description to let users add more details about the event. type: string disableSessionRenewal: - description: Disables automatic renewal of session cookies. + description: |- + (Boolean) Disables automatic renewal of session cookies. + Disables automatic renewal of session cookies. type: boolean eventEndTime: - description: ISO 8601 timestamp that marks the end of the event. - **Modifying this attribute will force creation of a new resource.** + description: |- + (String) ISO 8601 timestamp that marks the end of the event. Modifying this attribute will force creation of a new resource. + ISO 8601 timestamp that marks the end of the event. **Modifying this attribute will force creation of a new resource.** type: string eventStartTime: - description: ISO 8601 timestamp that marks the start of the event. - Must occur at least 1 minute before `event_end_time`. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before event_end_time. Modifying this attribute will force creation of a new resource. + ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before `event_end_time`. **Modifying this attribute will force creation of a new resource.** type: string name: - description: A unique name to identify the event. Only alphanumeric - characters, hyphens, and underscores are allowed. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. Modifying this attribute will force creation of a new resource. + A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. **Modifying this attribute will force creation of a new resource.** type: string newUsersPerMinute: - description: The number of new users that will be let into the - route every minute. + description: |- + (Number) The number of new users that will be let into the route every minute. + The number of new users that will be let into the route every minute. type: number prequeueStartTime: - description: ISO 8601 timestamp that marks when to begin queueing - all users before the event starts. Must occur at least 5 minutes - before `event_start_time`. + description: |- + (String) ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before event_start_time. + ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before `event_start_time`. type: string queueingMethod: - description: 'The queueing method used by the waiting room. Available - values: `fifo`, `random`, `passthrough`, `reject`.' + description: |- + (String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. + The queueing method used by the waiting room. Available values: `fifo`, `random`, `passthrough`, `reject`. type: string sessionDuration: - description: Lifetime of a cookie (in minutes) set by Cloudflare - for users who get access to the origin. + description: |- + (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. + Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. type: number shuffleAtEventStart: - description: Users in the prequeue will be shuffled randomly at - the `event_start_time`. Requires that `prequeue_start_time` - is not null. Defaults to `false`. + description: |- + (Boolean) Users in the prequeue will be shuffled randomly at the event_start_time. Requires that prequeue_start_time is not null. Defaults to false. + Users in the prequeue will be shuffled randomly at the `event_start_time`. Requires that `prequeue_start_time` is not null. Defaults to `false`. type: boolean suspended: - description: If suspended, the event is ignored and traffic will - be handled based on the waiting room configuration. + description: |- + (Boolean) If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. + If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. type: boolean totalActiveUsers: - description: The total number of active user sessions on the route - at a point in time. + description: |- + (Number) The total number of active user sessions on the route at a point in time. + The total number of active user sessions on the route at a point in time. type: number waitingRoomId: - description: The Waiting Room ID the event should apply to. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The Waiting Room ID the event should apply to. Modifying this attribute will force creation of a new resource. + The Waiting Room ID the event should apply to. **Modifying this attribute will force creation of a new resource.** type: string waitingRoomIdRef: description: Reference to a Room to populate waitingRoomId. @@ -133,21 +154,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -160,8 +181,9 @@ spec: description: Selector for a Room to populate waitingRoomId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -174,21 +196,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -196,8 +218,9 @@ spec: type: object type: object zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -210,21 +233,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -237,8 +260,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -251,74 +275,299 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - eventEndTime - - eventStartTime - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: + customPageHtml: + description: |- + (String) This is a templated html file that will be rendered at the edge. + This is a templated html file that will be rendered at the edge. + type: string + description: + description: |- + (String) A description to let users add more details about the event. + A description to let users add more details about the event. + type: string + disableSessionRenewal: + description: |- + (Boolean) Disables automatic renewal of session cookies. + Disables automatic renewal of session cookies. + type: boolean + eventEndTime: + description: |- + (String) ISO 8601 timestamp that marks the end of the event. Modifying this attribute will force creation of a new resource. + ISO 8601 timestamp that marks the end of the event. **Modifying this attribute will force creation of a new resource.** + type: string + eventStartTime: + description: |- + (String) ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before event_end_time. Modifying this attribute will force creation of a new resource. + ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before `event_end_time`. **Modifying this attribute will force creation of a new resource.** + type: string name: - description: Name of the referenced object. + description: |- + (String) A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. Modifying this attribute will force creation of a new resource. + A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + newUsersPerMinute: + description: |- + (Number) The number of new users that will be let into the route every minute. + The number of new users that will be let into the route every minute. + type: number + prequeueStartTime: + description: |- + (String) ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before event_start_time. + ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before `event_start_time`. + type: string + queueingMethod: + description: |- + (String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. + The queueing method used by the waiting room. Available values: `fifo`, `random`, `passthrough`, `reject`. + type: string + sessionDuration: + description: |- + (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. + Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. + type: number + shuffleAtEventStart: + description: |- + (Boolean) Users in the prequeue will be shuffled randomly at the event_start_time. Requires that prequeue_start_time is not null. Defaults to false. + Users in the prequeue will be shuffled randomly at the `event_start_time`. Requires that `prequeue_start_time` is not null. Defaults to `false`. + type: boolean + suspended: + description: |- + (Boolean) If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. + If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. + type: boolean + totalActiveUsers: + description: |- + (Number) The total number of active user sessions on the route at a point in time. + The total number of active user sessions on the route at a point in time. + type: number + waitingRoomId: + description: |- + (String) The Waiting Room ID the event should apply to. Modifying this attribute will force creation of a new resource. + The Waiting Room ID the event should apply to. **Modifying this attribute will force creation of a new resource.** + type: string + waitingRoomIdRef: + description: Reference to a Room to populate waitingRoomId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + waitingRoomIdSelector: + description: Selector for a Room to populate waitingRoomId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -328,21 +577,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -352,17 +601,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -372,21 +623,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -401,21 +652,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -426,14 +678,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -448,18 +701,111 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.eventEndTime is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.eventEndTime) + || (has(self.initProvider) && has(self.initProvider.eventEndTime))' + - message: spec.forProvider.eventStartTime is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.eventStartTime) + || (has(self.initProvider) && has(self.initProvider.eventStartTime))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: EventStatus defines the observed state of Event. properties: atProvider: properties: createdOn: - description: Creation time. + description: |- + (String) Creation time. + Creation time. + type: string + customPageHtml: + description: |- + (String) This is a templated html file that will be rendered at the edge. + This is a templated html file that will be rendered at the edge. + type: string + description: + description: |- + (String) A description to let users add more details about the event. + A description to let users add more details about the event. + type: string + disableSessionRenewal: + description: |- + (Boolean) Disables automatic renewal of session cookies. + Disables automatic renewal of session cookies. + type: boolean + eventEndTime: + description: |- + (String) ISO 8601 timestamp that marks the end of the event. Modifying this attribute will force creation of a new resource. + ISO 8601 timestamp that marks the end of the event. **Modifying this attribute will force creation of a new resource.** + type: string + eventStartTime: + description: |- + (String) ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before event_end_time. Modifying this attribute will force creation of a new resource. + ISO 8601 timestamp that marks the start of the event. Must occur at least 1 minute before `event_end_time`. **Modifying this attribute will force creation of a new resource.** type: string id: + description: (String) The ID of this resource. type: string modifiedOn: - description: Last modified time. + description: |- + (String) Last modified time. + Last modified time. + type: string + name: + description: |- + (String) A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. Modifying this attribute will force creation of a new resource. + A unique name to identify the event. Only alphanumeric characters, hyphens, and underscores are allowed. **Modifying this attribute will force creation of a new resource.** + type: string + newUsersPerMinute: + description: |- + (Number) The number of new users that will be let into the route every minute. + The number of new users that will be let into the route every minute. + type: number + prequeueStartTime: + description: |- + (String) ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before event_start_time. + ISO 8601 timestamp that marks when to begin queueing all users before the event starts. Must occur at least 5 minutes before `event_start_time`. + type: string + queueingMethod: + description: |- + (String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. + The queueing method used by the waiting room. Available values: `fifo`, `random`, `passthrough`, `reject`. + type: string + sessionDuration: + description: |- + (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. + Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. + type: number + shuffleAtEventStart: + description: |- + (Boolean) Users in the prequeue will be shuffled randomly at the event_start_time. Requires that prequeue_start_time is not null. Defaults to false. + Users in the prequeue will be shuffled randomly at the `event_start_time`. Requires that `prequeue_start_time` is not null. Defaults to `false`. + type: boolean + suspended: + description: |- + (Boolean) If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. + If suspended, the event is ignored and traffic will be handled based on the waiting room configuration. + type: boolean + totalActiveUsers: + description: |- + (Number) The total number of active user sessions on the route at a point in time. + The total number of active user sessions on the route at a point in time. + type: number + waitingRoomId: + description: |- + (String) The Waiting Room ID the event should apply to. Modifying this attribute will force creation of a new resource. + The Waiting Room ID the event should apply to. **Modifying this attribute will force creation of a new resource.** + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -468,13 +814,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -485,8 +833,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -495,6 +844,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -503,9 +855,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/waitingroom.cloudflare.upbound.io_rooms.yaml b/package/crds/waitingroom.cloudflare.upbound.io_rooms.yaml index 2d0a064..4b74d7b 100644 --- a/package/crds/waitingroom.cloudflare.upbound.io_rooms.yaml +++ b/package/crds/waitingroom.cloudflare.upbound.io_rooms.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: rooms.waitingroom.cloudflare.upbound.io spec: group: waitingroom.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Room is the Schema for the Rooms API. + description: Room is the Schema for the Rooms API. Provides a Cloudflare Waiting + Room resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,65 +74,79 @@ spec: forProvider: properties: customPageHtml: - description: This is a templated html file that will be rendered - at the edge. + description: |- + (String) This is a templated html file that will be rendered at the edge. + This is a templated html file that will be rendered at the edge. type: string defaultTemplateLanguage: - description: 'The language to use for the default waiting room - page. Available values: `de-DE`, `es-ES`, `en-US`, `fr-FR`, - `id-ID`, `it-IT`, `ja-JP`, `ko-KR`, `nl-NL`, `pl-PL`, `pt-BR`, - `tr-TR`, `zh-CN`, `zh-TW`. Defaults to `en-US`.' + description: |- + DE, es-ES, en-US, fr-FR, id-ID, it-IT, ja-JP, ko-KR, nl-NL, pl-PL, pt-BR, tr-TR, zh-CN, zh-TW. Defaults to en-US. + The language to use for the default waiting room page. Available values: `de-DE`, `es-ES`, `en-US`, `fr-FR`, `id-ID`, `it-IT`, `ja-JP`, `ko-KR`, `nl-NL`, `pl-PL`, `pt-BR`, `tr-TR`, `zh-CN`, `zh-TW`. Defaults to `en-US`. type: string description: - description: A description to add more details about the waiting - room. + description: |- + (String) A description to add more details about the waiting room. + A description to add more details about the waiting room. type: string disableSessionRenewal: - description: Disables automatic renewal of session cookies. + description: |- + (Boolean) Disables automatic renewal of session cookies. + Disables automatic renewal of session cookies. type: boolean host: - description: Host name for which the waiting room will be applied - (no wildcards). + description: |- + (String) Host name for which the waiting room will be applied (no wildcards). + Host name for which the waiting room will be applied (no wildcards). type: string jsonResponseEnabled: - description: 'If true, requests to the waiting room with the header - `Accept: application/json` will receive a JSON response object.' + description: |- + (Boolean) If true, requests to the waiting room with the header Accept: application/json will receive a JSON response object. + If true, requests to the waiting room with the header `Accept: application/json` will receive a JSON response object. type: boolean name: - description: A unique name to identify the waiting room. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) A unique name to identify the waiting room. Modifying this attribute will force creation of a new resource. + A unique name to identify the waiting room. **Modifying this attribute will force creation of a new resource.** type: string newUsersPerMinute: - description: The number of new users that will be let into the - route every minute. + description: |- + (Number) The number of new users that will be let into the route every minute. + The number of new users that will be let into the route every minute. type: number path: - description: The path within the host to enable the waiting room - on. Defaults to `/`. + description: |- + (String) The path within the host to enable the waiting room on. Defaults to /. + The path within the host to enable the waiting room on. Defaults to `/`. type: string queueAll: - description: If queue_all is true, then all traffic will be sent - to the waiting room. + description: |- + (Boolean) If queue_all is true, then all traffic will be sent to the waiting room. + If queue_all is true, then all traffic will be sent to the waiting room. type: boolean queueingMethod: - description: 'The queueing method used by the waiting room. Available - values: `fifo`, `random`, `passthrough`, `reject`. Defaults - to `fifo`.' + description: |- + (String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. Defaults to fifo. + The queueing method used by the waiting room. Available values: `fifo`, `random`, `passthrough`, `reject`. Defaults to `fifo`. type: string sessionDuration: - description: Lifetime of a cookie (in minutes) set by Cloudflare - for users who get access to the origin. Defaults to `5`. + description: |- + (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to 5. + Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to `5`. type: number suspended: - description: Suspends the waiting room. + description: |- + (Boolean) Suspends the waiting room. + Suspends the waiting room. type: boolean totalActiveUsers: - description: The total number of active user sessions on the route - at a point in time. + description: |- + (Number) The total number of active user sessions on the route at a point in time. + The total number of active user sessions on the route at a point in time. type: number zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -135,21 +159,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -162,8 +186,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -176,75 +201,225 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - host - - name - - newUsersPerMinute - - totalActiveUsers type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: + customPageHtml: + description: |- + (String) This is a templated html file that will be rendered at the edge. + This is a templated html file that will be rendered at the edge. + type: string + defaultTemplateLanguage: + description: |- + DE, es-ES, en-US, fr-FR, id-ID, it-IT, ja-JP, ko-KR, nl-NL, pl-PL, pt-BR, tr-TR, zh-CN, zh-TW. Defaults to en-US. + The language to use for the default waiting room page. Available values: `de-DE`, `es-ES`, `en-US`, `fr-FR`, `id-ID`, `it-IT`, `ja-JP`, `ko-KR`, `nl-NL`, `pl-PL`, `pt-BR`, `tr-TR`, `zh-CN`, `zh-TW`. Defaults to `en-US`. + type: string + description: + description: |- + (String) A description to add more details about the waiting room. + A description to add more details about the waiting room. + type: string + disableSessionRenewal: + description: |- + (Boolean) Disables automatic renewal of session cookies. + Disables automatic renewal of session cookies. + type: boolean + host: + description: |- + (String) Host name for which the waiting room will be applied (no wildcards). + Host name for which the waiting room will be applied (no wildcards). + type: string + jsonResponseEnabled: + description: |- + (Boolean) If true, requests to the waiting room with the header Accept: application/json will receive a JSON response object. + If true, requests to the waiting room with the header `Accept: application/json` will receive a JSON response object. + type: boolean name: - description: Name of the referenced object. + description: |- + (String) A unique name to identify the waiting room. Modifying this attribute will force creation of a new resource. + A unique name to identify the waiting room. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + newUsersPerMinute: + description: |- + (Number) The number of new users that will be let into the route every minute. + The number of new users that will be let into the route every minute. + type: number + path: + description: |- + (String) The path within the host to enable the waiting room on. Defaults to /. + The path within the host to enable the waiting room on. Defaults to `/`. + type: string + queueAll: + description: |- + (Boolean) If queue_all is true, then all traffic will be sent to the waiting room. + If queue_all is true, then all traffic will be sent to the waiting room. + type: boolean + queueingMethod: + description: |- + (String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. Defaults to fifo. + The queueing method used by the waiting room. Available values: `fifo`, `random`, `passthrough`, `reject`. Defaults to `fifo`. + type: string + sessionDuration: + description: |- + (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to 5. + Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to `5`. + type: number + suspended: + description: |- + (Boolean) Suspends the waiting room. + Suspends the waiting room. + type: boolean + totalActiveUsers: + description: |- + (Number) The total number of active user sessions on the route at a point in time. + The total number of active user sessions on the route at a point in time. + type: number + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -254,21 +429,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -278,17 +453,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -298,21 +475,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -327,21 +504,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -352,14 +530,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -374,12 +553,105 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.host is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.host) + || (has(self.initProvider) && has(self.initProvider.host))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.newUsersPerMinute is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.newUsersPerMinute) + || (has(self.initProvider) && has(self.initProvider.newUsersPerMinute))' + - message: spec.forProvider.totalActiveUsers is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.totalActiveUsers) + || (has(self.initProvider) && has(self.initProvider.totalActiveUsers))' status: description: RoomStatus defines the observed state of Room. properties: atProvider: properties: + customPageHtml: + description: |- + (String) This is a templated html file that will be rendered at the edge. + This is a templated html file that will be rendered at the edge. + type: string + defaultTemplateLanguage: + description: |- + DE, es-ES, en-US, fr-FR, id-ID, it-IT, ja-JP, ko-KR, nl-NL, pl-PL, pt-BR, tr-TR, zh-CN, zh-TW. Defaults to en-US. + The language to use for the default waiting room page. Available values: `de-DE`, `es-ES`, `en-US`, `fr-FR`, `id-ID`, `it-IT`, `ja-JP`, `ko-KR`, `nl-NL`, `pl-PL`, `pt-BR`, `tr-TR`, `zh-CN`, `zh-TW`. Defaults to `en-US`. + type: string + description: + description: |- + (String) A description to add more details about the waiting room. + A description to add more details about the waiting room. + type: string + disableSessionRenewal: + description: |- + (Boolean) Disables automatic renewal of session cookies. + Disables automatic renewal of session cookies. + type: boolean + host: + description: |- + (String) Host name for which the waiting room will be applied (no wildcards). + Host name for which the waiting room will be applied (no wildcards). + type: string id: + description: (String) The ID of this resource. + type: string + jsonResponseEnabled: + description: |- + (Boolean) If true, requests to the waiting room with the header Accept: application/json will receive a JSON response object. + If true, requests to the waiting room with the header `Accept: application/json` will receive a JSON response object. + type: boolean + name: + description: |- + (String) A unique name to identify the waiting room. Modifying this attribute will force creation of a new resource. + A unique name to identify the waiting room. **Modifying this attribute will force creation of a new resource.** + type: string + newUsersPerMinute: + description: |- + (Number) The number of new users that will be let into the route every minute. + The number of new users that will be let into the route every minute. + type: number + path: + description: |- + (String) The path within the host to enable the waiting room on. Defaults to /. + The path within the host to enable the waiting room on. Defaults to `/`. + type: string + queueAll: + description: |- + (Boolean) If queue_all is true, then all traffic will be sent to the waiting room. + If queue_all is true, then all traffic will be sent to the waiting room. + type: boolean + queueingMethod: + description: |- + (String) The queueing method used by the waiting room. Available values: fifo, random, passthrough, reject. Defaults to fifo. + The queueing method used by the waiting room. Available values: `fifo`, `random`, `passthrough`, `reject`. Defaults to `fifo`. + type: string + sessionDuration: + description: |- + (Number) Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to 5. + Lifetime of a cookie (in minutes) set by Cloudflare for users who get access to the origin. Defaults to `5`. + type: number + suspended: + description: |- + (Boolean) Suspends the waiting room. + Suspends the waiting room. + type: boolean + totalActiveUsers: + description: |- + (Number) The total number of active user sessions on the route at a point in time. + The total number of active user sessions on the route at a point in time. + type: number + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -388,13 +660,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -405,8 +679,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -415,6 +690,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -423,9 +701,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/waitingroom.cloudflare.upbound.io_rules.yaml b/package/crds/waitingroom.cloudflare.upbound.io_rules.yaml index a67fd17..5d6a89f 100644 --- a/package/crds/waitingroom.cloudflare.upbound.io_rules.yaml +++ b/package/crds/waitingroom.cloudflare.upbound.io_rules.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: rules.waitingroom.cloudflare.upbound.io spec: group: waitingroom.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Rules is the Schema for the Ruless API. + description: Rules is the Schema for the Ruless API. Provides a Cloudflare + Waiting Room Rules resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,35 +74,37 @@ spec: forProvider: properties: rules: - description: List of rules to apply to the ruleset. + description: |- + (Block List) List of rules to apply to the ruleset. (see below for nested schema) + List of rules to apply to the ruleset. items: properties: action: - description: 'Action to perform in the ruleset rule. Available - values: `bypass_waiting_room`.' + description: |- + (String) Action to perform in the ruleset rule. Available values: bypass_waiting_room. + Action to perform in the ruleset rule. Available values: `bypass_waiting_room`. type: string description: - description: Brief summary of the waiting room rule and - its intended use. + description: |- + (String) Brief summary of the waiting room rule and its intended use. + Brief summary of the waiting room rule and its intended use. type: string expression: - description: Criteria for an HTTP request to trigger the - waiting room rule action. Uses the Firewall Rules expression - language based on Wireshark display filters. Refer to - the [Waiting Room Rules Docs](https://developers.cloudflare.com/waiting-room/additional-options/waiting-room-rules/bypass-rules/). + description: |- + (String) Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Waiting Room Rules Docs. + Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Waiting Room Rules Docs](https://developers.cloudflare.com/waiting-room/additional-options/waiting-room-rules/bypass-rules/). type: string status: - description: 'Whether the rule is enabled or disabled. Available - values: `enabled`, `disabled`.' + description: |- + (String) Whether the rule is enabled or disabled. Available values: enabled, disabled. + Whether the rule is enabled or disabled. Available values: `enabled`, `disabled`. type: string - required: - - action - - expression type: object type: array waitingRoomId: - description: The Waiting Room ID the rules should apply to. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The Waiting Room ID the rules should apply to. Modifying this attribute will force creation of a new resource. + The Waiting Room ID the rules should apply to. **Modifying this attribute will force creation of a new resource.** type: string waitingRoomIdRef: description: Reference to a Room to populate waitingRoomId. @@ -105,21 +117,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -132,8 +144,9 @@ spec: description: Selector for a Room to populate waitingRoomId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -146,21 +159,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -168,8 +181,9 @@ spec: type: object type: object zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -182,21 +196,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -209,8 +223,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -223,21 +238,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -245,48 +260,240 @@ spec: type: object type: object type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + rules: + description: |- + (Block List) List of rules to apply to the ruleset. (see below for nested schema) + List of rules to apply to the ruleset. + items: + properties: + action: + description: |- + (String) Action to perform in the ruleset rule. Available values: bypass_waiting_room. + Action to perform in the ruleset rule. Available values: `bypass_waiting_room`. + type: string + description: + description: |- + (String) Brief summary of the waiting room rule and its intended use. + Brief summary of the waiting room rule and its intended use. + type: string + expression: + description: |- + (String) Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Waiting Room Rules Docs. + Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Waiting Room Rules Docs](https://developers.cloudflare.com/waiting-room/additional-options/waiting-room-rules/bypass-rules/). + type: string + status: + description: |- + (String) Whether the rule is enabled or disabled. Available values: enabled, disabled. + Whether the rule is enabled or disabled. Available values: `enabled`, `disabled`. + type: string + type: object + type: array + waitingRoomId: + description: |- + (String) The Waiting Room ID the rules should apply to. Modifying this attribute will force creation of a new resource. + The Waiting Room ID the rules should apply to. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + waitingRoomIdRef: + description: Reference to a Room to populate waitingRoomId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + waitingRoomIdSelector: + description: Selector for a Room to populate waitingRoomId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -296,21 +503,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -320,17 +527,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -340,21 +549,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -369,21 +578,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -394,14 +604,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -422,19 +633,56 @@ spec: atProvider: properties: id: + description: (String) The ID of this resource. type: string rules: - description: List of rules to apply to the ruleset. + description: |- + (Block List) List of rules to apply to the ruleset. (see below for nested schema) + List of rules to apply to the ruleset. items: properties: + action: + description: |- + (String) Action to perform in the ruleset rule. Available values: bypass_waiting_room. + Action to perform in the ruleset rule. Available values: `bypass_waiting_room`. + type: string + description: + description: |- + (String) Brief summary of the waiting room rule and its intended use. + Brief summary of the waiting room rule and its intended use. + type: string + expression: + description: |- + (String) Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Waiting Room Rules Docs. + Criteria for an HTTP request to trigger the waiting room rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Waiting Room Rules Docs](https://developers.cloudflare.com/waiting-room/additional-options/waiting-room-rules/bypass-rules/). + type: string id: - description: Unique rule identifier. + description: |- + (String) The ID of this resource. + Unique rule identifier. + type: string + status: + description: |- + (String) Whether the rule is enabled or disabled. Available values: enabled, disabled. + Whether the rule is enabled or disabled. Available values: `enabled`, `disabled`. type: string version: - description: Version of the waiting room rule. + description: |- + (String) Version of the waiting room rule. + Version of the waiting room rule. type: string type: object type: array + waitingRoomId: + description: |- + (String) The Waiting Room ID the rules should apply to. Modifying this attribute will force creation of a new resource. + The Waiting Room ID the rules should apply to. **Modifying this attribute will force creation of a new resource.** + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string type: object conditions: description: Conditions of the resource. @@ -442,13 +690,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -459,8 +709,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -469,6 +720,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -477,9 +731,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/warp.cloudflare.upbound.io_devicepolicycertificates.yaml b/package/crds/warp.cloudflare.upbound.io_devicepolicycertificates.yaml index 4eab325..20765d8 100644 --- a/package/crds/warp.cloudflare.upbound.io_devicepolicycertificates.yaml +++ b/package/crds/warp.cloudflare.upbound.io_devicepolicycertificates.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: devicepolicycertificates.warp.cloudflare.upbound.io spec: group: warp.cloudflare.upbound.io @@ -36,17 +35,22 @@ spec: schema: openAPIV3Schema: description: DevicePolicyCertificates is the Schema for the DevicePolicyCertificatess - API. + API. Provides a Cloudflare Device Policy Certificates resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -56,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -66,9 +75,12 @@ spec: forProvider: properties: enabled: + description: True if certificate generation is enabled. type: boolean zoneId: - description: The zone identifier to target for the resource. + description: |- + The zone ID where certificate generation is allowed. + The zone identifier to target for the resource. type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -81,21 +93,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -108,8 +120,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -122,72 +135,158 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - enabled type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + enabled: + description: True if certificate generation is enabled. + type: boolean + zoneId: + description: |- + The zone ID where certificate generation is allowed. + The zone identifier to target for the resource. type: string - policy: - description: Policies for referencing. + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -197,21 +296,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -221,17 +320,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -241,21 +342,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -270,21 +371,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -295,14 +397,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -317,13 +420,27 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.enabled is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.enabled) + || (has(self.initProvider) && has(self.initProvider.enabled))' status: description: DevicePolicyCertificatesStatus defines the observed state of DevicePolicyCertificates. properties: atProvider: properties: + enabled: + description: True if certificate generation is enabled. + type: boolean id: + description: ID of the device policy certificates setting. + type: string + zoneId: + description: |- + The zone ID where certificate generation is allowed. + The zone identifier to target for the resource. type: string type: object conditions: @@ -332,13 +449,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -349,8 +468,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -359,6 +479,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -367,9 +490,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/warp.cloudflare.upbound.io_devicepostureintegrations.yaml b/package/crds/warp.cloudflare.upbound.io_devicepostureintegrations.yaml index cc7badb..da0c36f 100644 --- a/package/crds/warp.cloudflare.upbound.io_devicepostureintegrations.yaml +++ b/package/crds/warp.cloudflare.upbound.io_devicepostureintegrations.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: devicepostureintegrations.warp.cloudflare.upbound.io spec: group: warp.cloudflare.upbound.io @@ -36,17 +35,22 @@ spec: schema: openAPIV3Schema: description: DevicePostureIntegration is the Schema for the DevicePostureIntegrations - API. + API. Provides a Cloudflare Device Posture Integration resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -56,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -66,7 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + The account to which the device posture integration should be added. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -79,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -106,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -120,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -142,17 +154,22 @@ spec: type: object type: object config: + description: The device posture integration's connection authorization + parameters. items: properties: apiUrl: + description: The third-party API's URL. type: string authUrl: + description: The third-party authorization API URL. type: string clientId: + description: The client identifier for authenticating API + calls. type: string clientKeySecretRef: - description: A SecretKeySelector is a reference to a secret - key in an arbitrary namespace. + description: The client key for authenticating API calls. properties: key: description: The key to select. @@ -169,8 +186,7 @@ spec: - namespace type: object clientSecretSecretRef: - description: A SecretKeySelector is a reference to a secret - key in an arbitrary namespace. + description: The client secret for authenticating API calls. properties: key: description: The key to select. @@ -187,63 +203,188 @@ spec: - namespace type: object customerId: + description: The customer identifier for authenticating + API calls. type: string type: object type: array identifier: type: string interval: + description: |- + Indicates the frequency with which to poll the third-party API. + Must be in the format "1h" or "30m". Valid units are h and m. type: string name: + description: Name of the device posture integration. type: string type: + description: The device posture integration type. Valid values + are workspace_one. type: string - required: - - name - - type type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + The account to which the device posture integration should be added. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + config: + description: The device posture integration's connection authorization + parameters. + items: + properties: + apiUrl: + description: The third-party API's URL. + type: string + authUrl: + description: The third-party authorization API URL. + type: string + clientId: + description: The client identifier for authenticating API + calls. + type: string + customerId: + description: The customer identifier for authenticating + API calls. + type: string + type: object + type: array + identifier: + type: string + interval: + description: |- + Indicates the frequency with which to poll the third-party API. + Must be in the format "1h" or "30m". Valid units are h and m. + type: string + name: + description: Name of the device posture integration. + type: string + type: + description: The device posture integration type. Valid values + are workspace_one. + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -253,21 +394,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -277,17 +418,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -297,21 +440,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -326,21 +469,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -351,14 +495,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -373,13 +518,63 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.type is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.type) + || (has(self.initProvider) && has(self.initProvider.type))' status: description: DevicePostureIntegrationStatus defines the observed state of DevicePostureIntegration. properties: atProvider: properties: + accountId: + description: |- + The account to which the device posture integration should be added. + The account identifier to target for the resource. + type: string + config: + description: The device posture integration's connection authorization + parameters. + items: + properties: + apiUrl: + description: The third-party API's URL. + type: string + authUrl: + description: The third-party authorization API URL. + type: string + clientId: + description: The client identifier for authenticating API + calls. + type: string + customerId: + description: The customer identifier for authenticating + API calls. + type: string + type: object + type: array id: + description: ID of the device posture integration. + type: string + identifier: + type: string + interval: + description: |- + Indicates the frequency with which to poll the third-party API. + Must be in the format "1h" or "30m". Valid units are h and m. + type: string + name: + description: Name of the device posture integration. + type: string + type: + description: The device posture integration type. Valid values + are workspace_one. type: string type: object conditions: @@ -388,13 +583,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -405,8 +602,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -415,6 +613,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -423,9 +624,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/warp.cloudflare.upbound.io_deviceposturerules.yaml b/package/crds/warp.cloudflare.upbound.io_deviceposturerules.yaml index 82cd6c7..23ba97b 100644 --- a/package/crds/warp.cloudflare.upbound.io_deviceposturerules.yaml +++ b/package/crds/warp.cloudflare.upbound.io_deviceposturerules.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: deviceposturerules.warp.cloudflare.upbound.io spec: group: warp.cloudflare.upbound.io @@ -36,17 +35,23 @@ spec: schema: openAPIV3Schema: description: DevicePostureRule is the Schema for the DevicePostureRules API. - + Provides a Cloudflare Device Posture Rule resource. Device posture rules + configure security policies for device posture checks. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,7 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,133 +154,367 @@ spec: type: object type: object description: + description: (String) type: string expiration: - description: Expire posture results after the specified amount - of time. Must be in the format `1h` or `30m`. Valid units are - `h` and `m`. + description: |- + (String) Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m. + Expire posture results after the specified amount of time. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. type: string input: + description: (Block List) (see below for nested schema) items: properties: complianceStatus: - description: The workspace one device compliance status. + description: |- + (String) The workspace one device compliance status. + The workspace one device compliance status. type: string connectionId: - description: The workspace one connection id. + description: |- + (String) The workspace one connection id. + The workspace one connection id. type: string domain: - description: The domain that the client must join. + description: |- + (String) The domain that the client must join. + The domain that the client must join. type: string enabled: - description: True if the firewall must be enabled. + description: |- + (Boolean) True if the firewall must be enabled. + True if the firewall must be enabled. type: boolean exists: - description: Checks if the file should exist. + description: |- + (Boolean) Checks if the file should exist. + Checks if the file should exist. type: boolean id: - description: The Teams List id. + description: |- + (String) The ID of this resource. + The Teams List id. type: string operator: - description: The version comparison operator. + description: |- + (String) The version comparison operator. + The version comparison operator. type: string osDistroName: - description: The operating system excluding version information. + description: |- + (String) The operating system excluding version information. + The operating system excluding version information. type: string osDistroRevision: - description: The operating system version excluding OS name - information or release name. + description: |- + (String) The operating system version excluding OS name information or release name. + The operating system version excluding OS name information or release name. type: string path: - description: The path to the file. + description: |- + (String) The path to the file. + The path to the file. type: string requireAll: - description: True if all drives must be encrypted. + description: |- + (Boolean) True if all drives must be encrypted. + True if all drives must be encrypted. type: boolean running: - description: Checks if the application should be running. + description: |- + (Boolean) Checks if the application should be running. + Checks if the application should be running. type: boolean sha256: - description: The sha256 hash of the file. + description: |- + (String) The sha256 hash of the file. + The sha256 hash of the file. type: string thumbprint: - description: The thumbprint of the file certificate. + description: |- + (String) The thumbprint of the file certificate. + The thumbprint of the file certificate. type: string version: - description: The operating system semantic version. + description: |- + (String) The operating system semantic version. + The operating system semantic version. type: string type: object type: array match: - description: The conditions that the client must match to run - the rule. + description: |- + (Block List) The conditions that the client must match to run the rule. (see below for nested schema) + The conditions that the client must match to run the rule. items: properties: platform: - description: 'The platform of the device. Available values: - `windows`, `mac`, `linux`, `android`, `ios`, `chromeos`.' + description: |- + (String) The platform of the device. Available values: windows, mac, linux, android, ios, chromeos. + The platform of the device. Available values: `windows`, `mac`, `linux`, `android`, `ios`, `chromeos`. type: string type: object type: array name: - description: Name of the device posture rule. + description: |- + (String) Name of the device posture rule. + Name of the device posture rule. type: string schedule: - description: Tells the client when to run the device posture check. - Must be in the format `1h` or `30m`. Valid units are `h` and - `m`. + description: |- + (String) Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m. + Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. type: string type: - description: 'The device posture rule type. Available values: - `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, - `os_version`, `disk_encryption`, `firewall`, `workspace_one`, - `unique_client_id`.' + description: |- + (String) The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, workspace_one, unique_client_id. + The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `workspace_one`, `unique_client_id`. type: string - required: - - type type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + description: + description: (String) + type: string + expiration: + description: |- + (String) Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m. + Expire posture results after the specified amount of time. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. + type: string + input: + description: (Block List) (see below for nested schema) + items: + properties: + complianceStatus: + description: |- + (String) The workspace one device compliance status. + The workspace one device compliance status. + type: string + connectionId: + description: |- + (String) The workspace one connection id. + The workspace one connection id. + type: string + domain: + description: |- + (String) The domain that the client must join. + The domain that the client must join. + type: string + enabled: + description: |- + (Boolean) True if the firewall must be enabled. + True if the firewall must be enabled. + type: boolean + exists: + description: |- + (Boolean) Checks if the file should exist. + Checks if the file should exist. + type: boolean + id: + description: |- + (String) The ID of this resource. + The Teams List id. + type: string + operator: + description: |- + (String) The version comparison operator. + The version comparison operator. + type: string + osDistroName: + description: |- + (String) The operating system excluding version information. + The operating system excluding version information. + type: string + osDistroRevision: + description: |- + (String) The operating system version excluding OS name information or release name. + The operating system version excluding OS name information or release name. + type: string + path: + description: |- + (String) The path to the file. + The path to the file. + type: string + requireAll: + description: |- + (Boolean) True if all drives must be encrypted. + True if all drives must be encrypted. + type: boolean + running: + description: |- + (Boolean) Checks if the application should be running. + Checks if the application should be running. + type: boolean + sha256: + description: |- + (String) The sha256 hash of the file. + The sha256 hash of the file. + type: string + thumbprint: + description: |- + (String) The thumbprint of the file certificate. + The thumbprint of the file certificate. + type: string + version: + description: |- + (String) The operating system semantic version. + The operating system semantic version. + type: string + type: object + type: array + match: + description: |- + (Block List) The conditions that the client must match to run the rule. (see below for nested schema) + The conditions that the client must match to run the rule. + items: + properties: + platform: + description: |- + (String) The platform of the device. Available values: windows, mac, linux, android, ios, chromeos. + The platform of the device. Available values: `windows`, `mac`, `linux`, `android`, `ios`, `chromeos`. + type: string + type: object + type: array + name: + description: |- + (String) Name of the device posture rule. + Name of the device posture rule. + type: string + schedule: + description: |- + (String) Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m. + Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. + type: string + type: + description: |- + (String) The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, workspace_one, unique_client_id. + The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `workspace_one`, `unique_client_id`. + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -277,21 +524,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -301,17 +548,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -321,21 +570,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -350,21 +599,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -375,14 +625,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -397,12 +648,140 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.type is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.type) + || (has(self.initProvider) && has(self.initProvider.type))' status: description: DevicePostureRuleStatus defines the observed state of DevicePostureRule. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string + description: + description: (String) + type: string + expiration: + description: |- + (String) Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m. + Expire posture results after the specified amount of time. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. + type: string id: + description: (String) The ID of this resource. + type: string + input: + description: (Block List) (see below for nested schema) + items: + properties: + complianceStatus: + description: |- + (String) The workspace one device compliance status. + The workspace one device compliance status. + type: string + connectionId: + description: |- + (String) The workspace one connection id. + The workspace one connection id. + type: string + domain: + description: |- + (String) The domain that the client must join. + The domain that the client must join. + type: string + enabled: + description: |- + (Boolean) True if the firewall must be enabled. + True if the firewall must be enabled. + type: boolean + exists: + description: |- + (Boolean) Checks if the file should exist. + Checks if the file should exist. + type: boolean + id: + description: |- + (String) The ID of this resource. + The Teams List id. + type: string + operator: + description: |- + (String) The version comparison operator. + The version comparison operator. + type: string + osDistroName: + description: |- + (String) The operating system excluding version information. + The operating system excluding version information. + type: string + osDistroRevision: + description: |- + (String) The operating system version excluding OS name information or release name. + The operating system version excluding OS name information or release name. + type: string + path: + description: |- + (String) The path to the file. + The path to the file. + type: string + requireAll: + description: |- + (Boolean) True if all drives must be encrypted. + True if all drives must be encrypted. + type: boolean + running: + description: |- + (Boolean) Checks if the application should be running. + Checks if the application should be running. + type: boolean + sha256: + description: |- + (String) The sha256 hash of the file. + The sha256 hash of the file. + type: string + thumbprint: + description: |- + (String) The thumbprint of the file certificate. + The thumbprint of the file certificate. + type: string + version: + description: |- + (String) The operating system semantic version. + The operating system semantic version. + type: string + type: object + type: array + match: + description: |- + (Block List) The conditions that the client must match to run the rule. (see below for nested schema) + The conditions that the client must match to run the rule. + items: + properties: + platform: + description: |- + (String) The platform of the device. Available values: windows, mac, linux, android, ios, chromeos. + The platform of the device. Available values: `windows`, `mac`, `linux`, `android`, `ios`, `chromeos`. + type: string + type: object + type: array + name: + description: |- + (String) Name of the device posture rule. + Name of the device posture rule. + type: string + schedule: + description: |- + (String) Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m. + Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. + type: string + type: + description: |- + (String) The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, workspace_one, unique_client_id. + The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `workspace_one`, `unique_client_id`. type: string type: object conditions: @@ -411,13 +790,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -428,8 +809,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -438,6 +820,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -446,9 +831,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/warp.cloudflare.upbound.io_devicesettingspolicies.yaml b/package/crds/warp.cloudflare.upbound.io_devicesettingspolicies.yaml index f52e586..cc10fff 100644 --- a/package/crds/warp.cloudflare.upbound.io_devicesettingspolicies.yaml +++ b/package/crds/warp.cloudflare.upbound.io_devicesettingspolicies.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: devicesettingspolicies.warp.cloudflare.upbound.io spec: group: warp.cloudflare.upbound.io @@ -36,17 +35,23 @@ spec: schema: openAPIV3Schema: description: DeviceSettingsPolicy is the Schema for the DeviceSettingsPolicys - API. + API. Provides a Cloudflare Device Settings Policy resource. Device policies + configure settings applied to WARP devices. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,7 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,104 +154,283 @@ spec: type: object type: object allowModeSwitch: - description: Whether to allow mode switch for this policy. + description: |- + (Boolean) Whether to allow mode switch for this policy. + Whether to allow mode switch for this policy. type: boolean allowUpdates: - description: Whether to allow updates under this policy. + description: |- + (Boolean) Whether to allow updates under this policy. + Whether to allow updates under this policy. type: boolean allowedToLeave: - description: Whether to allow devices to leave the organization. - Defaults to `true`. + description: |- + (Boolean) Whether to allow devices to leave the organization. Defaults to true. + Whether to allow devices to leave the organization. Defaults to `true`. type: boolean autoConnect: - description: The amount of time in minutes to reconnect after - having been disabled. + description: |- + (Number) The amount of time in minutes to reconnect after having been disabled. + The amount of time in minutes to reconnect after having been disabled. type: number captivePortal: - description: The captive portal value for this policy. Defaults - to `180`. + description: |- + (Number) The captive portal value for this policy. Defaults to 180. + The captive portal value for this policy. Defaults to `180`. type: number default: - description: Whether the policy refers to the default account - policy. + description: |- + (Boolean) Whether the policy refers to the default account policy. + Whether the policy refers to the default account policy. type: boolean disableAutoFallback: - description: Whether to disable auto fallback for this policy. + description: |- + (Boolean) Whether to disable auto fallback for this policy. + Whether to disable auto fallback for this policy. type: boolean enabled: - description: Whether the policy is enabled (cannot be set for - default policies). Defaults to `true`. + description: |- + (Boolean) Whether the policy is enabled (cannot be set for default policies). Defaults to true. + Whether the policy is enabled (cannot be set for default policies). Defaults to `true`. type: boolean match: - description: Wirefilter expression to match a device against when - evaluating whether this policy should take effect for that device. + description: |- + (String) Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. + Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. type: string name: - description: Name of the policy. + description: |- + (String) Name of the policy. + Name of the policy. type: string precedence: - description: The precedence of the policy. Lower values indicate - higher precedence. + description: |- + (Number) The precedence of the policy. Lower values indicate higher precedence. + The precedence of the policy. Lower values indicate higher precedence. type: number serviceModeV2Mode: - description: The service mode. Defaults to `warp`. + description: |- + (String) The service mode. Defaults to warp. + The service mode. Defaults to `warp`. type: string serviceModeV2Port: - description: The port to use for the proxy service mode. Required - when using `service_mode_v2_mode`. + description: |- + (Number) The port to use for the proxy service mode. Required when using service_mode_v2_mode. + The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. type: number supportUrl: - description: The support URL that will be opened when sending - feedback. + description: |- + (String) The support URL that will be opened when sending feedback. + The support URL that will be opened when sending feedback. type: string switchLocked: - description: Enablement of the ZT client switch lock. + description: |- + (Boolean) Enablement of the ZT client switch lock. + Enablement of the ZT client switch lock. type: boolean - required: - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + allowModeSwitch: + description: |- + (Boolean) Whether to allow mode switch for this policy. + Whether to allow mode switch for this policy. + type: boolean + allowUpdates: + description: |- + (Boolean) Whether to allow updates under this policy. + Whether to allow updates under this policy. + type: boolean + allowedToLeave: + description: |- + (Boolean) Whether to allow devices to leave the organization. Defaults to true. + Whether to allow devices to leave the organization. Defaults to `true`. + type: boolean + autoConnect: + description: |- + (Number) The amount of time in minutes to reconnect after having been disabled. + The amount of time in minutes to reconnect after having been disabled. + type: number + captivePortal: + description: |- + (Number) The captive portal value for this policy. Defaults to 180. + The captive portal value for this policy. Defaults to `180`. + type: number + default: + description: |- + (Boolean) Whether the policy refers to the default account policy. + Whether the policy refers to the default account policy. + type: boolean + disableAutoFallback: + description: |- + (Boolean) Whether to disable auto fallback for this policy. + Whether to disable auto fallback for this policy. + type: boolean + enabled: + description: |- + (Boolean) Whether the policy is enabled (cannot be set for default policies). Defaults to true. + Whether the policy is enabled (cannot be set for default policies). Defaults to `true`. + type: boolean + match: + description: |- + (String) Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. + Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. + type: string + name: + description: |- + (String) Name of the policy. + Name of the policy. + type: string + precedence: + description: |- + (Number) The precedence of the policy. Lower values indicate higher precedence. + The precedence of the policy. Lower values indicate higher precedence. + type: number + serviceModeV2Mode: + description: |- + (String) The service mode. Defaults to warp. + The service mode. Defaults to `warp`. + type: string + serviceModeV2Port: + description: |- + (Number) The port to use for the proxy service mode. Required when using service_mode_v2_mode. + The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. + type: number + supportUrl: + description: |- + (String) The support URL that will be opened when sending feedback. + The support URL that will be opened when sending feedback. + type: string + switchLocked: + description: |- + (Boolean) Enablement of the ZT client switch lock. + Enablement of the ZT client switch lock. + type: boolean type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -248,21 +440,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -272,17 +464,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -292,21 +486,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -321,21 +515,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -346,14 +541,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -368,14 +564,100 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: DeviceSettingsPolicyStatus defines the observed state of DeviceSettingsPolicy. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string + allowModeSwitch: + description: |- + (Boolean) Whether to allow mode switch for this policy. + Whether to allow mode switch for this policy. + type: boolean + allowUpdates: + description: |- + (Boolean) Whether to allow updates under this policy. + Whether to allow updates under this policy. + type: boolean + allowedToLeave: + description: |- + (Boolean) Whether to allow devices to leave the organization. Defaults to true. + Whether to allow devices to leave the organization. Defaults to `true`. + type: boolean + autoConnect: + description: |- + (Number) The amount of time in minutes to reconnect after having been disabled. + The amount of time in minutes to reconnect after having been disabled. + type: number + captivePortal: + description: |- + (Number) The captive portal value for this policy. Defaults to 180. + The captive portal value for this policy. Defaults to `180`. + type: number + default: + description: |- + (Boolean) Whether the policy refers to the default account policy. + Whether the policy refers to the default account policy. + type: boolean + disableAutoFallback: + description: |- + (Boolean) Whether to disable auto fallback for this policy. + Whether to disable auto fallback for this policy. + type: boolean + enabled: + description: |- + (Boolean) Whether the policy is enabled (cannot be set for default policies). Defaults to true. + Whether the policy is enabled (cannot be set for default policies). Defaults to `true`. + type: boolean id: + description: (String) The ID of this resource. + type: string + match: + description: |- + (String) Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. + Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device. type: string + name: + description: |- + (String) Name of the policy. + Name of the policy. + type: string + precedence: + description: |- + (Number) The precedence of the policy. Lower values indicate higher precedence. + The precedence of the policy. Lower values indicate higher precedence. + type: number + serviceModeV2Mode: + description: |- + (String) The service mode. Defaults to warp. + The service mode. Defaults to `warp`. + type: string + serviceModeV2Port: + description: |- + (Number) The port to use for the proxy service mode. Required when using service_mode_v2_mode. + The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. + type: number + supportUrl: + description: |- + (String) The support URL that will be opened when sending feedback. + The support URL that will be opened when sending feedback. + type: string + switchLocked: + description: |- + (Boolean) Enablement of the ZT client switch lock. + Enablement of the ZT client switch lock. + type: boolean type: object conditions: description: Conditions of the resource. @@ -383,13 +665,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -400,8 +684,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -410,6 +695,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -418,9 +706,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/warp.cloudflare.upbound.io_fallbackdomains.yaml b/package/crds/warp.cloudflare.upbound.io_fallbackdomains.yaml index c2f16d0..e23d500 100644 --- a/package/crds/warp.cloudflare.upbound.io_fallbackdomains.yaml +++ b/package/crds/warp.cloudflare.upbound.io_fallbackdomains.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: fallbackdomains.warp.cloudflare.upbound.io spec: group: warp.cloudflare.upbound.io @@ -35,18 +34,26 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: FallbackDomain is the Schema for the FallbackDomains API. + description: FallbackDomain is the Schema for the FallbackDomains API. Provides + a Cloudflare Fallback Domain resource. Fallback domains are used to ignore + DNS requests to a given list of domains. These DNS requests will be passed + back to other DNS servers configured on existing network interfaces on the + device. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +62,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,7 +77,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -78,21 +92,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -105,8 +119,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -119,21 +134,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -141,25 +156,32 @@ spec: type: object type: object domains: + description: '(Block Set, Min: 1) (see below for nested schema)' items: properties: description: - description: A description of the fallback domain, displayed - in the client UI. + description: |- + (String) A description of the fallback domain, displayed in the client UI. + A description of the fallback domain, displayed in the client UI. type: string dnsServer: - description: A list of IP addresses to handle domain resolution. + description: |- + (List of String) A list of IP addresses to handle domain resolution. + A list of IP addresses to handle domain resolution. items: type: string type: array suffix: - description: The domain suffix to match when resolving locally. + description: |- + (String) The domain suffix to match when resolving locally. + The domain suffix to match when resolving locally. type: string type: object type: array policyId: - description: The settings policy for which to configure this fallback - domain policy. + description: |- + (String) The settings policy for which to configure this fallback domain policy. + The settings policy for which to configure this fallback domain policy. type: string policyIdRef: description: Reference to a DeviceSettingsPolicy to populate policyId. @@ -172,21 +194,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -199,8 +221,9 @@ spec: description: Selector for a DeviceSettingsPolicy to populate policyId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -213,72 +236,257 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - domains type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + domains: + description: '(Block Set, Min: 1) (see below for nested schema)' + items: + properties: + description: + description: |- + (String) A description of the fallback domain, displayed in the client UI. + A description of the fallback domain, displayed in the client UI. + type: string + dnsServer: + description: |- + (List of String) A list of IP addresses to handle domain resolution. + A list of IP addresses to handle domain resolution. + items: + type: string + type: array + suffix: + description: |- + (String) The domain suffix to match when resolving locally. + The domain suffix to match when resolving locally. + type: string + type: object + type: array + policyId: + description: |- + (String) The settings policy for which to configure this fallback domain policy. + The settings policy for which to configure this fallback domain policy. + type: string + policyIdRef: + description: Reference to a DeviceSettingsPolicy to populate policyId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + policyIdSelector: + description: Selector for a DeviceSettingsPolicy to populate policyId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -288,21 +496,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -312,17 +520,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -332,21 +542,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -361,21 +571,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -386,14 +597,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -408,12 +620,51 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.domains is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.domains) + || (has(self.initProvider) && has(self.initProvider.domains))' status: description: FallbackDomainStatus defines the observed state of FallbackDomain. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string + domains: + description: '(Block Set, Min: 1) (see below for nested schema)' + items: + properties: + description: + description: |- + (String) A description of the fallback domain, displayed in the client UI. + A description of the fallback domain, displayed in the client UI. + type: string + dnsServer: + description: |- + (List of String) A list of IP addresses to handle domain resolution. + A list of IP addresses to handle domain resolution. + items: + type: string + type: array + suffix: + description: |- + (String) The domain suffix to match when resolving locally. + The domain suffix to match when resolving locally. + type: string + type: object + type: array id: + description: (String) The ID of this resource. + type: string + policyId: + description: |- + (String) The settings policy for which to configure this fallback domain policy. + The settings policy for which to configure this fallback domain policy. type: string type: object conditions: @@ -422,13 +673,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -439,8 +692,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -449,6 +703,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -457,9 +714,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/warp.cloudflare.upbound.io_splittunnels.yaml b/package/crds/warp.cloudflare.upbound.io_splittunnels.yaml index dafd7b1..211250e 100644 --- a/package/crds/warp.cloudflare.upbound.io_splittunnels.yaml +++ b/package/crds/warp.cloudflare.upbound.io_splittunnels.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: splittunnels.warp.cloudflare.upbound.io spec: group: warp.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: SplitTunnel is the Schema for the SplitTunnels API. + description: SplitTunnel is the Schema for the SplitTunnels API. Provides + a Cloudflare Split Tunnel resource. Split tunnels are used to either include + or exclude lists of routes from the WARP client's tunnel. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +75,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,12 +154,14 @@ spec: type: object type: object mode: - description: 'The mode of the split tunnel policy. Available values: - `include`, `exclude`.' + description: |- + (String) The mode of the split tunnel policy. Available values: include, exclude. + The mode of the split tunnel policy. Available values: `include`, `exclude`. type: string policyId: - description: The settings policy for which to configure this split - tunnel policy. + description: |- + (String) The settings policy for which to configure this split tunnel policy. + The settings policy for which to configure this split tunnel policy. type: string policyIdRef: description: Reference to a DeviceSettingsPolicy to populate policyId. @@ -158,21 +174,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -185,8 +201,9 @@ spec: description: Selector for a DeviceSettingsPolicy to populate policyId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -199,21 +216,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -221,66 +238,263 @@ spec: type: object type: object tunnels: - description: The value of the tunnel attributes. + description: |- + (Block Set, Min: 1) The value of the tunnel attributes. (see below for nested schema) + The value of the tunnel attributes. items: properties: address: - description: The address for the tunnel. + description: |- + (String) The address for the tunnel. + The address for the tunnel. type: string description: - description: A description for the tunnel. + description: |- + (String) A description for the tunnel. + A description for the tunnel. type: string host: - description: The domain name for the tunnel. + description: |- + (String) The domain name for the tunnel. + The domain name for the tunnel. type: string type: object type: array - required: - - mode - - tunnels type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + mode: + description: |- + (String) The mode of the split tunnel policy. Available values: include, exclude. + The mode of the split tunnel policy. Available values: `include`, `exclude`. + type: string + policyId: + description: |- + (String) The settings policy for which to configure this split tunnel policy. + The settings policy for which to configure this split tunnel policy. + type: string + policyIdRef: + description: Reference to a DeviceSettingsPolicy to populate policyId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + policyIdSelector: + description: Selector for a DeviceSettingsPolicy to populate policyId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + tunnels: + description: |- + (Block Set, Min: 1) The value of the tunnel attributes. (see below for nested schema) + The value of the tunnel attributes. + items: + properties: + address: + description: |- + (String) The address for the tunnel. + The address for the tunnel. + type: string + description: + description: |- + (String) A description for the tunnel. + A description for the tunnel. + type: string + host: + description: |- + (String) The domain name for the tunnel. + The domain name for the tunnel. + type: string + type: object + type: array type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -290,21 +504,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -314,17 +528,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -334,21 +550,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -363,21 +579,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -388,14 +605,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -410,13 +628,61 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.mode is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.mode) + || (has(self.initProvider) && has(self.initProvider.mode))' + - message: spec.forProvider.tunnels is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.tunnels) + || (has(self.initProvider) && has(self.initProvider.tunnels))' status: description: SplitTunnelStatus defines the observed state of SplitTunnel. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string id: + description: (String) The ID of this resource. + type: string + mode: + description: |- + (String) The mode of the split tunnel policy. Available values: include, exclude. + The mode of the split tunnel policy. Available values: `include`, `exclude`. + type: string + policyId: + description: |- + (String) The settings policy for which to configure this split tunnel policy. + The settings policy for which to configure this split tunnel policy. type: string + tunnels: + description: |- + (Block Set, Min: 1) The value of the tunnel attributes. (see below for nested schema) + The value of the tunnel attributes. + items: + properties: + address: + description: |- + (String) The address for the tunnel. + The address for the tunnel. + type: string + description: + description: |- + (String) A description for the tunnel. + A description for the tunnel. + type: string + host: + description: |- + (String) The domain name for the tunnel. + The domain name for the tunnel. + type: string + type: object + type: array type: object conditions: description: Conditions of the resource. @@ -424,13 +690,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -441,8 +709,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -451,6 +720,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -459,9 +731,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/web3.cloudflare.upbound.io_hostnames.yaml b/package/crds/web3.cloudflare.upbound.io_hostnames.yaml index 2a68d4d..529cadc 100644 --- a/package/crds/web3.cloudflare.upbound.io_hostnames.yaml +++ b/package/crds/web3.cloudflare.upbound.io_hostnames.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: hostnames.web3.cloudflare.upbound.io spec: group: web3.cloudflare.upbound.io @@ -38,14 +37,19 @@ spec: description: Hostname is the Schema for the Hostnames API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +58,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -90,21 +99,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -117,8 +126,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -131,73 +141,166 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - name - - target type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: + description: + description: An optional description of the hostname. + type: string + dnslink: + description: DNSLink value used if the target is ipfs. + type: string name: - description: Name of the referenced object. + description: The hostname that will point to the target gateway + via CNAME. type: string - policy: - description: Policies for referencing. + target: + description: Target gateway of the hostname. + type: string + zoneId: + description: The zone identifier to target for the resource. + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -207,21 +310,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -231,17 +334,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -251,21 +356,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -280,21 +385,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -305,14 +411,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -327,6 +434,15 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.target is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.target) + || (has(self.initProvider) && has(self.initProvider.target))' status: description: HostnameStatus defines the observed state of Hostname. properties: @@ -335,14 +451,30 @@ spec: createdOn: description: Creation time. type: string + description: + description: An optional description of the hostname. + type: string + dnslink: + description: DNSLink value used if the target is ipfs. + type: string id: type: string modifiedOn: description: Last modification time. type: string + name: + description: The hostname that will point to the target gateway + via CNAME. + type: string status: description: Status of the hostname's activation. type: string + target: + description: Target gateway of the hostname. + type: string + zoneId: + description: The zone identifier to target for the resource. + type: string type: object conditions: description: Conditions of the resource. @@ -350,13 +482,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -367,8 +501,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -377,6 +512,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -385,9 +523,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/worker.cloudflare.upbound.io_crontriggers.yaml b/package/crds/worker.cloudflare.upbound.io_crontriggers.yaml index 5b1d78a..1af0482 100644 --- a/package/crds/worker.cloudflare.upbound.io_crontriggers.yaml +++ b/package/crds/worker.cloudflare.upbound.io_crontriggers.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: crontriggers.worker.cloudflare.upbound.io spec: group: worker.cloudflare.upbound.io @@ -35,17 +34,26 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: CronTrigger is the Schema for the CronTriggers API. + description: CronTrigger is the Schema for the CronTriggers API. Worker Cron + Triggers allow users to map a cron expression to a Worker script using a + ScheduledEvent listener that enables Workers to be executed on a schedule. + Worker Cron Triggers are ideal for running periodic jobs for maintenance + or calling third-party APIs to collect up-to-date data. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +62,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +77,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +92,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +119,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +134,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,12 +156,17 @@ spec: type: object type: object schedules: - description: Cron expressions to execute the Worker script. + description: |- + (Set of String) Cron expressions to execute the Worker script. + Cron expressions to execute the Worker script. items: type: string type: array + x-kubernetes-list-type: set scriptName: - description: Worker script to target for the schedules. + description: |- + (String) Worker script to target for the schedules. + Worker script to target for the schedules. type: string scriptNameRef: description: Reference to a Script to populate scriptName. @@ -158,21 +179,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -185,8 +206,9 @@ spec: description: Selector for a Script to populate scriptName. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -199,72 +221,242 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - schedules type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + schedules: + description: |- + (Set of String) Cron expressions to execute the Worker script. + Cron expressions to execute the Worker script. + items: + type: string + type: array + x-kubernetes-list-type: set + scriptName: + description: |- + (String) Worker script to target for the schedules. + Worker script to target for the schedules. + type: string + scriptNameRef: + description: Reference to a Script to populate scriptName. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + scriptNameSelector: + description: Selector for a Script to populate scriptName. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -274,21 +466,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -298,17 +490,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -318,21 +512,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -347,21 +541,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -372,14 +567,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -394,12 +590,36 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.schedules is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.schedules) + || (has(self.initProvider) && has(self.initProvider.schedules))' status: description: CronTriggerStatus defines the observed state of CronTrigger. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string id: + description: (String) The ID of this resource. + type: string + schedules: + description: |- + (Set of String) Cron expressions to execute the Worker script. + Cron expressions to execute the Worker script. + items: + type: string + type: array + x-kubernetes-list-type: set + scriptName: + description: |- + (String) Worker script to target for the schedules. + Worker script to target for the schedules. type: string type: object conditions: @@ -408,13 +628,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -425,8 +647,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -435,6 +658,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -443,9 +669,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/worker.cloudflare.upbound.io_kvnamespaces.yaml b/package/crds/worker.cloudflare.upbound.io_kvnamespaces.yaml index c969612..186831a 100644 --- a/package/crds/worker.cloudflare.upbound.io_kvnamespaces.yaml +++ b/package/crds/worker.cloudflare.upbound.io_kvnamespaces.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: kvnamespaces.worker.cloudflare.upbound.io spec: group: worker.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: KVNamespace is the Schema for the KVNamespaces API. + description: KVNamespace is the Schema for the KVNamespaces API. Provides + the ability to manage Cloudflare Workers KV Namespace features. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,53 +153,143 @@ spec: type: object type: object title: - description: Title value of the Worker KV Namespace. + description: |- + (String) Title value of the Worker KV Namespace. + Title value of the Worker KV Namespace. type: string - required: - - title type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + title: + description: |- + (String) Title value of the Worker KV Namespace. + Title value of the Worker KV Namespace. + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -196,21 +299,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -220,17 +323,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -240,21 +345,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -269,21 +374,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -294,14 +400,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -316,12 +423,28 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.title is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.title) + || (has(self.initProvider) && has(self.initProvider.title))' status: description: KVNamespaceStatus defines the observed state of KVNamespace. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string id: + description: (String) The ID of this resource. + type: string + title: + description: |- + (String) Title value of the Worker KV Namespace. + Title value of the Worker KV Namespace. type: string type: object conditions: @@ -330,13 +453,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -347,8 +472,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -357,6 +483,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -365,9 +494,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/worker.cloudflare.upbound.io_kvs.yaml b/package/crds/worker.cloudflare.upbound.io_kvs.yaml index de28bfe..affa02b 100644 --- a/package/crds/worker.cloudflare.upbound.io_kvs.yaml +++ b/package/crds/worker.cloudflare.upbound.io_kvs.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: kvs.worker.cloudflare.upbound.io spec: group: worker.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: KV is the Schema for the KVs API. + description: KV is the Schema for the KVs API. Provides a resource to manage + a Cloudflare Workers KV Pair. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +74,9 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +89,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +116,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +131,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,13 +153,14 @@ spec: type: object type: object key: - description: Name of the KV pair. **Modifying this attribute will - force creation of a new resource.** + description: |- + (String) Name of the KV pair. Modifying this attribute will force creation of a new resource. + Name of the KV pair. **Modifying this attribute will force creation of a new resource.** type: string namespaceId: - description: The ID of the Workers KV namespace in which you want - to create the KV pair. **Modifying this attribute will force - creation of a new resource.** + description: |- + (String) The ID of the Workers KV namespace in which you want to create the KV pair. Modifying this attribute will force creation of a new resource. + The ID of the Workers KV namespace in which you want to create the KV pair. **Modifying this attribute will force creation of a new resource.** type: string namespaceIdRef: description: Reference to a KVNamespace to populate namespaceId. @@ -159,21 +173,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -186,8 +200,9 @@ spec: description: Selector for a KVNamespace to populate namespaceId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -200,21 +215,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -222,54 +237,227 @@ spec: type: object type: object value: - description: Value of the KV pair. + description: |- + (String) Value of the KV pair. + Value of the KV pair. type: string - required: - - key - - value type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + key: + description: |- + (String) Name of the KV pair. Modifying this attribute will force creation of a new resource. + Name of the KV pair. **Modifying this attribute will force creation of a new resource.** + type: string + namespaceId: + description: |- + (String) The ID of the Workers KV namespace in which you want to create the KV pair. Modifying this attribute will force creation of a new resource. + The ID of the Workers KV namespace in which you want to create the KV pair. **Modifying this attribute will force creation of a new resource.** + type: string + namespaceIdRef: + description: Reference to a KVNamespace to populate namespaceId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + namespaceIdSelector: + description: Selector for a KVNamespace to populate namespaceId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + value: + description: |- + (String) Value of the KV pair. + Value of the KV pair. + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -279,21 +467,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -303,17 +491,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -323,21 +513,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -352,21 +542,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -377,14 +568,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -399,12 +591,42 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.key is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.key) + || (has(self.initProvider) && has(self.initProvider.key))' + - message: spec.forProvider.value is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.value) + || (has(self.initProvider) && has(self.initProvider.value))' status: description: KVStatus defines the observed state of KV. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string id: + description: (String) The ID of this resource. + type: string + key: + description: |- + (String) Name of the KV pair. Modifying this attribute will force creation of a new resource. + Name of the KV pair. **Modifying this attribute will force creation of a new resource.** + type: string + namespaceId: + description: |- + (String) The ID of the Workers KV namespace in which you want to create the KV pair. Modifying this attribute will force creation of a new resource. + The ID of the Workers KV namespace in which you want to create the KV pair. **Modifying this attribute will force creation of a new resource.** + type: string + value: + description: |- + (String) Value of the KV pair. + Value of the KV pair. type: string type: object conditions: @@ -413,13 +635,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -430,8 +654,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -440,6 +665,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -448,9 +676,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/worker.cloudflare.upbound.io_routes.yaml b/package/crds/worker.cloudflare.upbound.io_routes.yaml index 422524e..144351f 100644 --- a/package/crds/worker.cloudflare.upbound.io_routes.yaml +++ b/package/crds/worker.cloudflare.upbound.io_routes.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: routes.worker.cloudflare.upbound.io spec: group: worker.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Route is the Schema for the Routes API. + description: Route is the Schema for the Routes API. Provides a Cloudflare + worker route resource. A route will also require a cloudflare_worker_script. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,12 +74,14 @@ spec: forProvider: properties: pattern: - description: The [route pattern](https://developers.cloudflare.com/workers/about/routes/) - to associate the Worker with. + description: |- + (String) The route pattern to associate the Worker with. + The [route pattern](https://developers.cloudflare.com/workers/about/routes/) to associate the Worker with. type: string scriptName: - description: Worker script name to invoke for requests that match - the route pattern. + description: |- + (String) Worker script name to invoke for requests that match the route pattern. + Worker script name to invoke for requests that match the route pattern. type: string scriptNameRef: description: Reference to a Script to populate scriptName. @@ -82,21 +94,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -109,8 +121,9 @@ spec: description: Selector for a Script to populate scriptName. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -123,21 +136,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -145,8 +158,9 @@ spec: type: object type: object zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone in zone to populate zoneId. @@ -159,21 +173,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -186,8 +200,9 @@ spec: description: Selector for a Zone in zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -200,72 +215,239 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - pattern type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + pattern: + description: |- + (String) The route pattern to associate the Worker with. + The [route pattern](https://developers.cloudflare.com/workers/about/routes/) to associate the Worker with. type: string - policy: - description: Policies for referencing. + scriptName: + description: |- + (String) Worker script name to invoke for requests that match the route pattern. + Worker script name to invoke for requests that match the route pattern. + type: string + scriptNameRef: + description: Reference to a Script to populate scriptName. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional + name: + description: Name of the referenced object. type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + scriptNameSelector: + description: Selector for a Script to populate scriptName. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone in zone to populate zoneId. + properties: + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone in zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -275,21 +457,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -299,17 +481,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -319,21 +503,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -348,21 +532,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -373,14 +558,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -395,12 +581,33 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.pattern is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.pattern) + || (has(self.initProvider) && has(self.initProvider.pattern))' status: description: RouteStatus defines the observed state of Route. properties: atProvider: properties: id: + description: (String) The ID of this resource. + type: string + pattern: + description: |- + (String) The route pattern to associate the Worker with. + The [route pattern](https://developers.cloudflare.com/workers/about/routes/) to associate the Worker with. + type: string + scriptName: + description: |- + (String) Worker script name to invoke for requests that match the route pattern. + Worker script name to invoke for requests that match the route pattern. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -409,13 +616,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -426,8 +635,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -436,6 +646,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -444,9 +657,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/worker.cloudflare.upbound.io_scripts.yaml b/package/crds/worker.cloudflare.upbound.io_scripts.yaml index 6e5b9d0..2b45a1f 100644 --- a/package/crds/worker.cloudflare.upbound.io_scripts.yaml +++ b/package/crds/worker.cloudflare.upbound.io_scripts.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: scripts.worker.cloudflare.upbound.io spec: group: worker.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Script is the Schema for the Scripts API. + description: Script is the Schema for the Scripts API. Provides a Cloudflare + worker script resource. In order for a script to be active, you'll also + need to setup a cloudflare_worker_route. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,36 +75,44 @@ spec: forProvider: properties: accountId: - description: The account identifier to target for the resource. + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. type: string analyticsEngineBinding: + description: (Block Set) (see below for nested schema) items: properties: dataset: - description: The name of the Analytics Engine dataset to - write to. + description: |- + (String) The name of the Analytics Engine dataset to write to. + The name of the Analytics Engine dataset to write to. type: string name: - description: The global variable for the binding in your - Worker code. + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. type: string - required: - - dataset - - name type: object type: array content: - description: The script content. + description: |- + (String) The script content. + The script content. type: string kvNamespaceBinding: + description: (Block Set) (see below for nested schema) items: properties: name: - description: The global variable for the binding in your - Worker code. + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. type: string namespaceId: - description: ID of the KV namespace you want to use. + description: |- + (String) ID of the KV namespace you want to use. + ID of the KV namespace you want to use. type: string namespaceIdRef: description: Reference to a KVNamespace to populate namespaceId. @@ -106,22 +125,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is - 'Required', which means the reconcile will fail - if the reference cannot be resolved. 'Optional' - means this reference will be a no-op if it cannot - be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference - should be resolved. The default is 'IfNotPresent', - which will attempt to resolve the reference only - when the corresponding field is not present. Use - 'Always' to resolve the reference on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -134,9 +152,9 @@ spec: description: Selector for a KVNamespace to populate namespaceId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with - the same controller reference as the selecting object - is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -149,78 +167,84 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution - of this reference is required. The default is - 'Required', which means the reconcile will fail - if the reference cannot be resolved. 'Optional' - means this reference will be a no-op if it cannot - be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference - should be resolved. The default is 'IfNotPresent', - which will attempt to resolve the reference only - when the corresponding field is not present. Use - 'Always' to resolve the reference on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - name type: object type: array module: - description: Whether to upload Worker as a module. + description: |- + (Boolean) Whether to upload Worker as a module. + Whether to upload Worker as a module. type: boolean name: - description: The name for the script. **Modifying this attribute - will force creation of a new resource.** + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The name for the script. **Modifying this attribute will force creation of a new resource.** type: string plainTextBinding: + description: (Block Set) (see below for nested schema) items: properties: name: - description: The global variable for the binding in your - Worker code. + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. type: string text: - description: The plain text you want to store. + description: |- + (String) The plain text you want to store. + The plain text you want to store. type: string - required: - - name - - text type: object type: array r2BucketBinding: + description: (Block Set) (see below for nested schema) items: properties: bucketName: - description: The name of the Bucket to bind to. + description: |- + (String) The name of the Bucket to bind to. + The name of the Bucket to bind to. type: string name: - description: The global variable for the binding in your - Worker code. + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. type: string - required: - - bucketName - - name type: object type: array secretTextBinding: + description: (Block Set) (see below for nested schema) items: properties: name: - description: The global variable for the binding in your - Worker code. + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. type: string textSecretRef: - description: The secret text you want to store. + description: |- + (String) The plain text you want to store. + The secret text you want to store. properties: key: description: The key to select. @@ -237,91 +261,301 @@ spec: - namespace type: object required: - - name - textSecretRef type: object type: array serviceBinding: + description: (Block Set) (see below for nested schema) items: properties: environment: - description: The name of the Worker environment to bind - to. + description: |- + (String) The name of the Worker environment to bind to. + The name of the Worker environment to bind to. type: string name: - description: The global variable for the binding in your - Worker code. + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. type: string service: - description: The name of the Worker to bind to. + description: |- + (String) The name of the Worker to bind to. + The name of the Worker to bind to. type: string - required: - - name - - service type: object type: array webassemblyBinding: + description: (Block Set) (see below for nested schema) items: properties: module: - description: The base64 encoded wasm module you want to - store. + description: |- + (Boolean) Whether to upload Worker as a module. + The base64 encoded wasm module you want to store. type: string name: - description: The global variable for the binding in your - Worker code. + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. type: string - required: - - module - - name type: object type: array - required: - - content - - name type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string + analyticsEngineBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + dataset: + description: |- + (String) The name of the Analytics Engine dataset to write to. + The name of the Analytics Engine dataset to write to. + type: string + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + type: object + type: array + content: + description: |- + (String) The script content. + The script content. + type: string + kvNamespaceBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + namespaceId: + description: |- + (String) ID of the KV namespace you want to use. + ID of the KV namespace you want to use. + type: string + namespaceIdRef: + description: Reference to a KVNamespace to populate namespaceId. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + namespaceIdSelector: + description: Selector for a KVNamespace to populate namespaceId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + type: object + type: array + module: + description: |- + (Boolean) Whether to upload Worker as a module. + Whether to upload Worker as a module. + type: boolean name: - description: Name of the referenced object. + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The name for the script. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name + plainTextBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + text: + description: |- + (String) The plain text you want to store. + The plain text you want to store. + type: string + type: object + type: array + r2BucketBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + bucketName: + description: |- + (String) The name of the Bucket to bind to. + The name of the Bucket to bind to. + type: string + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + type: object + type: array + secretTextBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + type: object + type: array + serviceBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + environment: + description: |- + (String) The name of the Worker environment to bind to. + The name of the Worker environment to bind to. + type: string + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + service: + description: |- + (String) The name of the Worker to bind to. + The name of the Worker to bind to. + type: string + type: object + type: array + webassemblyBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + module: + description: |- + (Boolean) Whether to upload Worker as a module. + The base64 encoded wasm module you want to store. + type: string + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + type: object + type: array type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -331,21 +565,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -355,17 +589,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -375,21 +611,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -404,21 +640,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -429,14 +666,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -451,13 +689,155 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.content is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.content) + || (has(self.initProvider) && has(self.initProvider.content))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' status: description: ScriptStatus defines the observed state of Script. properties: atProvider: properties: + accountId: + description: |- + (String) The account identifier to target for the resource. + The account identifier to target for the resource. + type: string + analyticsEngineBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + dataset: + description: |- + (String) The name of the Analytics Engine dataset to write to. + The name of the Analytics Engine dataset to write to. + type: string + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + type: object + type: array + content: + description: |- + (String) The script content. + The script content. + type: string id: + description: (String) The ID of this resource. type: string + kvNamespaceBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + namespaceId: + description: |- + (String) ID of the KV namespace you want to use. + ID of the KV namespace you want to use. + type: string + type: object + type: array + module: + description: |- + (Boolean) Whether to upload Worker as a module. + Whether to upload Worker as a module. + type: boolean + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The name for the script. **Modifying this attribute will force creation of a new resource.** + type: string + plainTextBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + text: + description: |- + (String) The plain text you want to store. + The plain text you want to store. + type: string + type: object + type: array + r2BucketBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + bucketName: + description: |- + (String) The name of the Bucket to bind to. + The name of the Bucket to bind to. + type: string + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + type: object + type: array + secretTextBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + type: object + type: array + serviceBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + environment: + description: |- + (String) The name of the Worker environment to bind to. + The name of the Worker environment to bind to. + type: string + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + service: + description: |- + (String) The name of the Worker to bind to. + The name of the Worker to bind to. + type: string + type: object + type: array + webassemblyBinding: + description: (Block Set) (see below for nested schema) + items: + properties: + module: + description: |- + (Boolean) Whether to upload Worker as a module. + The base64 encoded wasm module you want to store. + type: string + name: + description: |- + (String) The name for the script. Modifying this attribute will force creation of a new resource. + The global variable for the binding in your Worker code. + type: string + type: object + type: array type: object conditions: description: Conditions of the resource. @@ -465,13 +845,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -482,8 +864,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -492,6 +875,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -500,9 +886,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/zone.cloudflare.upbound.io_dnssecs.yaml b/package/crds/zone.cloudflare.upbound.io_dnssecs.yaml index 86e561c..bc1e6db 100644 --- a/package/crds/zone.cloudflare.upbound.io_dnssecs.yaml +++ b/package/crds/zone.cloudflare.upbound.io_dnssecs.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: dnssecs.zone.cloudflare.upbound.io spec: group: zone.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: DNSSEC is the Schema for the DNSSECs API. + description: DNSSEC is the Schema for the DNSSECs API. Provides a Cloudflare + resource to create and modify zone DNSSEC settings. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,11 +74,14 @@ spec: forProvider: properties: modifiedOn: - description: Zone DNSSEC updated time. + description: |- + (String) Zone DNSSEC updated time. + Zone DNSSEC updated time. type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone to populate zoneId. @@ -81,21 +94,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -108,8 +121,9 @@ spec: description: Selector for a Zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -122,21 +136,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -144,48 +158,138 @@ spec: type: object type: object type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + modifiedOn: + description: |- + (String) Zone DNSSEC updated time. + Zone DNSSEC updated time. type: string - policy: - description: Policies for referencing. + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -195,21 +299,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -219,17 +323,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -239,21 +345,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -268,21 +374,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -293,14 +400,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -321,36 +429,67 @@ spec: atProvider: properties: algorithm: - description: Zone DNSSEC algorithm. + description: |- + (String) Zone DNSSEC algorithm. + Zone DNSSEC algorithm. type: string digest: - description: Zone DNSSEC digest. + description: |- + (String) Zone DNSSEC digest. + Zone DNSSEC digest. type: string digestAlgorithm: - description: Digest algorithm use for Zone DNSSEC. + description: |- + (String) Digest algorithm use for Zone DNSSEC. + Digest algorithm use for Zone DNSSEC. type: string digestType: - description: Digest Type for Zone DNSSEC. + description: |- + (String) Digest Type for Zone DNSSEC. + Digest Type for Zone DNSSEC. type: string ds: - description: DS for the Zone DNSSEC. + description: |- + (String) DS for the Zone DNSSEC. + DS for the Zone DNSSEC. type: string flags: - description: Zone DNSSEC flags. + description: |- + (Number) Zone DNSSEC flags. + Zone DNSSEC flags. type: number id: + description: (String) The ID of this resource. type: string keyTag: - description: Key Tag for the Zone DNSSEC. + description: |- + (Number) Key Tag for the Zone DNSSEC. + Key Tag for the Zone DNSSEC. type: number keyType: - description: Key type used for Zone DNSSEC. + description: |- + (String) Key type used for Zone DNSSEC. + Key type used for Zone DNSSEC. + type: string + modifiedOn: + description: |- + (String) Zone DNSSEC updated time. + Zone DNSSEC updated time. type: string publicKey: - description: Public Key for the Zone DNSSEC. + description: |- + (String) Public Key for the Zone DNSSEC. + Public Key for the Zone DNSSEC. type: string status: - description: The status of the Zone DNSSEC. + description: |- + (String) The status of the Zone DNSSEC. + The status of the Zone DNSSEC. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -359,13 +498,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -376,8 +517,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -386,6 +528,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -394,9 +539,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/zone.cloudflare.upbound.io_healthchecks.yaml b/package/crds/zone.cloudflare.upbound.io_healthchecks.yaml index 620db04..c2272a1 100644 --- a/package/crds/zone.cloudflare.upbound.io_healthchecks.yaml +++ b/package/crds/zone.cloudflare.upbound.io_healthchecks.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: healthchecks.zone.cloudflare.upbound.io spec: group: zone.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Healthcheck is the Schema for the Healthchecks API. + description: Healthcheck is the Schema for the Healthchecks API. Standalone + Health Checks provide a way to monitor origin servers without needing a + Cloudflare Load Balancer. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,110 +75,124 @@ spec: forProvider: properties: address: - description: The hostname or IP address of the origin server to - run health checks on. + description: |- + (String) The hostname or IP address of the origin server to run health checks on. + The hostname or IP address of the origin server to run health checks on. type: string allowInsecure: - description: Do not validate the certificate when the health check - uses HTTPS. Defaults to `false`. + description: |- + (Boolean) Do not validate the certificate when the health check uses HTTPS. Defaults to false. + Do not validate the certificate when the health check uses HTTPS. Defaults to `false`. type: boolean checkRegions: - description: 'A list of regions from which to run health checks. - If not set, Cloudflare will pick a default region. Available - values: `WNAM`, `ENAM`, `WEU`, `EEU`, `NSAM`, `SSAM`, `OC`, - `ME`, `NAF`, `SAF`, `IN`, `SEAS`, `NEAS`, `ALL_REGIONS`.' + description: |- + (List of String) A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: WNAM, ENAM, WEU, EEU, NSAM, SSAM, OC, ME, NAF, SAF, IN, SEAS, NEAS, ALL_REGIONS. + A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: `WNAM`, `ENAM`, `WEU`, `EEU`, `NSAM`, `SSAM`, `OC`, `ME`, `NAF`, `SAF`, `IN`, `SEAS`, `NEAS`, `ALL_REGIONS`. items: type: string type: array consecutiveFails: - description: The number of consecutive fails required from a health - check before changing the health to unhealthy. Defaults to `1`. + description: |- + (Number) The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to 1. + The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to `1`. type: number consecutiveSuccesses: - description: The number of consecutive successes required from - a health check before changing the health to healthy. Defaults - to `1`. + description: |- + (Number) The number of consecutive successes required from a health check before changing the health to healthy. Defaults to 1. + The number of consecutive successes required from a health check before changing the health to healthy. Defaults to `1`. type: number description: - description: A human-readable description of the health check. + description: |- + readable description of the health check. + A human-readable description of the health check. type: string expectedBody: - description: A case-insensitive sub-string to look for in the - response body. If this string is not found the origin will be - marked as unhealthy. + description: |- + insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. + A case-insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. type: string expectedCodes: - description: The expected HTTP response codes (e.g. '200') or - code ranges (e.g. '2xx' for all codes starting with 2) of the - health check. + description: |- + (List of String) The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. + The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. items: type: string type: array followRedirects: - description: Follow redirects if the origin returns a 3xx status - code. Defaults to `false`. + description: |- + (Boolean) Follow redirects if the origin returns a 3xx status code. Defaults to false. + Follow redirects if the origin returns a 3xx status code. Defaults to `false`. type: boolean header: - description: The HTTP request headers to send in the health check. - It is recommended you set a Host header by default. The User-Agent - header cannot be overridden. + description: |- + Agent header cannot be overridden. (see below for nested schema) + The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. items: properties: header: - description: The header name. + description: |- + Agent header cannot be overridden. (see below for nested schema) + The header name. type: string values: - description: A list of string values for the header. + description: |- + (Set of String) A list of string values for the header. + A list of string values for the header. items: type: string type: array - required: - - header - - values + x-kubernetes-list-type: set type: object type: array interval: - description: The interval between each health check. Shorter intervals - may give quicker notifications if the origin status changes, - but will increase the load on the origin as we check from multiple - locations. Defaults to `60`. + description: |- + (Number) The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to 60. + The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to `60`. type: number method: - description: 'The HTTP method to use for the health check. Available - values: `connection_established`, `GET`, `HEAD`.' + description: |- + (String) The HTTP method to use for the health check. Available values: connection_established, GET, HEAD. + The HTTP method to use for the health check. Available values: `connection_established`, `GET`, `HEAD`. type: string name: - description: A short name to identify the health check. Only alphanumeric - characters, hyphens, and underscores are allowed. + description: |- + (String) A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. + A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. type: string path: - description: The endpoint path to health check against. Defaults - to `/`. + description: |- + (String) The endpoint path to health check against. Defaults to /. + The endpoint path to health check against. Defaults to `/`. type: string port: - description: Port number to connect to for the health check. Defaults - to `80`. + description: |- + (Number) Port number to connect to for the health check. Defaults to 80. + Port number to connect to for the health check. Defaults to `80`. type: number retries: - description: The number of retries to attempt in case of a timeout - before marking the origin as unhealthy. Retries are attempted - immediately. Defaults to `2`. + description: |- + (Number) The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to 2. + The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to `2`. type: number suspended: - description: If suspended, no health checks are sent to the origin. - Defaults to `false`. + description: |- + (Boolean) If suspended, no health checks are sent to the origin. Defaults to false. + If suspended, no health checks are sent to the origin. Defaults to `false`. type: boolean timeout: - description: The timeout (in seconds) before marking the health - check as failed. Defaults to `5`. + description: |- + (Number) The timeout (in seconds) before marking the health check as failed. Defaults to 5. + The timeout (in seconds) before marking the health check as failed. Defaults to `5`. type: number type: - description: 'The protocol to use for the health check. Available - values: `TCP`, `HTTP`, `HTTPS`.' + description: |- + (String) The protocol to use for the health check. Available values: TCP, HTTP, HTTPS. + The protocol to use for the health check. Available values: `TCP`, `HTTP`, `HTTPS`. type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone to populate zoneId. @@ -180,21 +205,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -207,8 +232,9 @@ spec: description: Selector for a Zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -221,74 +247,270 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - address - - name - - type type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: + address: + description: |- + (String) The hostname or IP address of the origin server to run health checks on. + The hostname or IP address of the origin server to run health checks on. + type: string + allowInsecure: + description: |- + (Boolean) Do not validate the certificate when the health check uses HTTPS. Defaults to false. + Do not validate the certificate when the health check uses HTTPS. Defaults to `false`. + type: boolean + checkRegions: + description: |- + (List of String) A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: WNAM, ENAM, WEU, EEU, NSAM, SSAM, OC, ME, NAF, SAF, IN, SEAS, NEAS, ALL_REGIONS. + A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: `WNAM`, `ENAM`, `WEU`, `EEU`, `NSAM`, `SSAM`, `OC`, `ME`, `NAF`, `SAF`, `IN`, `SEAS`, `NEAS`, `ALL_REGIONS`. + items: + type: string + type: array + consecutiveFails: + description: |- + (Number) The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to 1. + The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to `1`. + type: number + consecutiveSuccesses: + description: |- + (Number) The number of consecutive successes required from a health check before changing the health to healthy. Defaults to 1. + The number of consecutive successes required from a health check before changing the health to healthy. Defaults to `1`. + type: number + description: + description: |- + readable description of the health check. + A human-readable description of the health check. + type: string + expectedBody: + description: |- + insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. + A case-insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. + type: string + expectedCodes: + description: |- + (List of String) The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. + The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. + items: + type: string + type: array + followRedirects: + description: |- + (Boolean) Follow redirects if the origin returns a 3xx status code. Defaults to false. + Follow redirects if the origin returns a 3xx status code. Defaults to `false`. + type: boolean + header: + description: |- + Agent header cannot be overridden. (see below for nested schema) + The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. + items: + properties: + header: + description: |- + Agent header cannot be overridden. (see below for nested schema) + The header name. + type: string + values: + description: |- + (Set of String) A list of string values for the header. + A list of string values for the header. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array + interval: + description: |- + (Number) The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to 60. + The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to `60`. + type: number + method: + description: |- + (String) The HTTP method to use for the health check. Available values: connection_established, GET, HEAD. + The HTTP method to use for the health check. Available values: `connection_established`, `GET`, `HEAD`. + type: string name: - description: Name of the referenced object. + description: |- + (String) A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. + A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. type: string - policy: - description: Policies for referencing. + path: + description: |- + (String) The endpoint path to health check against. Defaults to /. + The endpoint path to health check against. Defaults to `/`. + type: string + port: + description: |- + (Number) Port number to connect to for the health check. Defaults to 80. + Port number to connect to for the health check. Defaults to `80`. + type: number + retries: + description: |- + (Number) The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to 2. + The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to `2`. + type: number + suspended: + description: |- + (Boolean) If suspended, no health checks are sent to the origin. Defaults to false. + If suspended, no health checks are sent to the origin. Defaults to `false`. + type: boolean + timeout: + description: |- + (Number) The timeout (in seconds) before marking the health check as failed. Defaults to 5. + The timeout (in seconds) before marking the health check as failed. Defaults to `5`. + type: number + type: + description: |- + (String) The protocol to use for the health check. Available values: TCP, HTTP, HTTPS. + The protocol to use for the health check. Available values: `TCP`, `HTTP`, `HTTPS`. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -298,21 +520,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -322,17 +544,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -342,21 +566,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -371,21 +595,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -396,14 +621,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -418,18 +644,156 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.address is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.address) + || (has(self.initProvider) && has(self.initProvider.address))' + - message: spec.forProvider.name is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.name) + || (has(self.initProvider) && has(self.initProvider.name))' + - message: spec.forProvider.type is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.type) + || (has(self.initProvider) && has(self.initProvider.type))' status: description: HealthcheckStatus defines the observed state of Healthcheck. properties: atProvider: properties: + address: + description: |- + (String) The hostname or IP address of the origin server to run health checks on. + The hostname or IP address of the origin server to run health checks on. + type: string + allowInsecure: + description: |- + (Boolean) Do not validate the certificate when the health check uses HTTPS. Defaults to false. + Do not validate the certificate when the health check uses HTTPS. Defaults to `false`. + type: boolean + checkRegions: + description: |- + (List of String) A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: WNAM, ENAM, WEU, EEU, NSAM, SSAM, OC, ME, NAF, SAF, IN, SEAS, NEAS, ALL_REGIONS. + A list of regions from which to run health checks. If not set, Cloudflare will pick a default region. Available values: `WNAM`, `ENAM`, `WEU`, `EEU`, `NSAM`, `SSAM`, `OC`, `ME`, `NAF`, `SAF`, `IN`, `SEAS`, `NEAS`, `ALL_REGIONS`. + items: + type: string + type: array + consecutiveFails: + description: |- + (Number) The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to 1. + The number of consecutive fails required from a health check before changing the health to unhealthy. Defaults to `1`. + type: number + consecutiveSuccesses: + description: |- + (Number) The number of consecutive successes required from a health check before changing the health to healthy. Defaults to 1. + The number of consecutive successes required from a health check before changing the health to healthy. Defaults to `1`. + type: number createdOn: - description: Creation time. + description: |- + (String) Creation time. + Creation time. + type: string + description: + description: |- + readable description of the health check. + A human-readable description of the health check. + type: string + expectedBody: + description: |- + insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. + A case-insensitive sub-string to look for in the response body. If this string is not found the origin will be marked as unhealthy. type: string + expectedCodes: + description: |- + (List of String) The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. + The expected HTTP response codes (e.g. '200') or code ranges (e.g. '2xx' for all codes starting with 2) of the health check. + items: + type: string + type: array + followRedirects: + description: |- + (Boolean) Follow redirects if the origin returns a 3xx status code. Defaults to false. + Follow redirects if the origin returns a 3xx status code. Defaults to `false`. + type: boolean + header: + description: |- + Agent header cannot be overridden. (see below for nested schema) + The HTTP request headers to send in the health check. It is recommended you set a Host header by default. The User-Agent header cannot be overridden. + items: + properties: + header: + description: |- + Agent header cannot be overridden. (see below for nested schema) + The header name. + type: string + values: + description: |- + (Set of String) A list of string values for the header. + A list of string values for the header. + items: + type: string + type: array + x-kubernetes-list-type: set + type: object + type: array id: + description: (String) The ID of this resource. + type: string + interval: + description: |- + (Number) The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to 60. + The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase the load on the origin as we check from multiple locations. Defaults to `60`. + type: number + method: + description: |- + (String) The HTTP method to use for the health check. Available values: connection_established, GET, HEAD. + The HTTP method to use for the health check. Available values: `connection_established`, `GET`, `HEAD`. type: string modifiedOn: - description: Last modified time. + description: |- + (String) Last modified time. + Last modified time. + type: string + name: + description: |- + (String) A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. + A short name to identify the health check. Only alphanumeric characters, hyphens, and underscores are allowed. + type: string + path: + description: |- + (String) The endpoint path to health check against. Defaults to /. + The endpoint path to health check against. Defaults to `/`. + type: string + port: + description: |- + (Number) Port number to connect to for the health check. Defaults to 80. + Port number to connect to for the health check. Defaults to `80`. + type: number + retries: + description: |- + (Number) The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to 2. + The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Defaults to `2`. + type: number + suspended: + description: |- + (Boolean) If suspended, no health checks are sent to the origin. Defaults to false. + If suspended, no health checks are sent to the origin. Defaults to `false`. + type: boolean + timeout: + description: |- + (Number) The timeout (in seconds) before marking the health check as failed. Defaults to 5. + The timeout (in seconds) before marking the health check as failed. Defaults to `5`. + type: number + type: + description: |- + (String) The protocol to use for the health check. Available values: TCP, HTTP, HTTPS. + The protocol to use for the health check. Available values: `TCP`, `HTTP`, `HTTPS`. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -438,13 +802,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -455,8 +821,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -465,6 +832,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -473,9 +843,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/zone.cloudflare.upbound.io_logpullretentions.yaml b/package/crds/zone.cloudflare.upbound.io_logpullretentions.yaml index a9a5e7a..abd9bbc 100644 --- a/package/crds/zone.cloudflare.upbound.io_logpullretentions.yaml +++ b/package/crds/zone.cloudflare.upbound.io_logpullretentions.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: logpullretentions.zone.cloudflare.upbound.io spec: group: zone.cloudflare.upbound.io @@ -36,17 +35,23 @@ spec: schema: openAPIV3Schema: description: LogpullRetention is the Schema for the LogpullRetentions API. - + Allows management of the Logpull Retention settings used to control whether + or not to retain HTTP request logs. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,10 +75,12 @@ spec: forProvider: properties: enabled: + description: Whether you wish to retain logs or not. type: boolean zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + The zone ID to apply the log retention to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone to populate zoneId. @@ -81,21 +93,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -108,8 +120,9 @@ spec: description: Selector for a Zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -122,72 +135,158 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - enabled type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + enabled: + description: Whether you wish to retain logs or not. + type: boolean + zoneId: + description: |- + The zone ID to apply the log retention to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + zoneIdRef: + description: Reference to a Zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -197,21 +296,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -221,17 +320,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -241,21 +342,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -270,21 +371,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -295,14 +397,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -317,13 +420,26 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.enabled is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.enabled) + || (has(self.initProvider) && has(self.initProvider.enabled))' status: description: LogpullRetentionStatus defines the observed state of LogpullRetention. properties: atProvider: properties: + enabled: + description: Whether you wish to retain logs or not. + type: boolean id: type: string + zoneId: + description: |- + The zone ID to apply the log retention to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string type: object conditions: description: Conditions of the resource. @@ -331,13 +447,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -348,8 +466,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -358,6 +477,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -366,9 +488,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/zone.cloudflare.upbound.io_managedheaders.yaml b/package/crds/zone.cloudflare.upbound.io_managedheaders.yaml index 8e5d0e4..46e7197 100644 --- a/package/crds/zone.cloudflare.upbound.io_managedheaders.yaml +++ b/package/crds/zone.cloudflare.upbound.io_managedheaders.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: managedheaders.zone.cloudflare.upbound.io spec: group: zone.cloudflare.upbound.io @@ -35,18 +34,25 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: ManagedHeaders is the Schema for the ManagedHeaderss API. + description: ManagedHeaders is the Schema for the ManagedHeaderss API. The + Cloudflare Managed Headers https://developers.cloudflare.com/rules/transform/managed-transforms/ + allows you to add or remove some predefined headers to one's requests or + origin responses. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +61,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,37 +76,45 @@ spec: forProvider: properties: managedRequestHeaders: - description: The list of managed request headers. + description: |- + (Block Set) The list of managed request headers. (see below for nested schema) + The list of managed request headers. items: properties: enabled: - description: Whether the headers rule is active. + description: |- + (Boolean) Whether the headers rule is active. + Whether the headers rule is active. type: boolean id: - description: Unique headers rule identifier. + description: |- + (String) The ID of this resource. + Unique headers rule identifier. type: string - required: - - enabled - - id type: object type: array managedResponseHeaders: - description: The list of managed response headers. + description: |- + (Block Set) The list of managed response headers. (see below for nested schema) + The list of managed response headers. items: properties: enabled: - description: Whether the headers rule is active. + description: |- + (Boolean) Whether the headers rule is active. + Whether the headers rule is active. type: boolean id: - description: Unique headers rule identifier. + description: |- + (String) The ID of this resource. + Unique headers rule identifier. type: string - required: - - enabled - - id type: object type: array zoneId: - description: The zone identifier to target for the resource. + description: |- + (String) The zone identifier to target for the resource. + The zone identifier to target for the resource. type: string zoneIdRef: description: Reference to a Zone to populate zoneId. @@ -108,21 +127,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -135,8 +154,9 @@ spec: description: Selector for a Zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -149,21 +169,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -171,48 +191,169 @@ spec: type: object type: object type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + managedRequestHeaders: + description: |- + (Block Set) The list of managed request headers. (see below for nested schema) + The list of managed request headers. + items: + properties: + enabled: + description: |- + (Boolean) Whether the headers rule is active. + Whether the headers rule is active. + type: boolean + id: + description: |- + (String) The ID of this resource. + Unique headers rule identifier. + type: string + type: object + type: array + managedResponseHeaders: + description: |- + (Block Set) The list of managed response headers. (see below for nested schema) + The list of managed response headers. + items: + properties: + enabled: + description: |- + (Boolean) Whether the headers rule is active. + Whether the headers rule is active. + type: boolean + id: + description: |- + (String) The ID of this resource. + Unique headers rule identifier. + type: string + type: object + type: array + zoneId: + description: |- + (String) The zone identifier to target for the resource. + The zone identifier to target for the resource. type: string - policy: - description: Policies for referencing. + zoneIdRef: + description: Reference to a Zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -222,21 +363,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -246,17 +387,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -266,21 +409,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -295,21 +438,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -320,14 +464,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -348,6 +493,48 @@ spec: atProvider: properties: id: + description: (String) The ID of this resource. + type: string + managedRequestHeaders: + description: |- + (Block Set) The list of managed request headers. (see below for nested schema) + The list of managed request headers. + items: + properties: + enabled: + description: |- + (Boolean) Whether the headers rule is active. + Whether the headers rule is active. + type: boolean + id: + description: |- + (String) The ID of this resource. + Unique headers rule identifier. + type: string + type: object + type: array + managedResponseHeaders: + description: |- + (Block Set) The list of managed response headers. (see below for nested schema) + The list of managed response headers. + items: + properties: + enabled: + description: |- + (Boolean) Whether the headers rule is active. + Whether the headers rule is active. + type: boolean + id: + description: |- + (String) The ID of this resource. + Unique headers rule identifier. + type: string + type: object + type: array + zoneId: + description: |- + (String) The zone identifier to target for the resource. + The zone identifier to target for the resource. type: string type: object conditions: @@ -356,13 +543,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -373,8 +562,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -383,6 +573,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -391,9 +584,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/zone.cloudflare.upbound.io_ratelimits.yaml b/package/crds/zone.cloudflare.upbound.io_ratelimits.yaml index 41098bd..7cda10e 100644 --- a/package/crds/zone.cloudflare.upbound.io_ratelimits.yaml +++ b/package/crds/zone.cloudflare.upbound.io_ratelimits.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: ratelimits.zone.cloudflare.upbound.io spec: group: zone.cloudflare.upbound.io @@ -35,17 +34,23 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: RateLimit is the Schema for the RateLimits API. + description: RateLimit is the Schema for the RateLimits API. Provides a Cloudflare + rate limit resource for a particular zone. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,88 +74,149 @@ spec: forProvider: properties: action: + description: The action to be performed when the threshold of + matched traffic within the period defined is exceeded. items: properties: mode: + description: The type of action to perform. Allowable values + are 'simulate', 'ban', 'challenge', 'js_challenge' and + 'managed_challenge'. type: string response: + description: Matches HTTP responses before they are returned + to the client from Cloudflare. If this is defined, then + the entire counting of traffic occurs at this stage. This + field is not required. items: properties: body: + description: The body to return, the content here + should conform to the content_type. type: string contentType: + description: 'The content-type of the body, must be + one of: ''text/plain'', ''text/xml'', ''application/json''.' type: string - required: - - body - - contentType type: object type: array timeout: + description: 'The time in seconds as an integer to perform + the mitigation action. This field is required if the mode + is either simulate or ban. Must be the same or greater + than the period (min: 1, max: 86400).' type: number - required: - - mode type: object type: array bypassUrlPatterns: + description: URLs matching the patterns specified here will be + excluded from rate limiting. items: type: string type: array + x-kubernetes-list-type: set correlate: + description: Determines how rate limiting is applied. By default + if not specified, rate limiting applies to the clients IP address. items: properties: by: + description: If set to 'nat', NAT support will be enabled + for rate limiting. type: string type: object type: array description: + description: A note that you can use to describe the reason for + a rate limit. This value is sanitized and all tags are removed. type: string disabled: - description: Defaults to `false`. + description: |- + Whether this ratelimit is currently disabled. Default: false. + Defaults to `false`. type: boolean match: + description: Determines which traffic the rate limit counts towards + the threshold. By default matches all traffic in the zone. See + definition below. items: properties: request: + description: Matches HTTP requests (from the client to Cloudflare). + See definition below. items: properties: methods: + description: 'HTTP Methods, can be a subset [''POST'',''PUT''] + or all [''_ALL_'']. Default: [''_ALL_''].' items: type: string type: array + x-kubernetes-list-type: set schemes: + description: 'HTTP Schemes, can be one [''HTTPS''], + both [''HTTP'',''HTTPS''] or all [''_ALL_'']. Default: + [''_ALL_''].' items: type: string type: array + x-kubernetes-list-type: set urlPattern: + description: 'The URL pattern to match comprised of + the host and path, i.e. example.org/path. Wildcard + are expanded to match applicable traffic, query + strings are not matched. Use _ for all traffic to + your zone. Default: ''_''.' type: string type: object type: array response: + description: Matches HTTP responses before they are returned + to the client from Cloudflare. If this is defined, then + the entire counting of traffic occurs at this stage. This + field is not required. items: properties: headers: + description: 'block is a list of maps with the following + attributes:' items: additionalProperties: type: string type: object type: array originTraffic: + description: 'Only count traffic that has come from + your origin servers. If true, cached items that + Cloudflare serve will not count towards rate limiting. + Default: true.' type: boolean statuses: + description: HTTP Status codes, can be one [403], + many [401,403] or indicate all by not providing + this value. items: type: number type: array + x-kubernetes-list-type: set type: object type: array type: object type: array period: + description: 'The time in seconds to count matching traffic. If + the count exceeds threshold within this period the action will + be performed (min: 1, max: 86,400).' type: number threshold: + description: 'The threshold that triggers the rate limit mitigations, + combine with period. i.e. threshold per period (min: 2, max: + 1,000,000).' type: number zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + The DNS zone ID to apply rate limiting to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone to populate zoneId. @@ -158,21 +229,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -185,8 +256,9 @@ spec: description: Selector for a Zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -199,74 +271,295 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - action - - period - - threshold type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + action: + description: The action to be performed when the threshold of + matched traffic within the period defined is exceeded. + items: + properties: + mode: + description: The type of action to perform. Allowable values + are 'simulate', 'ban', 'challenge', 'js_challenge' and + 'managed_challenge'. + type: string + response: + description: Matches HTTP responses before they are returned + to the client from Cloudflare. If this is defined, then + the entire counting of traffic occurs at this stage. This + field is not required. + items: + properties: + body: + description: The body to return, the content here + should conform to the content_type. + type: string + contentType: + description: 'The content-type of the body, must be + one of: ''text/plain'', ''text/xml'', ''application/json''.' + type: string + type: object + type: array + timeout: + description: 'The time in seconds as an integer to perform + the mitigation action. This field is required if the mode + is either simulate or ban. Must be the same or greater + than the period (min: 1, max: 86400).' + type: number + type: object + type: array + bypassUrlPatterns: + description: URLs matching the patterns specified here will be + excluded from rate limiting. + items: + type: string + type: array + x-kubernetes-list-type: set + correlate: + description: Determines how rate limiting is applied. By default + if not specified, rate limiting applies to the clients IP address. + items: + properties: + by: + description: If set to 'nat', NAT support will be enabled + for rate limiting. + type: string + type: object + type: array + description: + description: A note that you can use to describe the reason for + a rate limit. This value is sanitized and all tags are removed. type: string - policy: - description: Policies for referencing. + disabled: + description: |- + Whether this ratelimit is currently disabled. Default: false. + Defaults to `false`. + type: boolean + match: + description: Determines which traffic the rate limit counts towards + the threshold. By default matches all traffic in the zone. See + definition below. + items: + properties: + request: + description: Matches HTTP requests (from the client to Cloudflare). + See definition below. + items: + properties: + methods: + description: 'HTTP Methods, can be a subset [''POST'',''PUT''] + or all [''_ALL_'']. Default: [''_ALL_''].' + items: + type: string + type: array + x-kubernetes-list-type: set + schemes: + description: 'HTTP Schemes, can be one [''HTTPS''], + both [''HTTP'',''HTTPS''] or all [''_ALL_'']. Default: + [''_ALL_''].' + items: + type: string + type: array + x-kubernetes-list-type: set + urlPattern: + description: 'The URL pattern to match comprised of + the host and path, i.e. example.org/path. Wildcard + are expanded to match applicable traffic, query + strings are not matched. Use _ for all traffic to + your zone. Default: ''_''.' + type: string + type: object + type: array + response: + description: Matches HTTP responses before they are returned + to the client from Cloudflare. If this is defined, then + the entire counting of traffic occurs at this stage. This + field is not required. + items: + properties: + headers: + description: 'block is a list of maps with the following + attributes:' + items: + additionalProperties: + type: string + type: object + type: array + originTraffic: + description: 'Only count traffic that has come from + your origin servers. If true, cached items that + Cloudflare serve will not count towards rate limiting. + Default: true.' + type: boolean + statuses: + description: HTTP Status codes, can be one [403], + many [401,403] or indicate all by not providing + this value. + items: + type: number + type: array + x-kubernetes-list-type: set + type: object + type: array + type: object + type: array + period: + description: 'The time in seconds to count matching traffic. If + the count exceeds threshold within this period the action will + be performed (min: 1, max: 86,400).' + type: number + threshold: + description: 'The threshold that triggers the rate limit mitigations, + combine with period. i.e. threshold per period (min: 2, max: + 1,000,000).' + type: number + zoneId: + description: |- + The DNS zone ID to apply rate limiting to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -276,21 +569,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -300,17 +593,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -320,21 +615,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -349,21 +644,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -374,14 +670,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -396,12 +693,171 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.action is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.action) + || (has(self.initProvider) && has(self.initProvider.action))' + - message: spec.forProvider.period is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.period) + || (has(self.initProvider) && has(self.initProvider.period))' + - message: spec.forProvider.threshold is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.threshold) + || (has(self.initProvider) && has(self.initProvider.threshold))' status: description: RateLimitStatus defines the observed state of RateLimit. properties: atProvider: properties: + action: + description: The action to be performed when the threshold of + matched traffic within the period defined is exceeded. + items: + properties: + mode: + description: The type of action to perform. Allowable values + are 'simulate', 'ban', 'challenge', 'js_challenge' and + 'managed_challenge'. + type: string + response: + description: Matches HTTP responses before they are returned + to the client from Cloudflare. If this is defined, then + the entire counting of traffic occurs at this stage. This + field is not required. + items: + properties: + body: + description: The body to return, the content here + should conform to the content_type. + type: string + contentType: + description: 'The content-type of the body, must be + one of: ''text/plain'', ''text/xml'', ''application/json''.' + type: string + type: object + type: array + timeout: + description: 'The time in seconds as an integer to perform + the mitigation action. This field is required if the mode + is either simulate or ban. Must be the same or greater + than the period (min: 1, max: 86400).' + type: number + type: object + type: array + bypassUrlPatterns: + description: URLs matching the patterns specified here will be + excluded from rate limiting. + items: + type: string + type: array + x-kubernetes-list-type: set + correlate: + description: Determines how rate limiting is applied. By default + if not specified, rate limiting applies to the clients IP address. + items: + properties: + by: + description: If set to 'nat', NAT support will be enabled + for rate limiting. + type: string + type: object + type: array + description: + description: A note that you can use to describe the reason for + a rate limit. This value is sanitized and all tags are removed. + type: string + disabled: + description: |- + Whether this ratelimit is currently disabled. Default: false. + Defaults to `false`. + type: boolean id: + description: The Rate limit ID. + type: string + match: + description: Determines which traffic the rate limit counts towards + the threshold. By default matches all traffic in the zone. See + definition below. + items: + properties: + request: + description: Matches HTTP requests (from the client to Cloudflare). + See definition below. + items: + properties: + methods: + description: 'HTTP Methods, can be a subset [''POST'',''PUT''] + or all [''_ALL_'']. Default: [''_ALL_''].' + items: + type: string + type: array + x-kubernetes-list-type: set + schemes: + description: 'HTTP Schemes, can be one [''HTTPS''], + both [''HTTP'',''HTTPS''] or all [''_ALL_'']. Default: + [''_ALL_''].' + items: + type: string + type: array + x-kubernetes-list-type: set + urlPattern: + description: 'The URL pattern to match comprised of + the host and path, i.e. example.org/path. Wildcard + are expanded to match applicable traffic, query + strings are not matched. Use _ for all traffic to + your zone. Default: ''_''.' + type: string + type: object + type: array + response: + description: Matches HTTP responses before they are returned + to the client from Cloudflare. If this is defined, then + the entire counting of traffic occurs at this stage. This + field is not required. + items: + properties: + headers: + description: 'block is a list of maps with the following + attributes:' + items: + additionalProperties: + type: string + type: object + type: array + originTraffic: + description: 'Only count traffic that has come from + your origin servers. If true, cached items that + Cloudflare serve will not count towards rate limiting. + Default: true.' + type: boolean + statuses: + description: HTTP Status codes, can be one [403], + many [401,403] or indicate all by not providing + this value. + items: + type: number + type: array + x-kubernetes-list-type: set + type: object + type: array + type: object + type: array + period: + description: 'The time in seconds to count matching traffic. If + the count exceeds threshold within this period the action will + be performed (min: 1, max: 86,400).' + type: number + threshold: + description: 'The threshold that triggers the rate limit mitigations, + combine with period. i.e. threshold per period (min: 2, max: + 1,000,000).' + type: number + zoneId: + description: |- + The DNS zone ID to apply rate limiting to. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -410,13 +866,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -427,8 +885,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -437,6 +896,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -445,9 +907,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/zone.cloudflare.upbound.io_settingsoverrides.yaml b/package/crds/zone.cloudflare.upbound.io_settingsoverrides.yaml index d7dd0ee..e63b8f9 100644 --- a/package/crds/zone.cloudflare.upbound.io_settingsoverrides.yaml +++ b/package/crds/zone.cloudflare.upbound.io_settingsoverrides.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: settingsoverrides.zone.cloudflare.upbound.io spec: group: zone.cloudflare.upbound.io @@ -36,17 +35,22 @@ spec: schema: openAPIV3Schema: description: SettingsOverride is the Schema for the SettingsOverrides API. - + Provides a resource which customizes Cloudflare zone settings. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,164 +74,236 @@ spec: forProvider: properties: settings: + description: Settings overrides that will be applied to the zone. + If a setting is not specified the existing setting will be used. + For a full list of available settings see below. items: properties: alwaysOnline: + description: '(default: on)' type: string alwaysUseHttps: + description: '(default: off)' type: string automaticHttpsRewrites: + description: (default value depends on the zone's plan level) type: string binaryAst: + description: '(default: off)' type: string brotli: + description: '(default: off)' type: string browserCacheTtl: + description: '(default: 14400)' type: number browserCheck: + description: '(default: on)' type: string cacheLevel: + description: 'Allowed values: "aggressive" (default) - delivers + a different resource each time the query string changes, + "basic" - delivers resources from cache when there is + no query string, "simplified" - delivers the same resource + to everyone independent of the query string.' type: string challengeTtl: + description: '(default: 1800)' type: number ciphers: + description: An allowlist of ciphers for TLS termination. + These ciphers must be in the BoringSSL format. items: type: string type: array cnameFlattening: + description: 'Allowed values: "flatten_at_root" (default), + "flatten_all", "flatten_none".' type: string developmentMode: + description: '(default: off)' type: string earlyHints: + description: '(default: off)' type: string emailObfuscation: + description: '(default: on)' type: string filterLogsToCloudflare: + description: '(default: off)' type: string h2Prioritization: + description: 'Allowed values: "on", "off" (default), "custom".' type: string hotlinkProtection: + description: '(default: off)' type: string http2: + description: '(default: off)' type: string http3: + description: '(default: off)' type: string imageResizing: + description: 'Allowed values: "on", "off" (default), "open".' type: string ipGeolocation: + description: '(default: on)' type: string ipv6: + description: '(default: off)' type: string logToCloudflare: + description: '(default: off)' type: string maxUpload: + description: '(default: 100)' type: number minTlsVersion: + description: 'Allowed values: "1.0" (default), "1.1", "1.2", + "1.3".' type: string minify: items: properties: css: + description: '"on"/"off"' type: string html: + description: '"on"/"off"' type: string js: + description: '"on"/"off"' type: string - required: - - css - - html - - js type: object type: array mirage: + description: '(default: off)' type: string mobileRedirect: items: properties: mobileSubdomain: + description: String value type: string status: + description: '"on"/"off"' type: string stripUri: + description: true/false type: boolean - required: - - mobileSubdomain - - status - - stripUri type: object type: array opportunisticEncryption: + description: (default value depends on the zone's plan level) type: string opportunisticOnion: + description: '(default: off)' type: string orangeToOrange: + description: '(default: off)' type: string originErrorPagePassThru: + description: '(default: off)' type: string originMaxHttpVersion: + description: 'Allowed values: "1" (default on Enterprise), + "2" (default)' type: string polish: + description: 'Allowed values: "off" (default), "lossless", + "lossy".' type: string prefetchPreload: + description: '(default: off)' type: string privacyPass: + description: '(default: on)' type: string proxyReadTimeout: + description: '(default: "100")' type: string pseudoIpv4: + description: 'Allowed values: "off" (default), "add_header", + "overwrite_header".' type: string responseBuffering: + description: '(default: off)' type: string rocketLoader: + description: '(default: off)' type: string securityHeader: items: properties: enabled: + description: true/false type: boolean includeSubdomains: + description: true/false type: boolean maxAge: + description: Integer type: number nosniff: + description: true/false type: boolean preload: + description: true/false type: boolean type: object type: array securityLevel: + description: 'Allowed values: "off" (Enterprise only), "essentially_off", + "low", "medium" (default), "high", "under_attack".' type: string serverSideExclude: + description: '(default: on)' type: string sortQueryStringForCache: + description: '(default: off)' type: string ssl: + description: 'Allowed values: "off" (default), "flexible", + "full", "strict", "origin_pull".' type: string tls12Only: type: string tls13: + description: 'Allowed values: "off" (default), "on", "zrt".' type: string tlsClientAuth: + description: '(default: on)' type: string trueClientIpHeader: + description: '(default: off)' type: string universalSsl: + description: '(default: on)' type: string visitorIp: + description: '(default: off)' type: string waf: + description: '(default: off)' type: string webp: + description: '(default: off). Note that the value specified + will be ignored unless polish is turned on (i.e. is "lossless" + or "lossy")' type: string websockets: + description: '(default: off)' type: string zeroRtt: + description: '(default: off)' type: string type: object type: array zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + The DNS zone ID to which apply settings. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone to populate zoneId. @@ -235,21 +316,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -262,8 +343,9 @@ spec: description: Selector for a Zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -276,21 +358,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -298,48 +380,360 @@ spec: type: object type: object type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + settings: + description: Settings overrides that will be applied to the zone. + If a setting is not specified the existing setting will be used. + For a full list of available settings see below. + items: + properties: + alwaysOnline: + description: '(default: on)' + type: string + alwaysUseHttps: + description: '(default: off)' + type: string + automaticHttpsRewrites: + description: (default value depends on the zone's plan level) + type: string + binaryAst: + description: '(default: off)' + type: string + brotli: + description: '(default: off)' + type: string + browserCacheTtl: + description: '(default: 14400)' + type: number + browserCheck: + description: '(default: on)' + type: string + cacheLevel: + description: 'Allowed values: "aggressive" (default) - delivers + a different resource each time the query string changes, + "basic" - delivers resources from cache when there is + no query string, "simplified" - delivers the same resource + to everyone independent of the query string.' + type: string + challengeTtl: + description: '(default: 1800)' + type: number + ciphers: + description: An allowlist of ciphers for TLS termination. + These ciphers must be in the BoringSSL format. + items: + type: string + type: array + cnameFlattening: + description: 'Allowed values: "flatten_at_root" (default), + "flatten_all", "flatten_none".' + type: string + developmentMode: + description: '(default: off)' + type: string + earlyHints: + description: '(default: off)' + type: string + emailObfuscation: + description: '(default: on)' + type: string + filterLogsToCloudflare: + description: '(default: off)' + type: string + h2Prioritization: + description: 'Allowed values: "on", "off" (default), "custom".' + type: string + hotlinkProtection: + description: '(default: off)' + type: string + http2: + description: '(default: off)' + type: string + http3: + description: '(default: off)' + type: string + imageResizing: + description: 'Allowed values: "on", "off" (default), "open".' + type: string + ipGeolocation: + description: '(default: on)' + type: string + ipv6: + description: '(default: off)' + type: string + logToCloudflare: + description: '(default: off)' + type: string + maxUpload: + description: '(default: 100)' + type: number + minTlsVersion: + description: 'Allowed values: "1.0" (default), "1.1", "1.2", + "1.3".' + type: string + minify: + items: + properties: + css: + description: '"on"/"off"' + type: string + html: + description: '"on"/"off"' + type: string + js: + description: '"on"/"off"' + type: string + type: object + type: array + mirage: + description: '(default: off)' + type: string + mobileRedirect: + items: + properties: + mobileSubdomain: + description: String value + type: string + status: + description: '"on"/"off"' + type: string + stripUri: + description: true/false + type: boolean + type: object + type: array + opportunisticEncryption: + description: (default value depends on the zone's plan level) + type: string + opportunisticOnion: + description: '(default: off)' + type: string + orangeToOrange: + description: '(default: off)' + type: string + originErrorPagePassThru: + description: '(default: off)' + type: string + originMaxHttpVersion: + description: 'Allowed values: "1" (default on Enterprise), + "2" (default)' + type: string + polish: + description: 'Allowed values: "off" (default), "lossless", + "lossy".' + type: string + prefetchPreload: + description: '(default: off)' + type: string + privacyPass: + description: '(default: on)' + type: string + proxyReadTimeout: + description: '(default: "100")' + type: string + pseudoIpv4: + description: 'Allowed values: "off" (default), "add_header", + "overwrite_header".' + type: string + responseBuffering: + description: '(default: off)' + type: string + rocketLoader: + description: '(default: off)' + type: string + securityHeader: + items: + properties: + enabled: + description: true/false + type: boolean + includeSubdomains: + description: true/false + type: boolean + maxAge: + description: Integer + type: number + nosniff: + description: true/false + type: boolean + preload: + description: true/false + type: boolean + type: object + type: array + securityLevel: + description: 'Allowed values: "off" (Enterprise only), "essentially_off", + "low", "medium" (default), "high", "under_attack".' + type: string + serverSideExclude: + description: '(default: on)' + type: string + sortQueryStringForCache: + description: '(default: off)' + type: string + ssl: + description: 'Allowed values: "off" (default), "flexible", + "full", "strict", "origin_pull".' + type: string + tls12Only: + type: string + tls13: + description: 'Allowed values: "off" (default), "on", "zrt".' + type: string + tlsClientAuth: + description: '(default: on)' + type: string + trueClientIpHeader: + description: '(default: off)' + type: string + universalSsl: + description: '(default: on)' + type: string + visitorIp: + description: '(default: off)' + type: string + waf: + description: '(default: off)' + type: string + webp: + description: '(default: off). Note that the value specified + will be ignored unless polish is turned on (i.e. is "lossless" + or "lossy")' + type: string + websockets: + description: '(default: off)' + type: string + zeroRtt: + description: '(default: off)' + type: string + type: object + type: array + zoneId: + description: |- + The DNS zone ID to which apply settings. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string - policy: - description: Policies for referencing. + zoneIdRef: + description: Reference to a Zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -349,21 +743,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -373,17 +767,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -393,21 +789,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -422,21 +818,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -447,14 +844,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -475,164 +873,485 @@ spec: atProvider: properties: id: + description: The zone ID. type: string initialSettings: + description: Settings present in the zone at the time the resource + is created. This will be used to restore the original settings + when this resource is destroyed. Shares the same schema as the + settings attribute (Above). items: properties: alwaysOnline: + description: '(default: on)' type: string alwaysUseHttps: + description: '(default: off)' type: string automaticHttpsRewrites: + description: (default value depends on the zone's plan level) type: string binaryAst: + description: '(default: off)' type: string brotli: + description: '(default: off)' type: string browserCacheTtl: + description: '(default: 14400)' type: number browserCheck: + description: '(default: on)' type: string cacheLevel: + description: 'Allowed values: "aggressive" (default) - delivers + a different resource each time the query string changes, + "basic" - delivers resources from cache when there is + no query string, "simplified" - delivers the same resource + to everyone independent of the query string.' type: string challengeTtl: + description: '(default: 1800)' type: number ciphers: + description: An allowlist of ciphers for TLS termination. + These ciphers must be in the BoringSSL format. items: type: string type: array cnameFlattening: + description: 'Allowed values: "flatten_at_root" (default), + "flatten_all", "flatten_none".' type: string developmentMode: + description: '(default: off)' type: string earlyHints: + description: '(default: off)' type: string emailObfuscation: + description: '(default: on)' type: string filterLogsToCloudflare: + description: '(default: off)' type: string h2Prioritization: + description: 'Allowed values: "on", "off" (default), "custom".' type: string hotlinkProtection: + description: '(default: off)' type: string http2: + description: '(default: off)' type: string http3: + description: '(default: off)' type: string imageResizing: + description: 'Allowed values: "on", "off" (default), "open".' type: string ipGeolocation: + description: '(default: on)' type: string ipv6: + description: '(default: off)' type: string logToCloudflare: + description: '(default: off)' type: string maxUpload: + description: '(default: 100)' type: number minTlsVersion: + description: 'Allowed values: "1.0" (default), "1.1", "1.2", + "1.3".' type: string minify: items: properties: css: + description: '"on"/"off"' type: string html: + description: '"on"/"off"' type: string js: + description: '"on"/"off"' type: string type: object type: array mirage: + description: '(default: off)' type: string mobileRedirect: items: properties: mobileSubdomain: + description: String value type: string status: + description: '"on"/"off"' type: string stripUri: + description: true/false type: boolean type: object type: array opportunisticEncryption: + description: (default value depends on the zone's plan level) type: string opportunisticOnion: + description: '(default: off)' type: string orangeToOrange: + description: '(default: off)' type: string originErrorPagePassThru: + description: '(default: off)' type: string originMaxHttpVersion: + description: 'Allowed values: "1" (default on Enterprise), + "2" (default)' type: string polish: + description: 'Allowed values: "off" (default), "lossless", + "lossy".' type: string prefetchPreload: + description: '(default: off)' type: string privacyPass: + description: '(default: on)' type: string proxyReadTimeout: + description: '(default: "100")' type: string pseudoIpv4: + description: 'Allowed values: "off" (default), "add_header", + "overwrite_header".' type: string responseBuffering: + description: '(default: off)' type: string rocketLoader: + description: '(default: off)' type: string securityHeader: items: properties: enabled: + description: true/false type: boolean includeSubdomains: + description: true/false type: boolean maxAge: + description: Integer type: number nosniff: + description: true/false type: boolean preload: + description: true/false type: boolean type: object type: array securityLevel: + description: 'Allowed values: "off" (Enterprise only), "essentially_off", + "low", "medium" (default), "high", "under_attack".' type: string serverSideExclude: + description: '(default: on)' type: string sortQueryStringForCache: + description: '(default: off)' type: string ssl: + description: 'Allowed values: "off" (default), "flexible", + "full", "strict", "origin_pull".' type: string tls12Only: type: string tls13: + description: 'Allowed values: "off" (default), "on", "zrt".' type: string tlsClientAuth: + description: '(default: on)' type: string trueClientIpHeader: + description: '(default: off)' type: string universalSsl: + description: '(default: on)' type: string visitorIp: + description: '(default: off)' type: string waf: + description: '(default: off)' type: string webp: + description: '(default: off). Note that the value specified + will be ignored unless polish is turned on (i.e. is "lossless" + or "lossy")' type: string websockets: + description: '(default: off)' type: string zeroRtt: + description: '(default: off)' type: string type: object type: array initialSettingsReadAt: + description: Time when this resource was created and the initial_settings + were set. type: string readonlySettings: + description: Which of the current settings are not able to be + set by the user. Which settings these are is determined by plan + level and user permissions. items: type: string type: array + settings: + description: Settings overrides that will be applied to the zone. + If a setting is not specified the existing setting will be used. + For a full list of available settings see below. + items: + properties: + alwaysOnline: + description: '(default: on)' + type: string + alwaysUseHttps: + description: '(default: off)' + type: string + automaticHttpsRewrites: + description: (default value depends on the zone's plan level) + type: string + binaryAst: + description: '(default: off)' + type: string + brotli: + description: '(default: off)' + type: string + browserCacheTtl: + description: '(default: 14400)' + type: number + browserCheck: + description: '(default: on)' + type: string + cacheLevel: + description: 'Allowed values: "aggressive" (default) - delivers + a different resource each time the query string changes, + "basic" - delivers resources from cache when there is + no query string, "simplified" - delivers the same resource + to everyone independent of the query string.' + type: string + challengeTtl: + description: '(default: 1800)' + type: number + ciphers: + description: An allowlist of ciphers for TLS termination. + These ciphers must be in the BoringSSL format. + items: + type: string + type: array + cnameFlattening: + description: 'Allowed values: "flatten_at_root" (default), + "flatten_all", "flatten_none".' + type: string + developmentMode: + description: '(default: off)' + type: string + earlyHints: + description: '(default: off)' + type: string + emailObfuscation: + description: '(default: on)' + type: string + filterLogsToCloudflare: + description: '(default: off)' + type: string + h2Prioritization: + description: 'Allowed values: "on", "off" (default), "custom".' + type: string + hotlinkProtection: + description: '(default: off)' + type: string + http2: + description: '(default: off)' + type: string + http3: + description: '(default: off)' + type: string + imageResizing: + description: 'Allowed values: "on", "off" (default), "open".' + type: string + ipGeolocation: + description: '(default: on)' + type: string + ipv6: + description: '(default: off)' + type: string + logToCloudflare: + description: '(default: off)' + type: string + maxUpload: + description: '(default: 100)' + type: number + minTlsVersion: + description: 'Allowed values: "1.0" (default), "1.1", "1.2", + "1.3".' + type: string + minify: + items: + properties: + css: + description: '"on"/"off"' + type: string + html: + description: '"on"/"off"' + type: string + js: + description: '"on"/"off"' + type: string + type: object + type: array + mirage: + description: '(default: off)' + type: string + mobileRedirect: + items: + properties: + mobileSubdomain: + description: String value + type: string + status: + description: '"on"/"off"' + type: string + stripUri: + description: true/false + type: boolean + type: object + type: array + opportunisticEncryption: + description: (default value depends on the zone's plan level) + type: string + opportunisticOnion: + description: '(default: off)' + type: string + orangeToOrange: + description: '(default: off)' + type: string + originErrorPagePassThru: + description: '(default: off)' + type: string + originMaxHttpVersion: + description: 'Allowed values: "1" (default on Enterprise), + "2" (default)' + type: string + polish: + description: 'Allowed values: "off" (default), "lossless", + "lossy".' + type: string + prefetchPreload: + description: '(default: off)' + type: string + privacyPass: + description: '(default: on)' + type: string + proxyReadTimeout: + description: '(default: "100")' + type: string + pseudoIpv4: + description: 'Allowed values: "off" (default), "add_header", + "overwrite_header".' + type: string + responseBuffering: + description: '(default: off)' + type: string + rocketLoader: + description: '(default: off)' + type: string + securityHeader: + items: + properties: + enabled: + description: true/false + type: boolean + includeSubdomains: + description: true/false + type: boolean + maxAge: + description: Integer + type: number + nosniff: + description: true/false + type: boolean + preload: + description: true/false + type: boolean + type: object + type: array + securityLevel: + description: 'Allowed values: "off" (Enterprise only), "essentially_off", + "low", "medium" (default), "high", "under_attack".' + type: string + serverSideExclude: + description: '(default: on)' + type: string + sortQueryStringForCache: + description: '(default: off)' + type: string + ssl: + description: 'Allowed values: "off" (default), "flexible", + "full", "strict", "origin_pull".' + type: string + tls12Only: + type: string + tls13: + description: 'Allowed values: "off" (default), "on", "zrt".' + type: string + tlsClientAuth: + description: '(default: on)' + type: string + trueClientIpHeader: + description: '(default: off)' + type: string + universalSsl: + description: '(default: on)' + type: string + visitorIp: + description: '(default: off)' + type: string + waf: + description: '(default: off)' + type: string + webp: + description: '(default: off). Note that the value specified + will be ignored unless polish is turned on (i.e. is "lossless" + or "lossy")' + type: string + websockets: + description: '(default: off)' + type: string + zeroRtt: + description: '(default: off)' + type: string + type: object + type: array + zoneId: + description: |- + The DNS zone ID to which apply settings. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string zoneStatus: + description: hosted zone or a CNAME setup. type: string zoneType: + description: '. Status of the zone. Valid values: active, pending, + initializing, moved, deleted, deactivated.' type: string type: object conditions: @@ -641,13 +1360,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -658,8 +1379,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -668,6 +1390,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -676,9 +1401,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/zone.cloudflare.upbound.io_tieredcaches.yaml b/package/crds/zone.cloudflare.upbound.io_tieredcaches.yaml index 994030b..5ca94b7 100644 --- a/package/crds/zone.cloudflare.upbound.io_tieredcaches.yaml +++ b/package/crds/zone.cloudflare.upbound.io_tieredcaches.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: tieredcaches.zone.cloudflare.upbound.io spec: group: zone.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: TieredCache is the Schema for the TieredCaches API. + description: TieredCache is the Schema for the TieredCaches API. Provides + a resource, that manages Cloudflare Tiered Cache settings. This allows you + to adjust topologies for your zone. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,12 +75,14 @@ spec: forProvider: properties: cacheType: - description: 'The typed of tiered cache to utilize on the zone. - Available values: `generic`, `smart`, `off`.' + description: |- + (String) The typed of tiered cache to utilize on the zone. Available values: generic, smart, off. + The typed of tiered cache to utilize on the zone. Available values: `generic`, `smart`, `off`. type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone to populate zoneId. @@ -82,21 +95,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -109,8 +122,9 @@ spec: description: Selector for a Zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -123,72 +137,160 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - cacheType type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + cacheType: + description: |- + (String) The typed of tiered cache to utilize on the zone. Available values: generic, smart, off. + The typed of tiered cache to utilize on the zone. Available values: `generic`, `smart`, `off`. type: string - policy: - description: Policies for referencing. + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -198,21 +300,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -222,17 +324,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -242,21 +346,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -271,21 +375,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -296,14 +401,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -318,12 +424,28 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.cacheType is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.cacheType) + || (has(self.initProvider) && has(self.initProvider.cacheType))' status: description: TieredCacheStatus defines the observed state of TieredCache. properties: atProvider: properties: + cacheType: + description: |- + (String) The typed of tiered cache to utilize on the zone. Available values: generic, smart, off. + The typed of tiered cache to utilize on the zone. Available values: `generic`, `smart`, `off`. + type: string id: + description: (String) The ID of this resource. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -332,13 +454,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -349,8 +473,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -359,6 +484,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -367,9 +495,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/zone.cloudflare.upbound.io_totaltls.yaml b/package/crds/zone.cloudflare.upbound.io_totaltls.yaml deleted file mode 100644 index 2d6ec17..0000000 --- a/package/crds/zone.cloudflare.upbound.io_totaltls.yaml +++ /dev/null @@ -1,378 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - name: totaltls.zone.cloudflare.upbound.io -spec: - group: zone.cloudflare.upbound.io - names: - categories: - - crossplane - - managed - - cloudflare - kind: TotalTLS - listKind: TotalTLSList - plural: totaltls - singular: totaltls - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNCED - type: string - - jsonPath: .metadata.annotations.crossplane\.io/external-name - name: EXTERNAL-NAME - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: TotalTLS is the Schema for the TotalTLSs API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TotalTLSSpec defines the desired state of TotalTLS - properties: - deletionPolicy: - default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. - enum: - - Orphan - - Delete - type: string - forProvider: - properties: - certificateAuthority: - description: 'The Certificate Authority that Total TLS certificates - will be issued through. Available values: `google`, `lets_encrypt`.' - type: string - enabled: - description: Enable Total TLS for the zone. - type: boolean - zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** - type: string - zoneIdRef: - description: Reference to a Zone to populate zoneId. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - zoneIdSelector: - description: Selector for a Zone to populate zoneId. - properties: - matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - policy: - description: Policies for selection. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object - required: - - enabled - type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. - properties: - configRef: - default: - name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. - properties: - name: - description: Name of the referenced object. - type: string - policy: - description: Policies for referencing. - properties: - resolution: - default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - required: - - name - type: object - metadata: - description: Metadata is the metadata for connection secret. - properties: - annotations: - additionalProperties: - type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. - type: object - labels: - additionalProperties: - type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. - type: object - type: - description: Type is the SecretType for the connection secret. - - Only valid for Kubernetes Secret Stores. - type: string - type: object - name: - description: Name is the name of the connection secret. - type: string - required: - - name - type: object - writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. - properties: - name: - description: Name of the secret. - type: string - namespace: - description: Namespace of the secret. - type: string - required: - - name - - namespace - type: object - required: - - forProvider - type: object - status: - description: TotalTLSStatus defines the observed state of TotalTLS. - properties: - atProvider: - properties: - id: - type: string - type: object - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. - format: date-time - type: string - message: - description: A Message containing details about this condition's - last transition from one status to another, if any. - type: string - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/zone.cloudflare.upbound.io_totaltlses.yaml b/package/crds/zone.cloudflare.upbound.io_totaltlses.yaml new file mode 100644 index 0000000..8ba61a2 --- /dev/null +++ b/package/crds/zone.cloudflare.upbound.io_totaltlses.yaml @@ -0,0 +1,511 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 + name: totaltlses.zone.cloudflare.upbound.io +spec: + group: zone.cloudflare.upbound.io + names: + categories: + - crossplane + - managed + - cloudflare + kind: TotalTLS + listKind: TotalTLSList + plural: totaltlses + singular: totaltls + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNCED + type: string + - jsonPath: .metadata.annotations.crossplane\.io/external-name + name: EXTERNAL-NAME + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: TotalTLS is the Schema for the TotalTLSs API. Provides a resource + which manages Total TLS for a zone. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: TotalTLSSpec defines the desired state of TotalTLS + properties: + deletionPolicy: + default: Delete + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + enum: + - Orphan + - Delete + type: string + forProvider: + properties: + certificateAuthority: + description: |- + (String) The Certificate Authority that Total TLS certificates will be issued through. Available values: google, lets_encrypt. + The Certificate Authority that Total TLS certificates will be issued through. Available values: `google`, `lets_encrypt`. + type: string + enabled: + description: |- + (Boolean) Enable Total TLS for the zone. + Enable Total TLS for the zone. + type: boolean + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone to populate zoneId. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + type: object + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. + properties: + certificateAuthority: + description: |- + (String) The Certificate Authority that Total TLS certificates will be issued through. Available values: google, lets_encrypt. + The Certificate Authority that Total TLS certificates will be issued through. Available values: `google`, `lets_encrypt`. + type: string + enabled: + description: |- + (Boolean) Enable Total TLS for the zone. + Enable Total TLS for the zone. + type: boolean + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone to populate zoneId. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + type: object + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + publishConnectionDetailsTo: + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + properties: + configRef: + default: + name: default + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + metadata: + description: Metadata is the metadata for connection secret. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. + type: object + labels: + additionalProperties: + type: string + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. + type: object + type: + description: |- + Type is the SecretType for the connection secret. + - Only valid for Kubernetes Secret Stores. + type: string + type: object + name: + description: Name is the name of the connection secret. + type: string + required: + - name + type: object + writeConnectionSecretToRef: + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. + properties: + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - name + - namespace + type: object + required: + - forProvider + type: object + x-kubernetes-validations: + - message: spec.forProvider.enabled is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.enabled) + || (has(self.initProvider) && has(self.initProvider.enabled))' + status: + description: TotalTLSStatus defines the observed state of TotalTLS. + properties: + atProvider: + properties: + certificateAuthority: + description: |- + (String) The Certificate Authority that Total TLS certificates will be issued through. Available values: google, lets_encrypt. + The Certificate Authority that Total TLS certificates will be issued through. Available values: `google`, `lets_encrypt`. + type: string + enabled: + description: |- + (Boolean) Enable Total TLS for the zone. + Enable Total TLS for the zone. + type: boolean + id: + description: (String) The ID of this resource. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + type: object + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. + format: date-time + type: string + message: + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/package/crds/zone.cloudflare.upbound.io_urlnormalizationsettings.yaml b/package/crds/zone.cloudflare.upbound.io_urlnormalizationsettings.yaml index 6e52bac..f3d9604 100644 --- a/package/crds/zone.cloudflare.upbound.io_urlnormalizationsettings.yaml +++ b/package/crds/zone.cloudflare.upbound.io_urlnormalizationsettings.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: urlnormalizationsettings.zone.cloudflare.upbound.io spec: group: zone.cloudflare.upbound.io @@ -36,17 +35,22 @@ spec: schema: openAPIV3Schema: description: URLNormalizationSettings is the Schema for the URLNormalizationSettingss - API. + API. Provides a resource to manage URL Normalization Settings. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -56,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -66,14 +75,19 @@ spec: forProvider: properties: scope: - description: The scope of the URL normalization. + description: |- + (String) The scope of the URL normalization. + The scope of the URL normalization. type: string type: - description: The type of URL normalization performed by Cloudflare. + description: |- + (String) The type of URL normalization performed by Cloudflare. + The type of URL normalization performed by Cloudflare. type: string zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone to populate zoneId. @@ -86,21 +100,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -113,8 +127,9 @@ spec: description: Selector for a Zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -127,73 +142,165 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - scope - - type type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + scope: + description: |- + (String) The scope of the URL normalization. + The scope of the URL normalization. type: string - policy: - description: Policies for referencing. + type: + description: |- + (String) The type of URL normalization performed by Cloudflare. + The type of URL normalization performed by Cloudflare. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -203,21 +310,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -227,17 +334,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -247,21 +356,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -276,21 +385,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -301,14 +411,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -323,6 +434,15 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.scope is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.scope) + || (has(self.initProvider) && has(self.initProvider.scope))' + - message: spec.forProvider.type is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.type) + || (has(self.initProvider) && has(self.initProvider.type))' status: description: URLNormalizationSettingsStatus defines the observed state of URLNormalizationSettings. @@ -330,6 +450,22 @@ spec: atProvider: properties: id: + description: (String) The ID of this resource. + type: string + scope: + description: |- + (String) The scope of the URL normalization. + The scope of the URL normalization. + type: string + type: + description: |- + (String) The type of URL normalization performed by Cloudflare. + The type of URL normalization performed by Cloudflare. + type: string + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -338,13 +474,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -355,8 +493,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -365,6 +504,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -373,9 +515,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/zone.cloudflare.upbound.io_useragentblockingrules.yaml b/package/crds/zone.cloudflare.upbound.io_useragentblockingrules.yaml index c347063..d9109bf 100644 --- a/package/crds/zone.cloudflare.upbound.io_useragentblockingrules.yaml +++ b/package/crds/zone.cloudflare.upbound.io_useragentblockingrules.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: useragentblockingrules.zone.cloudflare.upbound.io spec: group: zone.cloudflare.upbound.io @@ -36,17 +35,22 @@ spec: schema: openAPIV3Schema: description: UserAgentBlockingRule is the Schema for the UserAgentBlockingRules - API. + API. Provides a resource to manage User Agent Blocking Rules. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -55,9 +59,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -65,36 +74,42 @@ spec: forProvider: properties: configuration: - description: The configuration object for the current rule. + description: |- + (Block List, Min: 1, Max: 1) The configuration object for the current rule. (see below for nested schema) + The configuration object for the current rule. items: properties: target: - description: The configuration target for this rule. You - must set the target to ua for User Agent Blocking rules. + description: |- + (String) The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. + The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. type: string value: - description: The exact user agent string to match. This - value will be compared to the received User-Agent HTTP - header value. + description: |- + Agent HTTP header value. + The exact user agent string to match. This value will be compared to the received User-Agent HTTP header value. type: string - required: - - target - - value type: object type: array description: - description: An informative summary of the rule. + description: |- + (String) An informative summary of the rule. + An informative summary of the rule. type: string mode: - description: 'The action to apply to a matched request. Available - values: `block`, `challenge`, `js_challenge`, `managed_challenge`.' + description: |- + (String) The action to apply to a matched request. Available values: block, challenge, js_challenge, managed_challenge. + The action to apply to a matched request. Available values: `block`, `challenge`, `js_challenge`, `managed_challenge`. type: string paused: - description: When true, indicates that the rule is currently paused. + description: |- + (Boolean) When true, indicates that the rule is currently paused. + When true, indicates that the rule is currently paused. type: boolean zoneId: - description: The zone identifier to target for the resource. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string zoneIdRef: description: Reference to a Zone to populate zoneId. @@ -107,21 +122,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -134,8 +149,9 @@ spec: description: Selector for a Zone to populate zoneId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -148,75 +164,188 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent type: string type: object type: object - required: - - configuration - - description - - mode - - paused type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + configuration: + description: |- + (Block List, Min: 1, Max: 1) The configuration object for the current rule. (see below for nested schema) + The configuration object for the current rule. + items: + properties: + target: + description: |- + (String) The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. + The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. + type: string + value: + description: |- + Agent HTTP header value. + The exact user agent string to match. This value will be compared to the received User-Agent HTTP header value. + type: string + type: object + type: array + description: + description: |- + (String) An informative summary of the rule. + An informative summary of the rule. type: string - policy: - description: Policies for referencing. + mode: + description: |- + (String) The action to apply to a matched request. Available values: block, challenge, js_challenge, managed_challenge. + The action to apply to a matched request. Available values: `block`, `challenge`, `js_challenge`, `managed_challenge`. + type: string + paused: + description: |- + (Boolean) When true, indicates that the rule is currently paused. + When true, indicates that the rule is currently paused. + type: boolean + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + type: string + zoneIdRef: + description: Reference to a Zone to populate zoneId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + zoneIdSelector: + description: Selector for a Zone to populate zoneId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object type: object - required: - - name type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -226,21 +355,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -250,17 +379,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -270,21 +401,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -299,21 +430,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -324,14 +456,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -346,13 +479,69 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.configuration is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.configuration) + || (has(self.initProvider) && has(self.initProvider.configuration))' + - message: spec.forProvider.description is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.description) + || (has(self.initProvider) && has(self.initProvider.description))' + - message: spec.forProvider.mode is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.mode) + || (has(self.initProvider) && has(self.initProvider.mode))' + - message: spec.forProvider.paused is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.paused) + || (has(self.initProvider) && has(self.initProvider.paused))' status: description: UserAgentBlockingRuleStatus defines the observed state of UserAgentBlockingRule. properties: atProvider: properties: + configuration: + description: |- + (Block List, Min: 1, Max: 1) The configuration object for the current rule. (see below for nested schema) + The configuration object for the current rule. + items: + properties: + target: + description: |- + (String) The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. + The configuration target for this rule. You must set the target to ua for User Agent Blocking rules. + type: string + value: + description: |- + Agent HTTP header value. + The exact user agent string to match. This value will be compared to the received User-Agent HTTP header value. + type: string + type: object + type: array + description: + description: |- + (String) An informative summary of the rule. + An informative summary of the rule. + type: string id: + description: (String) The ID of this resource. + type: string + mode: + description: |- + (String) The action to apply to a matched request. Available values: block, challenge, js_challenge, managed_challenge. + The action to apply to a matched request. Available values: `block`, `challenge`, `js_challenge`, `managed_challenge`. + type: string + paused: + description: |- + (Boolean) When true, indicates that the rule is currently paused. + When true, indicates that the rule is currently paused. + type: boolean + zoneId: + description: |- + (String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource. + The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -361,13 +550,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -378,8 +569,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -388,6 +580,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -396,9 +591,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/package/crds/zone.cloudflare.upbound.io_zones.yaml b/package/crds/zone.cloudflare.upbound.io_zones.yaml index 5206559..45d99e7 100644 --- a/package/crds/zone.cloudflare.upbound.io_zones.yaml +++ b/package/crds/zone.cloudflare.upbound.io_zones.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: zones.zone.cloudflare.upbound.io spec: group: zone.cloudflare.upbound.io @@ -35,17 +34,24 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: Zone is the Schema for the Zones API. + description: Zone is the Schema for the Zones API. Provides a Cloudflare Zone + resource. Zone is the basic resource for working with Cloudflare and is + roughly equivalent to a domain name that the user purchases. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,9 +60,14 @@ spec: properties: deletionPolicy: default: Delete - description: DeletionPolicy specifies what will happen to the underlying - external when this managed resource is deleted - either "Delete" - or "Orphan" the external resource. + description: |- + DeletionPolicy specifies what will happen to the underlying external + when this managed resource is deleted - either "Delete" or "Orphan" the + external resource. + This field is planned to be deprecated in favor of the ManagementPolicies + field in a future release. Currently, both could be set independently and + non-default values would be honored if the feature flag is enabled. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 enum: - Orphan - Delete @@ -64,7 +75,9 @@ spec: forProvider: properties: accountId: - description: Account ID to manage the zone resource in. + description: |- + (String) Account ID to manage the zone resource in. + Account ID to manage the zone resource in. type: string accountIdRef: description: Reference to a Account in account to populate accountId. @@ -77,21 +90,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -104,8 +117,9 @@ spec: description: Selector for a Account in account to populate accountId. properties: matchControllerRef: - description: MatchControllerRef ensures an object with the - same controller reference as the selecting object is selected. + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. type: boolean matchLabels: additionalProperties: @@ -118,21 +132,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -140,73 +154,183 @@ spec: type: object type: object jumpStart: - description: Whether to scan for DNS records on creation. Ignored - after zone is created. + description: |- + (Boolean) Whether to scan for DNS records on creation. Ignored after zone is created. + Whether to scan for DNS records on creation. Ignored after zone is created. type: boolean paused: - description: Whether this zone is paused (traffic bypasses Cloudflare). - Defaults to `false`. + description: |- + (Boolean) Whether this zone is paused (traffic bypasses Cloudflare). Defaults to false. + Whether this zone is paused (traffic bypasses Cloudflare). Defaults to `false`. type: boolean plan: - description: 'The name of the commercial plan to apply to the - zone. Available values: `free`, `lite`, `pro`, `pro_plus`, `business`, - `enterprise`, `partners_free`, `partners_pro`, `partners_business`, - `partners_enterprise`.' + description: |- + (String) The name of the commercial plan to apply to the zone. Available values: free, lite, pro, pro_plus, business, enterprise, partners_free, partners_pro, partners_business, partners_enterprise. + The name of the commercial plan to apply to the zone. Available values: `free`, `lite`, `pro`, `pro_plus`, `business`, `enterprise`, `partners_free`, `partners_pro`, `partners_business`, `partners_enterprise`. type: string type: - description: 'A full zone implies that DNS is hosted with Cloudflare. - A partial zone is typically a partner-hosted zone or a CNAME - setup. Available values: `full`, `partial`. Defaults to `full`.' + description: |- + hosted zone or a CNAME setup. Available values: full, partial. Defaults to full. + A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. Available values: `full`, `partial`. Defaults to `full`. type: string zone: - description: The DNS zone name which will be added. **Modifying - this attribute will force creation of a new resource.** + description: |- + (String) The DNS zone name which will be added. Modifying this attribute will force creation of a new resource. + The DNS zone name which will be added. **Modifying this attribute will force creation of a new resource.** type: string - required: - - zone type: object - providerConfigRef: - default: - name: default - description: ProviderConfigReference specifies how the provider that - will be used to create, observe, update, and delete this managed - resource should be configured. + initProvider: + description: |- + THIS IS A BETA FIELD. It will be honored + unless the Management Policies feature flag is disabled. + InitProvider holds the same fields as ForProvider, with the exception + of Identifier and other resource reference fields. The fields that are + in InitProvider are merged into ForProvider when the resource is created. + The same fields are also added to the terraform ignore_changes hook, to + avoid updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after creation, + for example because of an external controller is managing them, like an + autoscaler. properties: - name: - description: Name of the referenced object. + accountId: + description: |- + (String) Account ID to manage the zone resource in. + Account ID to manage the zone resource in. type: string - policy: - description: Policies for referencing. + accountIdRef: + description: Reference to a Account in account to populate accountId. properties: - resolution: - default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. - enum: - - Always - - IfNotPresent + name: + description: Name of the referenced object. type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name type: object - required: - - name + accountIdSelector: + description: Selector for a Account in account to populate accountId. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + jumpStart: + description: |- + (Boolean) Whether to scan for DNS records on creation. Ignored after zone is created. + Whether to scan for DNS records on creation. Ignored after zone is created. + type: boolean + paused: + description: |- + (Boolean) Whether this zone is paused (traffic bypasses Cloudflare). Defaults to false. + Whether this zone is paused (traffic bypasses Cloudflare). Defaults to `false`. + type: boolean + plan: + description: |- + (String) The name of the commercial plan to apply to the zone. Available values: free, lite, pro, pro_plus, business, enterprise, partners_free, partners_pro, partners_business, partners_enterprise. + The name of the commercial plan to apply to the zone. Available values: `free`, `lite`, `pro`, `pro_plus`, `business`, `enterprise`, `partners_free`, `partners_pro`, `partners_business`, `partners_enterprise`. + type: string + type: + description: |- + hosted zone or a CNAME setup. Available values: full, partial. Defaults to full. + A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. Available values: `full`, `partial`. Defaults to `full`. + type: string + zone: + description: |- + (String) The DNS zone name which will be added. Modifying this attribute will force creation of a new resource. + The DNS zone name which will be added. **Modifying this attribute will force creation of a new resource.** + type: string type: object - providerRef: - description: 'ProviderReference specifies the provider that will be - used to create, observe, update, and delete this managed resource. - Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + managementPolicies: + default: + - '*' + description: |- + THIS IS A BETA FIELD. It is on by default but can be opted out + through a Crossplane feature flag. + ManagementPolicies specify the array of actions Crossplane is allowed to + take on the managed and external resources. + This field is planned to replace the DeletionPolicy field in a future + release. Currently, both could be set independently and non-default + values would be honored if the feature flag is enabled. If both are + custom, the DeletionPolicy field will be ignored. + See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md + items: + description: |- + A ManagementAction represents an action that the Crossplane controllers + can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array + providerConfigRef: + default: + name: default + description: |- + ProviderConfigReference specifies how the provider that will be used to + create, observe, update, and delete this managed resource should be + configured. properties: name: description: Name of the referenced object. @@ -216,21 +340,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of this - reference is required. The default is 'Required', which - means the reconcile will fail if the reference cannot be - resolved. 'Optional' means this reference will be a no-op - if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will attempt - to resolve the reference only when the corresponding field - is not present. Use 'Always' to resolve the reference on - every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -240,17 +364,19 @@ spec: - name type: object publishConnectionDetailsTo: - description: PublishConnectionDetailsTo specifies the connection secret - config which contains a name, metadata and a reference to secret - store config to which any connection details for this managed resource - should be written. Connection details frequently include the endpoint, - username, and password required to connect to the managed resource. + description: |- + PublishConnectionDetailsTo specifies the connection secret config which + contains a name, metadata and a reference to secret store config to + which any connection details for this managed resource should be written. + Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. properties: configRef: default: name: default - description: SecretStoreConfigRef specifies which secret store - config should be used for this ConnectionSecret. + description: |- + SecretStoreConfigRef specifies which secret store config should be used + for this ConnectionSecret. properties: name: description: Name of the referenced object. @@ -260,21 +386,21 @@ spec: properties: resolution: default: Required - description: Resolution specifies whether resolution of - this reference is required. The default is 'Required', - which means the reconcile will fail if the reference - cannot be resolved. 'Optional' means this reference - will be a no-op if it cannot be resolved. + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. enum: - Required - Optional type: string resolve: - description: Resolve specifies when this reference should - be resolved. The default is 'IfNotPresent', which will - attempt to resolve the reference only when the corresponding - field is not present. Use 'Always' to resolve the reference - on every reconcile. + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. enum: - Always - IfNotPresent @@ -289,21 +415,22 @@ spec: annotations: additionalProperties: type: string - description: Annotations are the annotations to be added to - connection secret. - For Kubernetes secrets, this will be - used as "metadata.annotations". - It is up to Secret Store - implementation for others store types. + description: |- + Annotations are the annotations to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.annotations". + - It is up to Secret Store implementation for others store types. type: object labels: additionalProperties: type: string - description: Labels are the labels/tags to be added to connection - secret. - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store - types. + description: |- + Labels are the labels/tags to be added to connection secret. + - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store types. type: object type: - description: Type is the SecretType for the connection secret. + description: |- + Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. type: string type: object @@ -314,14 +441,15 @@ spec: - name type: object writeConnectionSecretToRef: - description: WriteConnectionSecretToReference specifies the namespace - and name of a Secret to which any connection details for this managed - resource should be written. Connection details frequently include - the endpoint, username, and password required to connect to the - managed resource. This field is planned to be replaced in a future - release in favor of PublishConnectionDetailsTo. Currently, both - could be set independently and connection details would be published - to both without affecting each other. + description: |- + WriteConnectionSecretToReference specifies the namespace and name of a + Secret to which any connection details for this managed resource should + be written. Connection details frequently include the endpoint, username, + and password required to connect to the managed resource. + This field is planned to be replaced in a future release in favor of + PublishConnectionDetailsTo. Currently, both could be set independently + and connection details would be published to both without affecting + each other. properties: name: description: Name of the secret. @@ -336,35 +464,78 @@ spec: required: - forProvider type: object + x-kubernetes-validations: + - message: spec.forProvider.zone is a required parameter + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.zone) + || (has(self.initProvider) && has(self.initProvider.zone))' status: description: ZoneStatus defines the observed state of Zone. properties: atProvider: properties: + accountId: + description: |- + (String) Account ID to manage the zone resource in. + Account ID to manage the zone resource in. + type: string id: + description: (String) The ID of this resource. type: string + jumpStart: + description: |- + (Boolean) Whether to scan for DNS records on creation. Ignored after zone is created. + Whether to scan for DNS records on creation. Ignored after zone is created. + type: boolean meta: additionalProperties: type: boolean + description: (Map of Boolean) type: object + x-kubernetes-map-type: granular nameServers: - description: Cloudflare-assigned name servers. This is only populated - for zones that use Cloudflare DNS. + description: |- + assigned name servers. This is only populated for zones that use Cloudflare DNS. + Cloudflare-assigned name servers. This is only populated for zones that use Cloudflare DNS. items: type: string type: array + paused: + description: |- + (Boolean) Whether this zone is paused (traffic bypasses Cloudflare). Defaults to false. + Whether this zone is paused (traffic bypasses Cloudflare). Defaults to `false`. + type: boolean + plan: + description: |- + (String) The name of the commercial plan to apply to the zone. Available values: free, lite, pro, pro_plus, business, enterprise, partners_free, partners_pro, partners_business, partners_enterprise. + The name of the commercial plan to apply to the zone. Available values: `free`, `lite`, `pro`, `pro_plus`, `business`, `enterprise`, `partners_free`, `partners_pro`, `partners_business`, `partners_enterprise`. + type: string status: - description: 'Status of the zone. Available values: `active`, - `pending`, `initializing`, `moved`, `deleted`, `deactivated`.' + description: |- + (String) Status of the zone. Available values: active, pending, initializing, moved, deleted, deactivated. + Status of the zone. Available values: `active`, `pending`, `initializing`, `moved`, `deleted`, `deactivated`. + type: string + type: + description: |- + hosted zone or a CNAME setup. Available values: full, partial. Defaults to full. + A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. Available values: `full`, `partial`. Defaults to `full`. type: string vanityNameServers: - description: List of Vanity Nameservers (if set). + description: |- + (List of String) List of Vanity Nameservers (if set). + List of Vanity Nameservers (if set). items: type: string type: array verificationKey: - description: Contains the TXT record value to validate domain - ownership. This is only populated for zones of type `partial`. + description: |- + (String) Contains the TXT record value to validate domain ownership. This is only populated for zones of type partial. + Contains the TXT record value to validate domain ownership. This is only populated for zones of type `partial`. + type: string + zone: + description: |- + (String) The DNS zone name which will be added. Modifying this attribute will force creation of a new resource. + The DNS zone name which will be added. **Modifying this attribute will force creation of a new resource.** type: string type: object conditions: @@ -373,13 +544,15 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: LastTransitionTime is the last time this condition - transitioned from one status to another. + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. format: date-time type: string message: - description: A Message containing details about this condition's - last transition from one status to another, if any. + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. type: string reason: description: A Reason for this condition's last transition from @@ -390,8 +563,9 @@ spec: False, or Unknown? type: string type: - description: Type of this condition. At most one of each condition - type may apply to a resource at any point in time. + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. type: string required: - lastTransitionTime @@ -400,6 +574,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map type: object required: - spec @@ -408,9 +585,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: []